Merge branch 'pr-1687-prevent-0xFF-PGP-signature' into 'main'

pr-1687-prevent-0xFF-PGP-signature

See merge request root/bc-java!14

Author: dghgit

pg/src/main/java/org/bouncycastle/openpgp/PGPSignature.java

@@ -149,6 +149,10 @@ public boolean isCertification()
     public void init(PGPContentVerifierBuilderProvider verifierBuilderProvider, PGPPublicKey pubKey)
         throws PGPException
     {
+        if (sigType == 0xFF)
+        {
+            throw new PGPException("Illegal signature type 0xFF provided.");
+        }
         PGPContentVerifierBuilder verifierBuilder = createVerifierProvider(verifierBuilderProvider);
 
         init(verifierBuilder.build(pubKey));

pg/src/main/java/org/bouncycastle/openpgp/PGPSignatureGenerator.java

@@ -53,6 +53,10 @@ public void init(
         PGPPrivateKey key)
         throws PGPException
     {
+        if (signatureType == 0xFF)
+        {
+            throw new PGPException("Illegal signature type 0xFF provided.");
+        }
         contentSigner = contentSignerBuilder.build(signatureType, key);
         sigOut = contentSigner.getOutputStream();
         sigType = contentSigner.getType();

pg/src/main/java/org/bouncycastle/openpgp/PGPV3SignatureGenerator.java

@@ -44,6 +44,11 @@ public void init(
         PGPPrivateKey key)
         throws PGPException
     {
+        if (signatureType == 0xFF)
+        {
+            throw new PGPException("Illegal signature type 0xFF provided.");
+        }
+        
         contentSigner = contentSignerBuilder.build(signatureType, key);
         sigOut = contentSigner.getOutputStream();
         sigType = contentSigner.getType();

pg/src/test/java/org/bouncycastle/openpgp/test/PGPSignatureTest.java

@@ -11,14 +11,7 @@
 import java.util.Date;
 import java.util.Iterator;
 
-import org.bouncycastle.bcpg.ArmoredInputStream;
-import org.bouncycastle.bcpg.CompressionAlgorithmTags;
-import org.bouncycastle.bcpg.HashAlgorithmTags;
-import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
-import org.bouncycastle.bcpg.SignatureSubpacket;
-import org.bouncycastle.bcpg.SignatureSubpacketInputStream;
-import org.bouncycastle.bcpg.SignatureSubpacketTags;
-import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags;
+import org.bouncycastle.bcpg.*;
 import org.bouncycastle.bcpg.sig.IntendedRecipientFingerprint;
 import org.bouncycastle.bcpg.sig.IssuerFingerprint;
 import org.bouncycastle.bcpg.sig.KeyFlags;
@@ -45,7 +38,10 @@
 import org.bouncycastle.openpgp.PGPV3SignatureGenerator;
 import org.bouncycastle.openpgp.bc.BcPGPObjectFactory;
 import org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory;
+import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
+import org.bouncycastle.openpgp.operator.PGPContentVerifierBuilderProvider;
 import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator;
+import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder;
 import org.bouncycastle.openpgp.operator.bc.BcPGPContentVerifierBuilderProvider;
 import org.bouncycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;
 import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
@@ -762,6 +758,7 @@ public void performTest()
         testSignatureTarget();
         testUserAttributeEncoding();
         testExportNonExportableSignature();
+        testRejectionOfIllegalSignatureType0xFF();
     }
 
     private void testUserAttributeEncoding()
@@ -1367,6 +1364,55 @@ public void testExportNonExportableSignature()
         isTrue(nonExportableSig.getEncoded(true).length == 0);
     }
 
+    private void testRejectionOfIllegalSignatureType0xFF()
+        throws PGPException, IOException
+    {
+        PGPSecretKeyRing pgpPriv = new PGPSecretKeyRing(rsaKeyRing, new JcaKeyFingerprintCalculator());
+        PGPSecretKey secretKey = pgpPriv.getSecretKey();
+        PGPPrivateKey pgpPrivKey = secretKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(rsaPass));
+
+        PGPContentSignerBuilder sigBuilder = new BcPGPContentSignerBuilder(
+            PublicKeyAlgorithmTags.RSA_GENERAL, HashAlgorithmTags.SHA512);
+        PGPSignatureGenerator generator = new PGPSignatureGenerator(sigBuilder);
+        try
+        {
+            generator.init(0xFF, pgpPrivKey);
+            fail("Generating signature of type 0xff MUST fail.");
+        }
+        catch (PGPException e)
+        {
+            // Expected
+        }
+
+        PGPV3SignatureGenerator generatorV3 = new PGPV3SignatureGenerator(sigBuilder);
+        try
+        {
+            generatorV3.init(0xFF, pgpPrivKey);
+            fail("Generating V3 signature of type 0xff MUST fail.");
+        }
+        catch (PGPException e)
+        {
+            // Expected
+        }
+
+        PGPContentVerifierBuilderProvider verifBuilder = new BcPGPContentVerifierBuilderProvider();
+
+        // signature of type 0xff (illegal)
+        byte[] hexSig = Hex.decode("889c04ff010a000605026655fdbe000a0910b3c272c907c7f7b2133604008dc801695e0905a21a03b832dfd576d66dc23a6ac8715128aaa5cee941b36660efd3c47618c5e880b2dc5e8a34638f10061ae6a9724a2306b66eeb4aec79b49ce4ec48f6de0b5119fc7911e9e2a7677bc4a1f6dd783ce15949457872246e0b415c6f8e3390da90597b059009dcc64723adbc45530a1db0ef70fcffbfc97af6b6");
+        ByteArrayInputStream bIn = new ByteArrayInputStream(hexSig);
+        BCPGInputStream pIn = new BCPGInputStream(bIn);
+        PGPSignature s = new PGPSignature(pIn);
+        try
+        {
+            s.init(verifBuilder, secretKey.getPublicKey());
+            fail("Verifying signature of type 0xff MUST fail.");
+        }
+        catch (PGPException e)
+        {
+            // expected
+        }
+    }
+
     private PGPSignatureList readSignatures(String armored)
         throws IOException
     {