From patchwork Sun Mar 6 10:00:46 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Allan McRae X-Patchwork-Id: 2041 Return-Path: Delivered-To: patchwork@archlinux.org Received: from mail.archlinux.org [95.216.189.61] by patchwork.archlinux.org with IMAP (fetchmail-6.4.27) for (single-drop); Sun, 06 Mar 2022 10:00:59 +0000 (UTC) Received: from mail.archlinux.org by mail.archlinux.org with LMTP id WFUGLlqGJGKnMgUAK+/4rw (envelope-from ) for ; Sun, 06 Mar 2022 10:00:58 +0000 Received: from lists.archlinux.org (lists.archlinux.org [95.217.236.249]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail.archlinux.org (Postfix) with ESMTPS id 8245CDABBD7; Sun, 6 Mar 2022 10:00:57 +0000 (UTC) Received: from lists.archlinux.org (localhost [IPv6:::1]) by lists.archlinux.org (Postfix) with ESMTP id 631BCDA6347; Sun, 6 Mar 2022 10:00:57 +0000 (UTC) X-Original-To: pacman-dev@lists.archlinux.org Delivered-To: pacman-dev@lists.archlinux.org Received: from mail.archlinux.org (mail.archlinux.org [95.216.189.61]) by lists.archlinux.org (Postfix) with ESMTPS id 2D45DDA6338 for ; Sun, 6 Mar 2022 10:00:56 +0000 (UTC) From: Allan McRae DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=archlinux.org; s=dkim-rsa; t=1646560856; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=BBH0qz8o2wNaOi9zR+4emVmyVgNznatW6Yqk0ZOSP4E=; b=hnHbfa0x9PkS75854lq+PRRhoeumo0fLViXbsr9SNpmOARsc4xrsgFsox1NcsVUt4UZEJI +1ygsR41nEIzY7QzQthr3m4fmQxeT6GybWQectHR5TBKN32wnUGh6cPzrx0XCbH6b6ALqM +G7ha6t/GLJw9OrS8RhC76/J2/XXpFDXVnHSyTrYRRiSGCNgKCHcOMEo5MqkMKMg6tDKMF qFt+Gl6+qhNxp0fvxMSjdnpf5BXLmwaO8FIxTSdLncNufPB9f65Nu+QK5tk1g7Sq77+Kx8 pYf9e75qAUJr+qQvrKU4dYLDwJGG5oH9TAwgkcJq24GQAQZAdKCBsRJy/knfnfmNZoB6fe oWwHU+WeOzEKw3Tee04BrLVCSxPNBwNRbP0/UDupm9cVkqjrz4AH8+GBvL6aJ9Yt2aChG/ 7f+yBwmVB9o7I/ukenZvGdNyCoJ83qhwv3s3Z9Tmzc+SG2fC6KT7GJlpcJLqn9CSkezrhl y8zZfJJmAauSEaiEYvz3ORaRINYrkpbQn5h7inbmdBetOgPbOuU4pFOW4qiV8ELsUEkZir sFR/yzWsQaS/83KRrSCvPeZTtH1T5BRpC4C138O96fDwWkGplbeTtagqSMkUJtZaw3ieqq q/cJhrE/YZ2bIrkP6T83pJvA5Cpmq18JgB+RD5GG3vopEuHlsMgTI= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=archlinux.org; s=dkim-ed25519; t=1646560856; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=BBH0qz8o2wNaOi9zR+4emVmyVgNznatW6Yqk0ZOSP4E=; b=GFGcQyryPwhJuUg57wDSUR8wm4Ldtp4vw4coy4Xg7zK2tokqRRK//qI0NSOED4fkHw0vKG FmwKkMViSwPZzxDA== To: pacman-dev@lists.archlinux.org Subject: [PATCH] Ensure WKD key lookup returns the correct key Date: Sun, 6 Mar 2022 20:00:46 +1000 Message-Id: <20220306100046.1704851-1-allan@archlinux.org> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 X-BeenThere: pacman-dev@lists.archlinux.org X-Mailman-Version: 2.1.39 Precedence: list List-Id: Discussion list for pacman development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: pacman-dev-bounces@lists.archlinux.org Sender: "pacman-dev" X-Rspamd-Queue-Id: 8245CDABBD7 Authentication-Results: mail.archlinux.org; dkim=pass header.d=archlinux.org header.s=dkim-rsa header.b=hnHbfa0x; dkim=pass header.d=archlinux.org header.s=dkim-ed25519 header.b=GFGcQyry; dmarc=pass (policy=none) header.from=archlinux.org; spf=pass (mail.archlinux.org: domain of pacman-dev-bounces@lists.archlinux.org designates 95.217.236.249 as permitted sender) smtp.mailfrom=pacman-dev-bounces@lists.archlinux.org X-Spamd-Result: default: False [-2.61 / 15.00]; DWL_DNSWL_MED(-2.00)[archlinux.org:dkim]; MID_CONTAINS_FROM(1.00)[]; R_MISSING_CHARSET(0.50)[]; DMARC_POLICY_ALLOW(-0.50)[archlinux.org,none]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; RCVD_IN_DNSWL_MED(-0.40)[95.217.236.249:from,95.216.189.61:received]; R_DKIM_ALLOW(-0.20)[archlinux.org:s=dkim-rsa,archlinux.org:s=dkim-ed25519]; MAILLIST(-0.20)[mailman]; R_SPF_ALLOW(-0.20)[+ip4:95.217.236.249:c]; MIME_GOOD(-0.10)[text/plain]; HAS_LIST_UNSUB(-0.01)[]; NEURAL_HAM(-0.00)[-1.000]; ASN(0.00)[asn:24940, ipnet:95.217.0.0/16, country:DE]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; PREVIOUSLY_DELIVERED(0.00)[pacman-dev@lists.archlinux.org]; FROM_HAS_DN(0.00)[]; DKIM_TRACE(0.00)[archlinux.org:+]; TO_DN_NONE(0.00)[]; FROM_NEQ_ENVFROM(0.00)[allan@archlinux.org,pacman-dev-bounces@lists.archlinux.org]; RCPT_COUNT_ONE(0.00)[1]; FORGED_SENDER_MAILLIST(0.00)[] X-Rspamd-Server: mail.archlinux.org Looking up a key using WKD just ensures you have a key with the same email address, it does not ensure that a key with the correct fingerprint has been downloaded. Check a key with the relevant fingerprint is available after a WKD import. --- lib/libalpm/signing.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index 8df2868c..0e022624 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -253,9 +253,10 @@ error: * This requires GPGME to call the gpg binary. * @param handle the context handle * @param email the email address of the key to import + * @param fpr the fingerprint key ID to look up (or NULL) * @return 0 on success, -1 on error */ -static int key_import_wkd(alpm_handle_t *handle, const char *email) +static int key_import_wkd(alpm_handle_t *handle, const char *email, const char *fpr) { gpgme_error_t gpg_err; gpgme_ctx_t ctx = {0}; @@ -274,7 +275,12 @@ static int key_import_wkd(alpm_handle_t *handle, const char *email) _alpm_log(handle, ALPM_LOG_DEBUG, _("looking up key %s using WKD\n"), email); gpg_err = gpgme_get_key(ctx, email, &key, 0); if(gpg_err_code(gpg_err) == GPG_ERR_NO_ERROR) { - ret = 0; + /* check if correct key was imported via WKD */ + if(fpr && _alpm_key_in_keychain(handle, fpr)) { + ret = 0; + } else { + _alpm_log(handle, ALPM_LOG_DEBUG, "key lookup failed: WKD imported wrong fingerprint\n"); + } } gpgme_key_unref(key); @@ -516,7 +522,7 @@ int _alpm_key_import(alpm_handle_t *handle, const char *uid, const char *fpr) if(question.import) { /* Try to import the key from a WKD first */ if(email_from_uid(uid, &email) == 0) { - ret = key_import_wkd(handle, email); + ret = key_import_wkd(handle, email, fpr); free(email); }