From 33e4d8b32a0baef91342527cce16cd47bcb1ee60 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Thu, 14 Jun 2012 16:18:20 +0200 Subject: add extra paranoia against subkey attacks (and a regression test), LP: #1013128, thanks to jdstrand and mdeslaur and Geori Guinski --- .../exploid-keyring-with-dupe-subkeys.pub | Bin 0 -> 2016 bytes test/integration/test-apt-key-net-update | 21 +++++++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 test/integration/exploid-keyring-with-dupe-subkeys.pub (limited to 'test') diff --git a/test/integration/exploid-keyring-with-dupe-subkeys.pub b/test/integration/exploid-keyring-with-dupe-subkeys.pub new file mode 100644 index 000000000..02d4e6ee8 Binary files /dev/null and b/test/integration/exploid-keyring-with-dupe-subkeys.pub differ diff --git a/test/integration/test-apt-key-net-update b/test/integration/test-apt-key-net-update index 452766b4d..d5205836f 100755 --- a/test/integration/test-apt-key-net-update +++ b/test/integration/test-apt-key-net-update @@ -49,6 +49,26 @@ else msgpass fi + +# test another possible attack vector using subkeys (LP: #1013128) +msgtest "add_keys_with_verify_against_master_keyring with subkey attack" +ADD_KEYRING=./keys/exploid-keyring-with-dupe-subkeys.pub +if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then + msgfail +else + msgpass +fi + +# ensure the keyring is still empty +gpg_out=$($GPG --list-keys) +msgtest "Test if keyring is empty" +if [ -n "" ]; then + msgfail +else + msgpass +fi + + # test good keyring and ensure we get no errors ADD_KEYRING=/usr/share/keyrings/ubuntu-archive-keyring.gpg if add_keys_with_verify_against_master_keyring $ADD_KEYRING $MASTER_KEYRING; then @@ -72,3 +92,4 @@ uid Ubuntu Archive Automatic Signing Key (2012) ' $GPG --list-keys + -- cgit v1.2.3