any valid self-sig should mark a user ID or subkey as valid - otherwise,

an attacker could DoS the user by inventing a bogus invalid self-signature.
2025-01-10 13:04:23 +01:00 · 2002-03-13 13:28:18 +00:00 · 2002-03-13 13:28:18 +00:00 · 22bc1b3a5e
commit 22bc1b3a5e
parent bcf95b1d25
2 changed files with 22 additions and 13 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,9 @@
+2002-03-13  David Shaw  <dshaw@jabberwocky.com>
+
+	* import.c (chk_self_sigs): any valid self-sig should mark a user
+	ID or subkey as valid - otherwise, an attacker could DoS the user
+	by inventing a bogus invalid self-signature.
+
 2002-03-07  David Shaw  <dshaw@jabberwocky.com>

 	* g10.c (main): make a few more strings translatable.
--- a/g10/import.c
+++ b/g10/import.c
@ -815,16 +815,18 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
 					    (ulong)keyid[1]);
 		    return -1;	/* the complete keyblock is invalid */
 		}
-		rc = check_key_signature( keyblock, n, NULL);
-		if( rc ) {
-		    log_info( rc == G10ERR_PUBKEY_ALGO ?
-			 _("key %08lX: unsupported public key algorithm\n"):
-			 _("key %08lX: invalid self-signature\n"),
-				     (ulong)keyid[1]);

-		    unode->flag |= 2; /* mark as invalid */
+		/* If it hasn't been marked valid yet, keep trying */
+		if(!(unode->flag&1)) {
+		  rc = check_key_signature( keyblock, n, NULL);
+		  if( rc )
+		    log_info( rc == G10ERR_PUBKEY_ALGO ?
+			   _("key %08lX: unsupported public key algorithm\n"):
+			   _("key %08lX: invalid self-signature\n"),
+			      (ulong)keyid[1]);
+		  else
+		    unode->flag |= 1; /* mark that signature checked */
 		}
-		unode->flag |= 1; /* mark that signature checked */
 	    }
 	    else if( sig->sig_class == 0x18 ) {
 		KBNODE knode = find_prev_kbnode( keyblock,
@ -839,16 +841,17 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
 		    n->flag |= 4; /* delete this */
 		}
 		else {
+		  /* If it hasn't been marked valid yet, keep trying */
+		  if(!(knode->flag&1)) {
 		    rc = check_key_signature( keyblock, n, NULL);
-		    if( rc ) {
+		    if( rc )
 			log_info(  rc == G10ERR_PUBKEY_ALGO ?
 			   _("key %08lX: unsupported public key algorithm\n"):
 			   _("key %08lX: invalid subkey binding\n"),
 					 (ulong)keyid[1]);
-
-			knode->flag |= 2; /* mark as invalid */
-		    }
-		    knode->flag |= 1; /* mark that signature checked */
+		    else
+		      knode->flag |= 1; /* mark that signature checked */
+		  }
 		}
 	    }
 	}