Re: [Sks-devel] another bounds problem in SKS

[Yaron Minsky]

I'm just an idiot.  That's the same problem that came up last time. 
My apologies.  My presentation filter must be incomplete/broken.  I'll
figure this out soon.

y


On Wed, 29 Sep 2004 23:02:33 -0400, Yaron Minsky <address@hidden> wrote:
> Hmm.  I hadn't realized.  Are you sure that that's the problem with
> this key?  Try grabbing the key from sks.dnsalias.net.  I thought that
> my modifications would drop all packets with mpis that extend beyond
> the packet boundary.  When I try to grab the key, GPG complains of an
> overlarge mpi, not a premature packet end.  Here's the error I get:
> 
> pendor: yminsky $ gpg --keyserver sks.dnsalias.net --search-keys 0xA0ED982D
> gpg: searching for "0xA0ED982D" from HKP server sks.dnsalias.net
> Keys 1-3 of 3 for "0xA0ED982D"
> (1)     Christian Brueffer <address@hidden>
>           1024 bit DSA key A0ED982D, created 2002-10-14
> (2)     Christian Brueffer <address@hidden>
>           1024 bit DSA key A0ED982D, created 2002-10-14
> (3)     Christian Brueffer <address@hidden>
>           1024 bit DSA key A0ED982D, created 2002-10-14
> Enter number(s), N)ext, or Q)uit > 1 2 3
> gpg: mpi too large (22867 bits)
> gpg: read_block: read error: invalid packet
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
> gpg: mpi too large (22867 bits)
> gpg: read_block: read error: invalid packet
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
> gpg: mpi too large (22867 bits)
> gpg: read_block: read error: invalid packet
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
> 
> I'll check into this more tomorrow.  For the moment, I need to head off to 
> bed.
> 
> y
> 
> 
> 
> 
> On Wed, 29 Sep 2004 22:58:00 -0400, David Shaw <address@hidden> wrote:
> > On Wed, Sep 29, 2004 at 10:45:34PM -0400, Yaron Minsky wrote:
> > > <RANT>Sigh.  I just finished the first version of a patch (patch-16)
> > > that fixes the "MPI is larger than packet length" problem, and various
> > > others.  But if I figure this one correctly, GPG is barfing on this
> > > simply because one of the MPIs is too long, right?  This is just
> > > silly.  Can't GPG filter out bad packets at all?  The whole point of
> > > having a forgiving keyserver is that the clients should sort it out
> > > reasonably well in the end.  How did anyone ever expect PKS to
> > > work?</RANT>
> >
> > I'm the first person to complain about PKS, but this is one of the
> > things that PKS got right.  These packets are syntactically invalid
> > according to RFC-2440.  PKS quite appropriately drops them.
> >
> > Like I've been saying, it is very difficult to filter out bad packets
> > since once you establish a packet is bad, the whole stream needs to be
> > called into question.  In this particular case, the packets are being
> > corrupted in a very particular way.  Sure, I could code something to
> > detect this exact case, and may well do so in the future, but
> > regardless, SKS should not accept things that are completely invalid
> > according to the standard.
> >
> > > Ok, so how big of an MPI is over the limit that GPG is willing to
> > > accept?  Anyone?
> >
> > Just like before, it's not an oversize MPI.  It's an insane MPI - an
> > MPI that extends beyond the bounds of the enclosing packet.
> >
> > Packets that need to have this sanity checking are the public key
> > packets, public subkey packets, and signatures.  Basically, anything
> > with MPIs in it.
> >
> > David
> >
> >
> >
> >
> > _______________________________________________
> > Sks-devel mailing list
> > address@hidden
> > http://lists.nongnu.org/mailman/listinfo/sks-devel
> >
>