Panic when attempting to extract public key from a secret key with no signed user ID. #259

link2xt · 2023-12-08T20:22:02Z

I have exported a private key from deltachat REPL.
Then I have split the key into packets with sq packet dump private-key-default.asc and got these files:

private-key-default.asc-0--SecretKey
private-key-default.asc-1--UserID
private-key-default.asc-2--Signature
private-key-default.asc-3--SecretSubkey
private-key-default.asc-4--Signature

As I tried to reproduce another bug reported on the forum https://support.delta.chat/t/cannot-import-private-key-from-text-file/2846 I removed Signature packets, both 2 (UserID signature) and 4 (key signature) by joining the key back without these packets: sq packet join private-key-default.asc-0--SecretKey private-key-default.asc-1--UserID private-key-default.asc-3--SecretSubkey > key-no-sig.asc.

Here is the resulting key-no-sig.asc file:

Attempting to import it into Delta Chat results in a panic.
Minimal test reproducing the panic in rPGP:

#[test]
fn test_key_no_signature() {
    let p = Path::new("./tests/key-no-sig.asc");
    let mut file = read_file(p.to_path_buf());

    let mut buf = vec![];
    file.read_to_end(&mut buf).unwrap();

    let input = ::std::str::from_utf8(buf.as_slice()).expect("failed to convert to string");
    let (key, _headers) = SignedSecretKey::from_string(input).expect("failed to parse key");
    key.verify().expect("invalid key");
    key.public_key();
}

.public_key() panics:

thread 'test_key_no_signature' panicked at 'missing user ids', src/composed/signed_key/shared.rs:119:35
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
test test_key_no_signature ... FAILED

failures:

failures:
    test_key_no_signature

test result: FAILED. 0 passed; 1 failed; 0 ignored; 0 measured; 55 filtered out; finished in 0.00s

Panic happens here:

rpgp/src/composed/signed_key/shared.rs

Lines 116 to 118 in 63f55a7

    
           let primary_user = self.users.iter().find(|u| u.is_primary()).map_or_else( 
        
               || self.users.first().expect("missing user ids"), 
        
               |user| user,

All unsigned user IDs are removed here:

rpgp/src/composed/signed_key/shared.rs

Lines 32 to 38 in 63f55a7

    
               if user.signatures.is_empty() { 
        
                   warn!("ignoring unsigned {}", user.id); 
        
                   false 
        
               } else { 
        
                   true 
        
               } 
        
           });

The text was updated successfully, but these errors were encountered:

link2xt · 2023-12-08T20:39:08Z

I produced another example with gpg as well:

I created a new key, ran gpg --edit-key, selected UserID with uid 1 command and deleted the signature with delsig command, then saved the key with save command and exported it. Full process is described here:
The process is described in https://support.delta.chat/t/cannot-import-private-key-from-text-file/2846/6?u=link2xt

dignifiedquire · 2023-12-09T07:11:26Z

this shouldn’t panic, but is certainly not a valid key

link2xt · 2023-12-09T16:16:24Z

.verify() actually passes, because it only checks that signatures on UserIDs are correct. If there is no signature or no UserID, it is fine.

hko-s · 2024-03-03T12:04:23Z

I think the reason for this problem is that, historically, the metadata for the primary key lives on the binding signature of the "primary User ID". The attempt to extract an unsigned KeyDetails involves attempting to gather information from disparate places in the source SignedKeyDetails.

Concretely: the KeyFlags for the primary key are assumed to be on the primary key binding signature Those KeyFlags are the most blatant thing that's missing in your tests, I think.

This kind of operation is very hairy, because OpenPGP certificates/public keys are complex, and it's not very rigorously defined what the semantics of a given set of key, signature and identity packets are supposed to be.

I'm not sure how to proceed with this problem, and wonder what the practical application is - in what context(s) is SignedKeyDetails::as_unsigned used?

dignifiedquire · 2024-03-03T16:09:44Z

we should just fail when reading this key, or return an error, I don’t think this is a format rpgp needs to support, just because the rfc is too vague

dignifiedquire · 2024-03-03T16:19:23Z

I got convinced that we will need to add proper support for this…

dignifiedquire added the bug label Jun 23, 2024

dignifiedquire assigned hko-s Jun 23, 2024

link2xt mentioned this issue Nov 18, 2024

Crash on start after update to 1.48.3 deltachat/deltachat-core-rust#6221

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Panic when attempting to extract public key from a secret key with no signed user ID. #259

Panic when attempting to extract public key from a secret key with no signed user ID. #259

link2xt commented Dec 8, 2023 •

edited

Loading

link2xt commented Dec 8, 2023

dignifiedquire commented Dec 9, 2023

link2xt commented Dec 9, 2023

hko-s commented Mar 3, 2024 •

edited

Loading

dignifiedquire commented Mar 3, 2024

dignifiedquire commented Mar 3, 2024

Panic when attempting to extract public key from a secret key with no signed user ID. #259

Panic when attempting to extract public key from a secret key with no signed user ID. #259

Comments

link2xt commented Dec 8, 2023 • edited Loading

link2xt commented Dec 8, 2023

dignifiedquire commented Dec 9, 2023

link2xt commented Dec 9, 2023

hko-s commented Mar 3, 2024 • edited Loading

dignifiedquire commented Mar 3, 2024

dignifiedquire commented Mar 3, 2024

link2xt commented Dec 8, 2023 •

edited

Loading

hko-s commented Mar 3, 2024 •

edited

Loading