Skip to content

Fix ClassCastException when trying to verify misplaced subkey binding… #2185

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Fix ClassCastException when trying to verify misplaced subkey binding… #2185

wants to merge 1 commit into from
+3 −3

Conversation

@vanitasvitae
Copy link
Contributor

… signatures

Misplaced subkey binding signatures could result in the Signer being initialized using the wrong key material,
causing ClassCastExceptions.
This patch catches those exceptions and rethrows them as gracefully handled PGPSIgnatureExceptions.

@vanitasvitae vanitasvitae mentioned this pull request Oct 21, 2025
Open
@vanitasvitae
Copy link
Contributor Author

There is a test key in the referenced PGPainless bug report, however it contains peoples personal information, so I decided not to include it as a test.
However, I locally checked the correctness of the test.

@vanitasvitae
Copy link
Contributor Author

To add more details:
The bug is hit when BC tries to verify validity of an OpenPGP certificate with the following format:

PrimaryKey[Ed25519] 0x1234
  Subkey[Ed25519] 0xABCD
  Subkey[ECDH] 0x9876
    SubkeyBindingSignature[Ed25519, by 0x1234] (misplaced, actually belongs to 0xABCD)
      Embedded PrimaryKeyBindingSignature[Ed25519, by 0xABCD]

When verifying the validity of 0x9876, the misplaced binding signature is evaluated. BC tries to initialize the signature, and since the key material of 0x9876 is neither an instance of Ed25519PrivateKeyParameters nor of Ed25519PublicKeyParameters, it is assumed to be Ed448 key material: https://github.com/bcgit/bc-java/blob/main/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcImplProvider.java#L101-L105
The Ed448 signer then throws a ClassCastException when trying to cast the ECDH key material.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ligefeiBouncycastle ligefeiBouncycastle Awaiting requested review from ligefeiBouncycastle

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vanitasvitae