Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sanitize boolean conversions in signature subpackets. #1575

Closed
wants to merge 8 commits into from
Closed

Sanitize boolean conversions in signature subpackets. #1575

wants to merge 8 commits into from

Conversation

vanitasvitae
Copy link
Contributor

Currently, a PrimaryUserID packet whose boolean value is encoded as an invalid, but non-zero value (e.g. 2) is interpreted as true.
I believe, BC should detect this invalid value as the sign that something went wrong and instead throw an exception.

This PR introduces the Bytes utility class in the core module, which contains two methods for converting between byte arrays and booleans.
Especially the fromByteArray() is more strict in that it does not allow arrays with a length other than 1 and also does not allow byte values other than 0 and 1.

@vanitasvitae vanitasvitae changed the title Sanitize booleans in primary user Sanitize booleans in PrimaryUserID subpacket. Jan 27, 2024
@vanitasvitae
Copy link
Contributor Author

The same type of sanitization can also be applied to Revocable and Exportable.
I'll add separate commits for these.

@vanitasvitae vanitasvitae changed the title Sanitize booleans in PrimaryUserID subpacket. Sanitize boolean conversions in signature subpackets. Jan 27, 2024
hubot pushed a commit that referenced this pull request Mar 4, 2024
Extract booleanToByteArray function, #1575
26be615
@dghgit
Copy link
Contributor

dghgit commented Mar 16, 2024

Thanks for the patch. Merged!

@dghgit dghgit closed this Mar 16, 2024
hubot pushed a commit that referenced this pull request Mar 16, 2024
@dghgit
added sanity checks for boolean flags - related to github #1575
98a0fbe
@vanitasvitae vanitasvitae deleted the sanitizeBooleansInPrimaryUserID branch September 17, 2024 12:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vanitasvitae @dghgit