Bug#736629: UnicodeDecodeError: 'utf8' codec can't decode byte 0xf6
Control: tags -1 +pending I have made a patch that keeps Monkeysign from just crashing on those keys. The right way to do this, of course, is to simply refuse signing that keyid, but that's a harder fix that will have to wait. The attached patch was applied to the 2.x branch, and should fix the bug here. A. -- The value of a college education is not the learning of many facts but the training of the mind to think. - Albert Einstein >From 76186ba6f1ebf3c58f699aecd29cbb648205d4e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?=Date: Thu, 1 Sep 2016 14:02:58 -0400 Subject: [PATCH] handle improperly encoded UIDs (Closes: #736629) --- monkeysign/gpg.py | 2 +- tests/test_gpg.py | 14 ++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/monkeysign/gpg.py b/monkeysign/gpg.py index 56d21a1..2c10fe9 100644 --- a/monkeysign/gpg.py +++ b/monkeysign/gpg.py @@ -735,7 +735,7 @@ def __str__(self): ret += u'Fingerprint = ' + self.format_fpr() + "\n" i = 1 for uid in self.uidslist: -ret += u"uid %d [%s] %s\n" % (i, uid.get_trust(), uid.uid.decode('utf-8')) +ret += u"uid %d [%s] %s\n" % (i, uid.get_trust(), uid.uid.decode('utf-8', 'replace')) i += 1 for subkey in self.subkeys.values(): ret += u"sub " + subkey.length + u"R/" + subkey.keyid(8) + u" " + subkey.creation diff --git a/tests/test_gpg.py b/tests/test_gpg.py index 39fef0c..2aa76a0 100755 --- a/tests/test_gpg.py +++ b/tests/test_gpg.py @@ -342,6 +342,20 @@ def test_wrongly_place_sigs(self): self.gpg.context.call_command(['list-sigs', '6D866396']) self.assertRegexpMatches(self.gpg.context.stdout, 'sig:::1:86E4E70A96F47C6A:[^:]*Second Test Key :10x:') +def test_broken_encoding(self): +"""test some key that has a non-standard encoding + +RFC4880 specifies that UIDs should be UTF-8, but someone this +one isn't. + +see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736629 +""" +self.assertTrue(self.gpg.import_data(open(os.path.dirname(__file__) + + '/ECAA37C45C7E48CE.asc').read())) +key = self.gpg.get_keys('095D9EC8C995AB203DC260FEECAA37C45C7E48CE') +foo = key['095D9EC8C995AB203DC260FEECAA37C45C7E48CE'].__str__().encode('utf-8') + + class TestOpenPGPkey(unittest.TestCase): def setUp(self): self.key = OpenPGPkey("""tru::1:1343350431:0:3:1:5 -- 2.1.4
Bug#736629: UnicodeDecodeError: 'utf8' codec can't decode byte 0xf6
Control: severity -1 minor Control: found -1 2.0.2 It looks like Dennis' key has an invalid encoding, even in gpg: $ gpg --search-keys allsp...@planetcyborg.de gpg: recherche de « allsp...@planetcyborg.de » sur le serveur hkp pool.sks-keyservers.net (1) Dennis Boerm2048 bit RSA key 287992D55C7E48CE, créé : 2014-06-16 (révoquée) (2) Dennis Börm Dennis Börm Dennis Börm Dennis Börm Dennis Börm 4096 bit RSA key DF87C73A6F432148, créé : 2014-04-25 (3) Dennis Boerm Dennis Boerm Dennis B\xf6\x72m Dennis Börm Dennis Boerm Dennis Boerm Dennis Boerm Dennis Börm Dennis Boerm 2048 bit RSA key ECAA37C45C7E48CE, créé : 2009-09-15 Keys 1-3 of 3 for "allsp...@planetcyborg.de". Entrez le ou les nombres, (S)uivant, ou (Q)uitter > I am not sure what we should do with this - an exception certainly isn't great, but how do you certify corrupt data anyways? A. signature.asc Description: Digital signature
Bug#736629: UnicodeDecodeError: 'utf8' codec can't decode byte 0xf6
On 2014-01-25 12:21:20, Andreas Rütten wrote: While trying to sign the following key: pub 2048R/5C7E48CE 2009-09-15 Fingerprint=095D 9EC8 C995 AB20 3DC2 60FE ECAA 37C4 5C7E 48CE I run into this traceback: Traceback (most recent call last): File /usr/bin/monkeysign, line 41, in module u.main() File /usr/lib/python2.7/dist-packages/monkeysign/cli.py, line 69, in main self.sign_key() File /usr/lib/python2.7/dist-packages/monkeysign/ui.py, line 279, in sign_key ) % keys[key], False) File /usr/lib/python2.7/dist-packages/monkeysign/gpg.py, line 701, in __str__ ret += uuid %d [%s] %s\n % (i, uid.get_trust(), uid.uid.decode('utf-8')) File /usr/lib/python2.7/encodings/utf_8.py, line 16, in decode return codecs.utf_8_decode(input, errors, True) UnicodeDecodeError: 'utf8' codec can't decode byte 0xf6 in position 8: invalid start byte I don't have high hopes, but could you try this again with the version in sid or in git (2.0+)? git://git.monkeysphere.info/monkeysign Thanks, A. -- I'm sorry if any of you are catholic. I'm not sorry if you're offended, I'm actually just sorry by the fact that you're catholic - Bill Hicks pgpkZd2QoKpjK.pgp Description: PGP signature
Bug#736629: UnicodeDecodeError: 'utf8' codec can't decode byte 0xf6
Package: monkeysign Version: 1.1 Severity: normal While trying to sign the following key: pub 2048R/5C7E48CE 2009-09-15 Fingerprint=095D 9EC8 C995 AB20 3DC2 60FE ECAA 37C4 5C7E 48CE I run into this traceback: Traceback (most recent call last): File /usr/bin/monkeysign, line 41, in module u.main() File /usr/lib/python2.7/dist-packages/monkeysign/cli.py, line 69, in main self.sign_key() File /usr/lib/python2.7/dist-packages/monkeysign/ui.py, line 279, in sign_key ) % keys[key], False) File /usr/lib/python2.7/dist-packages/monkeysign/gpg.py, line 701, in __str__ ret += uuid %d [%s] %s\n % (i, uid.get_trust(), uid.uid.decode('utf-8')) File /usr/lib/python2.7/encodings/utf_8.py, line 16, in decode return codecs.utf_8_decode(input, errors, True) UnicodeDecodeError: 'utf8' codec can't decode byte 0xf6 in position 8: invalid start byte -- System Information: Debian Release: jessie/sid APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.11-2-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages monkeysign depends on: ii gnupg 1.4.16-1 ii python2.7.5-5 ii python-pkg-resources 2.0.2-1 Versions of packages monkeysign recommends: ii python-gtk2 2.24.0-3+b1 ii python-qrencode 1.01-3 ii python-zbar 0.10+doc-9+b1 ii python-zbarpygtk 0.10+doc-9+b1 monkeysign suggests no packages. -- no debconf information Cheers, Andreas -- Andreas Rütten mailto:andreasruet...@gmx.de xmpp:andreasruet...@gmx.de irc://irc.oftc.net/aruetten 4096R: 0x6C9DFFB2 / 8394 99DA 59BD BCE2 3FC8 3A9E 6633 0089 6C9D FFB2 signature.asc Description: PGP signature