You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The key provided above specifies the pubkey algorithm as 0x16, which is defined as PubKeyAlgorithm.EdDSA but no signature field object is instantiated. So two things should happen:
PubKeyAlgorithm.EdDSA should be added to that dict (and EdDSASignature may also need to be defined if the format differs from ECDSASignature) so that it can actually parse
an OpaqueSignature class should be added to pgpy/packet/fields.py and used as a fallback, there's no reason for PGPy to raise an exception here.
I plan to implement this tonight and add appropriate test material to the test suite, and then get this and #217 out the door as PGPy v0.4.4
This increases the versioned dependency on the cryptography module to
2.6, since that is the version that provides the necessary ed25519
functionality.
We also add a "pure" 25519 OpenPGP certificate for testing purposes.
ClosesSecurityInnovation#221, SecurityInnovation#222, SecurityInnovation#247
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
While testing #221, i have found that I can reliably crash the parsing library on a public key that uses ed25519 elliptic curves.
With this test program:
... and micah's public key (ed25519-micah.asc.txt,
Micah Anderson <micah@riseup.net>
on the keyservers), I get the following backtrace:The text was updated successfully, but these errors were encountered: