Allow --list argument to KEYINFO

Sequoia Chameleon sends "KEYINFO --list", so do not filter this out.
QubesOS · Oct 22, 2024 · 1f948b8 · 1f948b8
1 parent c285d5f
commit 1f948b8
Showing 1 changed file with 20 additions and 20 deletions.
diff --git a/splitgpg2/__init__.py b/splitgpg2/__init__.py
@@ -641,14 +641,24 @@ def fake_respond(self, response: bytes) -> None:
 
     @staticmethod
     def verify_keygrip_arguments(min_count: int, max_count: int,
-            untrusted_args: Optional[bytes]) -> bytes:
+                                 untrusted_args: Optional[bytes],
+                                 allow_list: bool) -> bytes:
         if untrusted_args is None:
             raise Filtered
-        args_regex = re.compile(rb'\A[0-9A-F]{40}( [0-9A-F]{40}){%d,%d}\Z' %
-                                (min_count-1, max_count-1))
+        if allow_list and untrusted_args.startswith(b'--list'):
+            if untrusted_args == b'--list':
+                pass
+            elif untrusted_args[6] == 61: # ASCII '='
+                # 1000 is the default value used by gpg2
+                sanitize_int(untrusted_args[len(b'--list='):], 1, 1000)
+            else:
+                raise Filtered
+        else:
+            args_regex = re.compile(rb'\A[0-9A-F]{40}( [0-9A-F]{40}){%d,%d}\Z' %
+                                    (min_count-1, max_count-1))
 
-        if args_regex.match(untrusted_args) is None:
-            raise Filtered
+            if args_regex.match(untrusted_args) is None:
+                raise Filtered
         return untrusted_args
 
     def sanitize_key_desc(self, untrusted_args: bytes) -> bytes:
@@ -734,21 +744,11 @@ async def command_HAVEKEY(self, untrusted_args: Optional[bytes]) -> None:
         if untrusted_args is None:
             raise Filtered
         # upper keygrip limit is arbitary
-        if untrusted_args.startswith(b'--list'):
-            if b'=' in untrusted_args:
-                # 1000 is the default value used by gpg2
-                limit = sanitize_int(untrusted_args[len(b'--list='):], 1, 1000)
-                args = b'--list=%d' % limit
-            else:
-                if untrusted_args != b'--list':
-                    raise Filtered
-                args = b'--list'
-        else:
-            args = self.verify_keygrip_arguments(1, 200, untrusted_args)
+        args = self.verify_keygrip_arguments(1, 200, untrusted_args, True)
         await self.send_agent_command(b'HAVEKEY', args)
 
     async def command_KEYINFO(self, untrusted_args: Optional[bytes]) -> None:
-        args = self.verify_keygrip_arguments(1, 1, untrusted_args)
+        args = self.verify_keygrip_arguments(1, 1, untrusted_args, True)
         await self.send_agent_command(b'KEYINFO', args)
 
     async def command_GENKEY(self, untrusted_args: Optional[bytes]) -> None:
@@ -788,12 +788,12 @@ async def command_GENKEY(self, untrusted_args: Optional[bytes]) -> None:
         await self.send_agent_command(b'GENKEY', b' '.join(args))
 
     async def command_SIGKEY(self, untrusted_args: Optional[bytes]) -> None:
-        args = self.verify_keygrip_arguments(1, 1, untrusted_args)
+        args = self.verify_keygrip_arguments(1, 1, untrusted_args, False)
         await self.send_agent_command(b'SIGKEY', args)
         await self.setkeydesc(args)
 
     async def command_SETKEY(self, untrusted_args: Optional[bytes]) -> None:
-        args = self.verify_keygrip_arguments(1, 1, untrusted_args)
+        args = self.verify_keygrip_arguments(1, 1, untrusted_args, False)
         await self.send_agent_command(b'SETKEY', args)
         await self.setkeydesc(args)
 
@@ -999,7 +999,7 @@ async def command_READKEY(self, untrusted_args: Optional[bytes]) -> None:
             raise Filtered
         if untrusted_args.startswith(b'-- '):
             untrusted_args = untrusted_args[3:]
-        args = self.verify_keygrip_arguments(1, 1, untrusted_args)
+        args = self.verify_keygrip_arguments(1, 1, untrusted_args, False)
 
         await self.send_agent_command(b'READKEY', b'-- ' + args)