richardphibel / rpms / rpm

Forked from rpms/rpm 2 years ago
Clone
686848
From 82c53e4b7f720012a391d8f6e5da9ee3c4f22bed Mon Sep 17 00:00:00 2001
686848
From: Demi Marie Obenour <demi@invisiblethingslab.com>
686848
Date: Thu, 6 May 2021 18:34:45 -0400
686848
Subject: [PATCH] Validate and require subkey binding signatures on PGP public
686848
 keys
686848
686848
All subkeys must be followed by a binding signature by the primary key
686848
as per the OpenPGP RFC, enforce the presence and validity in the parser.
686848
686848
The implementation is as kludgey as they come to work around our
686848
simple-minded parser structure without touching API, to maximise
686848
backportability. Store all the raw packets internally as we decode them
686848
to be able to access previous elements at will, needed to validate ordering
686848
and access the actual data. Add testcases for manipulated keys whose
686848
import previously would succeed.
686848
686848
Combined with:
686848
5ff86764b17f31535cb247543a90dd739076ec38
686848
b5e8bc74b2b05aa557f663fe227b94d2bc64fbd8
686848
9f03f42e2614a68f589f9db8fe76287146522c0c
686848
b6dffb6dc5ffa2ddc389743f0507876cab341315 (mem-leak fix)
686848
ae3d2d234ae47ff85229d3fce97a266fa1aa5a61 (use-after-free fix)
686848
686848
Fixes CVE-2021-3521.
686848
---
686848
 rpmio/rpmpgp.c                                | 122 +++++++++++++++---
686848
 sign/rpmgensig.c                              |   2 +-
686848
 tests/Makefile.am                             |   3 +
686848
 tests/data/keys/CVE-2021-3521-badbind.asc     |  25 ++++
686848
 .../data/keys/CVE-2021-3521-nosubsig-last.asc |  25 ++++
686848
 tests/data/keys/CVE-2021-3521-nosubsig.asc    |  37 ++++++
686848
 tests/rpmsigdig.at                            |  28 ++++
686848
 7 files changed, 224 insertions(+), 18 deletions(-)
686848
 create mode 100644 tests/data/keys/CVE-2021-3521-badbind.asc
686848
 create mode 100644 tests/data/keys/CVE-2021-3521-nosubsig-last.asc
686848
 create mode 100644 tests/data/keys/CVE-2021-3521-nosubsig.asc
686848
686848
diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c
686848
index 46cd0f31a..bd4992ec7 100644
686848
--- a/rpmio/rpmpgp.c
686848
+++ b/rpmio/rpmpgp.c
686848
@@ -511,7 +511,7 @@ pgpDigAlg pgpDigAlgFree(pgpDigAlg alg)
686848
     return NULL;
686848
 }
686848
 
686848
-static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype,
686848
+static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo,
686848
 		const uint8_t *p, const uint8_t *h, size_t hlen,
686848
 		pgpDigParams sigp)
686848
 {
686848
@@ -524,10 +524,8 @@ static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype,
686848
 	int mpil = pgpMpiLen(p);
686848
 	if (p + mpil > pend)
686848
 	    break;
686848
-	if (sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT) {
686848
-	    if (sigalg->setmpi(sigalg, i, p))
686848
-		break;
686848
-	}
686848
+	if (sigalg->setmpi(sigalg, i, p))
686848
+	    break;
686848
 	p += mpil;
686848
     }
686848
 
686848
@@ -600,7 +598,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen,
686848
 	}
686848
 
686848
 	p = ((uint8_t *)v) + sizeof(*v);
686848
-	rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp);
686848
+	rc = pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp);
686848
     }	break;
686848
     case 4:
686848
     {   pgpPktSigV4 v = (pgpPktSigV4)h;
686848
@@ -658,7 +656,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen,
686848
 	if (p > (h + hlen))
686848
 	    return 1;
686848
 
686848
-	rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp);
686848
+	rc = pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp);
686848
     }	break;
686848
     default:
686848
 	rpmlog(RPMLOG_WARNING, _("Unsupported version of key: V%d\n"), version);
686848
@@ -999,36 +997,127 @@ unsigned int pgpDigParamsAlgo(pgpDigParams digp, unsigned int algotype)
686848
     return algo;
686848
 }
686848
 
686848
+static pgpDigParams pgpDigParamsNew(uint8_t tag)
686848
+{
686848
+    pgpDigParams digp = xcalloc(1, sizeof(*digp));
686848
+    digp->tag = tag;
686848
+    return digp;
686848
+}
686848
+
686848
+static int hashKey(DIGEST_CTX hash, const struct pgpPkt *pkt, int exptag)
686848
+{
686848
+    int rc = -1;
686848
+    if (pkt->tag == exptag) {
686848
+	uint8_t head[] = {
686848
+	    0x99,
686848
+	    (pkt->blen >> 8),
686848
+	    (pkt->blen     ),
686848
+	};
686848
+
686848
+	rpmDigestUpdate(hash, head, 3);
686848
+	rpmDigestUpdate(hash, pkt->body, pkt->blen);
686848
+	rc = 0;
686848
+    }
686848
+    return rc;
686848
+}
686848
+
686848
+static int pgpVerifySelf(pgpDigParams key, pgpDigParams selfsig,
686848
+			const struct pgpPkt *all, int i)
686848
+{
686848
+    int rc = -1;
686848
+    DIGEST_CTX hash = NULL;
686848
+
686848
+    switch (selfsig->sigtype) {
686848
+    case PGPSIGTYPE_SUBKEY_BINDING:
686848
+	hash = rpmDigestInit(selfsig->hash_algo, 0);
686848
+	if (hash) {
686848
+	    rc = hashKey(hash, &all[0], PGPTAG_PUBLIC_KEY);
686848
+	    if (!rc)
686848
+		rc = hashKey(hash, &all[i-1], PGPTAG_PUBLIC_SUBKEY);
686848
+	}
686848
+	break;
686848
+    default:
686848
+	/* ignore types we can't handle */
686848
+	rc = 0;
686848
+	break;
686848
+    }
686848
+
686848
+    if (hash && rc == 0)
686848
+	rc = pgpVerifySignature(key, selfsig, hash);
686848
+
686848
+    rpmDigestFinal(hash, NULL, NULL, 0);
686848
+
686848
+    return rc;
686848
+}
686848
+
686848
 int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype,
686848
 		 pgpDigParams * ret)
686848
 {
686848
     const uint8_t *p = pkts;
686848
     const uint8_t *pend = pkts + pktlen;
686848
     pgpDigParams digp = NULL;
686848
-    struct pgpPkt pkt;
686848
+    pgpDigParams selfsig = NULL;
686848
+    int i = 0;
686848
+    int alloced = 16; /* plenty for normal cases */
686848
+    struct pgpPkt *all = xmalloc(alloced * sizeof(*all));
686848
     int rc = -1; /* assume failure */
686848
+    int expect = 0;
686848
+    int prevtag = 0;
686848
 
686848
     while (p < pend) {
686848
-	if (decodePkt(p, (pend - p), &pkt))
686848
+	struct pgpPkt *pkt = &all[i];
686848
+	if (decodePkt(p, (pend - p), pkt))
686848
 	    break;
686848
 
686848
 	if (digp == NULL) {
686848
-	    if (pkttype && pkt.tag != pkttype) {
686848
+	    if (pkttype && pkt->tag != pkttype) {
686848
 		break;
686848
 	    } else {
686848
-		digp = xcalloc(1, sizeof(*digp));
686848
-		digp->tag = pkt.tag;
686848
+		digp = pgpDigParamsNew(pkt->tag);
686848
 	    }
686848
 	}
686848
 
686848
-	if (pgpPrtPkt(&pkt, digp))
686848
+	if (expect) {
686848
+	    if (pkt->tag != expect)
686848
+		break;
686848
+	    selfsig = pgpDigParamsNew(pkt->tag);
686848
+	}
686848
+
686848
+	if (pgpPrtPkt(pkt, selfsig ? selfsig : digp))
686848
 	    break;
686848
 
686848
-	p += (pkt.body - pkt.head) + pkt.blen;
686848
+	if (selfsig) {
686848
+	    /* subkeys must be followed by binding signature */
686848
+	    int xx = 1; /* assume failure */
686848
+
686848
+	    if (!(prevtag == PGPTAG_PUBLIC_SUBKEY &&
686848
+		  selfsig->sigtype != PGPSIGTYPE_SUBKEY_BINDING))
686848
+		xx = pgpVerifySelf(digp, selfsig, all, i);
686848
+
686848
+	    selfsig = pgpDigParamsFree(selfsig);
686848
+	    if (xx)
686848
+		break;
686848
+	    expect = 0;
686848
+	}
686848
+
686848
+	if (pkt->tag == PGPTAG_PUBLIC_SUBKEY)
686848
+	    expect = PGPTAG_SIGNATURE;
686848
+	prevtag = pkt->tag;
686848
+
686848
+	i++;
686848
+	p += (pkt->body - pkt->head) + pkt->blen;
686848
+	if (pkttype == PGPTAG_SIGNATURE)
686848
+	    break;
686848
+
686848
+	if (alloced <= i) {
686848
+	    alloced *= 2;
686848
+	    all = xrealloc(all, alloced * sizeof(*all));
686848
+	}
686848
     }
686848
 
686848
-    rc = (digp && (p == pend)) ? 0 : -1;
686848
+    rc = (digp && (p == pend) && expect == 0) ? 0 : -1;
686848
 
686848
+    free(all);
686848
     if (ret && rc == 0) {
686848
 	*ret = digp;
686848
     } else {
686848
@@ -1063,8 +1152,7 @@ int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen,
686848
 		digps = xrealloc(digps, alloced * sizeof(*digps));
686848
 	    }
686848
 
686848
-	    digps[count] = xcalloc(1, sizeof(**digps));
686848
-	    digps[count]->tag = PGPTAG_PUBLIC_SUBKEY;
686848
+	    digps[count] = pgpDigParamsNew(PGPTAG_PUBLIC_SUBKEY);
686848
 	    /* Copy UID from main key to subkey */
686848
 	    digps[count]->userid = xstrdup(mainkey->userid);
686848
 
686848
diff --git a/sign/rpmgensig.c b/sign/rpmgensig.c
686848
index 771d01098..b33fe996c 100644
686848
--- a/sign/rpmgensig.c
686848
+++ b/sign/rpmgensig.c
686848
@@ -409,7 +409,7 @@ static int haveSignature(rpmtd sigtd, Header h)
686848
 	pgpPrtParams(oldtd.data, oldtd.count, PGPTAG_SIGNATURE, &sig2;;
686848
 	if (pgpDigParamsCmp(sig1, sig2) == 0)
686848
 	    rc = 1;
686848
-	pgpDigParamsFree(sig2);
686848
+	sig2 = pgpDigParamsFree(sig2);
686848
     }
686848
     pgpDigParamsFree(sig1);
686848
     rpmtdFreeData(&oldtd);
686848
diff --git a/tests/Makefile.am b/tests/Makefile.am
686848
index 5f5207e56..309347262 100644
686848
--- a/tests/Makefile.am
686848
+++ b/tests/Makefile.am
686848
@@ -87,6 +87,9 @@ EXTRA_DIST += data/SPECS/hello-config-buildid.spec
686848
 EXTRA_DIST += data/SPECS/hello-cd.spec
686848
 EXTRA_DIST += data/keys/rpm.org-rsa-2048-test.pub
686848
 EXTRA_DIST += data/keys/rpm.org-rsa-2048-test.secret
686848
+EXTRA_DIST += data/keys/CVE-2021-3521-badbind.asc
686848
+EXTRA_DIST += data/keys/CVE-2021-3521-nosubsig.asc
686848
+EXTRA_DIST += data/keys/CVE-2021-3521-nosubsig-last.asc
686848
 EXTRA_DIST += data/macros.testfile
686848
 
686848
 # testsuite voodoo
686848
diff --git a/tests/data/keys/CVE-2021-3521-badbind.asc b/tests/data/keys/CVE-2021-3521-badbind.asc
686848
new file mode 100644
686848
index 000000000..aea00f9d7
686848
--- /dev/null
686848
+++ b/tests/data/keys/CVE-2021-3521-badbind.asc
686848
@@ -0,0 +1,25 @@
686848
+-----BEGIN PGP PUBLIC KEY BLOCK-----
686848
+Version: rpm-4.17.90 (NSS-3)
686848
+
686848
+mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g
686848
+HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY
686848
+91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8
686848
+eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas
686848
+7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ
686848
+1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl
686848
+c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK
686848
+CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf
686848
+Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB
686848
+BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr
686848
+XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX
686848
+fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq
686848
++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN
686848
+BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY
686848
+zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz
686848
+iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6
686848
+Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c
686848
+KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m
686848
+L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAE=
686848
+=WCfs
686848
+-----END PGP PUBLIC KEY BLOCK-----
686848
+
686848
diff --git a/tests/data/keys/CVE-2021-3521-nosubsig-last.asc b/tests/data/keys/CVE-2021-3521-nosubsig-last.asc
686848
new file mode 100644
686848
index 000000000..aea00f9d7
686848
--- /dev/null
686848
+++ b/tests/data/keys/CVE-2021-3521-nosubsig-last.asc
686848
@@ -0,0 +1,25 @@
686848
+-----BEGIN PGP PUBLIC KEY BLOCK-----
686848
+Version: rpm-4.17.90 (NSS-3)
686848
+
686848
+mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g
686848
+HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY
686848
+91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8
686848
+eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas
686848
+7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ
686848
+1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl
686848
+c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK
686848
+CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf
686848
+Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB
686848
+BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr
686848
+XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX
686848
+fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq
686848
++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN
686848
+BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY
686848
+zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz
686848
+iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6
686848
+Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c
686848
+KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m
686848
+L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAE=
686848
+=WCfs
686848
+-----END PGP PUBLIC KEY BLOCK-----
686848
+
686848
diff --git a/tests/data/keys/CVE-2021-3521-nosubsig.asc b/tests/data/keys/CVE-2021-3521-nosubsig.asc
686848
new file mode 100644
686848
index 000000000..3a2e7417f
686848
--- /dev/null
686848
+++ b/tests/data/keys/CVE-2021-3521-nosubsig.asc
686848
@@ -0,0 +1,37 @@
686848
+-----BEGIN PGP PUBLIC KEY BLOCK-----
686848
+Version: rpm-4.17.90 (NSS-3)
686848
+
686848
+mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g
686848
+HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY
686848
+91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8
686848
+eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas
686848
+7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ
686848
+1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl
686848
+c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK
686848
+CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf
686848
+Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB
686848
+BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr
686848
+XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX
686848
+fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq
686848
++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN
686848
+BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY
686848
+zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz
686848
+iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6
686848
+Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c
686848
+KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m
686848
+L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAG5AQ0EWOY5GAEIAKT68NmshdC4
686848
+VcRhOhlXBvZq23NtskkKoPvW+ZlMuxbRDG48pGBtxhjOngriVUGceEWsXww5Q7En
686848
+uRBYglkxkW34ENym0Ji6tsPYfhbbG+dZWKIL4vMIzPOIwlPrXrm558vgkdMM/ELZ
686848
+8WIz3KtzvYubKUk2Qz+96lPXbwnlC/SBFRpBseJC5LoOb/5ZGdR/HeLz1JXiacHF
686848
+v9Nr3cZWqg5yJbDNZKfASdZgC85v3kkvhTtzknl//5wqdAMexbuwiIh2xyxbO+B/
686848
+qqzZFrVmu3sV2Tj5lLZ/9p1qAuEM7ULbixd/ld8yTmYvQ4bBlKv2bmzXtVfF+ymB
686848
+Tm6BzyQEl/MAEQEAAYkBHwQYAQgACQUCWOY5GAIbDAAKCRBDRFkeGWTF/PANB/9j
686848
+mifmj6z/EPe0PJFhrpISt9PjiUQCt0IPtiL5zKAkWjHePIzyi+0kCTBF6DDLFxos
686848
+3vN4bWnVKT1kBhZAQlPqpJTg+m74JUYeDGCdNx9SK7oRllATqyu+5rncgxjWVPnQ
686848
+zu/HRPlWJwcVFYEVXYL8xzfantwQTqefjmcRmBRdA2XJITK+hGWwAmrqAWx+q5xX
686848
+Pa8wkNMxVzNS2rUKO9SoVuJ/wlUvfoShkJ/VJ5HDp3qzUqncADfdGN35TDzscngQ
686848
+gHvnMwVBfYfSCABV1hNByoZcc/kxkrWMmsd/EnIyLd1Q1baKqc3cEDuC6E6/o4yJ
686848
+E4XX4jtDmdZPreZALsiB
686848
+=rRop
686848
+-----END PGP PUBLIC KEY BLOCK-----
686848
+
686848
diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
686848
index 09fcdd525..a74f400ae 100644
686848
--- a/tests/rpmsigdig.at
686848
+++ b/tests/rpmsigdig.at
686848
@@ -212,6 +212,34 @@ UNW2iqnN3BA7guhOv6OMiROF1+I7Q5nWT63mQC7IgQ==
686848
 [])
686848
 AT_CLEANUP
686848
 
686848
+AT_SETUP([rpmkeys --import invalid keys])
686848
+AT_KEYWORDS([rpmkeys import])
686848
+RPMDB_INIT
686848
+
686848
+AT_CHECK([
686848
+runroot rpmkeys --import /data/keys/CVE-2021-3521-badbind.asc
686848
+],
686848
+[1],
686848
+[],
686848
+[error: /data/keys/CVE-2021-3521-badbind.asc: key 1 import failed.]
686848
+)
686848
+AT_CHECK([
686848
+runroot rpmkeys --import /data/keys/CVE-2021-3521-nosubsig.asc
686848
+],
686848
+[1],
686848
+[],
686848
+[error: /data/keys/CVE-2021-3521-nosubsig.asc: key 1 import failed.]
686848
+)
686848
+
686848
+AT_CHECK([
686848
+runroot rpmkeys --import /data/keys/CVE-2021-3521-nosubsig-last.asc
686848
+],
686848
+[1],
686848
+[],
686848
+[error: /data/keys/CVE-2021-3521-nosubsig-last.asc: key 1 import failed.]
686848
+)
686848
+AT_CLEANUP
686848
+
686848
 # ------------------------------
686848
 # Test pre-built package verification
686848
 AT_SETUP([rpmkeys -K <signed> 1])
686848
-- 
686848
2.34.1
686848