Re: [Sks-devel] another bounds problem in SKS

[Yaron Minsky]

I have another SKS patch out (patch-17), and it includes some more
improvements to the presentation filter that should catch the example
you provided.  Try it out at sks.dnsalias.net.  sks.dnsalias.net is
now not engaging in gossip, but the "sks db" daemon is running, so you
can query and add keys.  That key in question does have the
troublesome packet removed, and is now parsed without complaint by
pgpdump.

If anyone knows of other broken-packet types that GPG or PGP can't
repair, I'd like to hear about them.

Yaron


On Wed, 29 Sep 2004 20:13:19 -0400, Jason Harris <address@hidden> wrote:
> 
> Key 0xA0ED982D has a bad signature on the SKS servers:
> 
>   %pgpdump ...
>   [snip]
>   Old: Signature Packet(tag 2)(70 bytes)
>           Ver 4 - new
>           Sig type - Casual certification of a User ID and Public Key 
> packet(0x12).
>           Pub alg - DSA Digital Signature Algorithm(pub 17)
>           Hash alg - SHA1(hash 2)
>           Hashed Sub: signature creation time(sub 2)(4 bytes)
>                   Time - Fri Oct 17 06:24:54 EDT 2003
>           Sub: issuer key ID(sub 16)(8 bytes)
>                   Key ID - 0xC558590895ABF50C
>           Hash left 2 bytes - 3c 32
>           DSA r(159 bits) - ...
>           DSA s(22867 bits) - ...
>                   -> hash(160 bits)
>   Old: Trust Packet(tag 12)(648058310 bytes)
>           Trust - 1a 88 e2 73 a4 c9 56 b0 8d a0 f4 e5 12 2e 00 9e 33 12 [snip]
> 
> The current SKS hash is 9CE4D0537905AF1970660FEC3912207A.
> 
> (Also, GPG (1.2.6) won't import the key.)
> 
> --
> Jason Harris           |  NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it?
> address@hidden _|_ web:  http://keyserver.kjsl.com/~jharris/
>           Got photons?   (TM), (C) 2004
> 
> 
> 
> _______________________________________________
> Sks-devel mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/sks-devel
> 
> 
> 
> 
>