Blob Blame History Raw
From 329e2ec47f6cd3bc7ecf85abd9f2ab179c59914f Mon Sep 17 00:00:00 2001
Message-Id: <329e2ec47f6cd3bc7ecf85abd9f2ab179c59914f.1650871821.git.pmatilai@redhat.com>
From: Demi Marie Obenour <demi@invisiblethingslab.com>
Date: Thu, 14 Apr 2022 15:38:11 -0400
Subject: [PATCH] Fix OpenPGP key ID parsing regression

This fixes a regression in 598a771d8b4f4f480d4990ccf59b978d537201dd,
which caused RPM to parse key flags from a hashed key ID subpacket.  As
a result, RPM would wrongly reject a signature that had both key ID and
key usage flags subpackets in the hashed section.

(backported from commit 7f830132fe717d4b31c035bb3d08379451e3cd81)
---
 rpmio/rpmpgp.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
index deea65eae..242b34e19 100644
--- a/rpmio/rpmpgp.c
+++ b/rpmio/rpmpgp.c
@@ -528,6 +528,7 @@ static int pgpPrtSubType(const uint8_t *h, size_t hlen, pgpSigType sigtype,
 		_digp->saved |= PGPDIG_SAVED_ID;
 		memcpy(_digp->signid, p+1, sizeof(_digp->signid));
 	    }
+	    break;
 	case PGPSUBTYPE_KEY_FLAGS: /* Key usage flags */
 	    /* Subpackets in the unhashed section cannot be trusted */
 	    if (!hashed)
-- 
2.35.1