-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rnp processes unauthenticated partial chunks of AEAD encrypted data packets #807
Comments
I had some trouble with the provided data, but I was able to confirm this behavior.
|
Yeah, currently AEAD works this way since it handles all sizes of chunks specified in RFC4880-bis, which may be too large to cache somewhere in memory. I know there is an ongoing discussion in RFC working group regarding AEAD chunk size, so probably good idea is to wait till it ends with some decision. While we can cache chunk of small size and output larger ones this will not be a 100% correct solution. |
If you think that there is now way to safely implement AEAD as proposed in RFC4880-bis06, please speak up on the IETF mailing list, because your current position there is
|
@ni4 Can I take this one or are there more prioritized? |
@rrrooommmaaa As for me this one is a bit of lower priority and still requires some discussion on implementation logic. As for me the simplest and the most urgent one is #1103, then #1099, and if you like Windows stuff - very important but a way more time-consuming would be #997. |
Description
First, rnp still lacks a way to responsibly disclose problems with their code.
Second, rnp processes unauthenticated partial chunks of AEAD encrypted data packets.
Steps to Reproduce
Import this key: https://gitlab.com/sequoia-pgp/sequoia/raw/master/openpgp/tests/data/keys/testy-private.pgp?inline=false
Dearmor this file:
Expected Behavior
rnp MUST NOT process unauthenticated data.
Actual Behavior
rnp processes unauthenticated data:
Note the "unexpected pkt 60". This changes with the "session key" I choose to "decrypt" the stream of zeros.
Impact
Processing unauthenticated data negates the security benefits of doing AEAD.
What you can do
The text was updated successfully, but these errors were encountered: