Packet length: header vs. context

Levi Broderick <lpb@ece.cmu.edu> Fri, 05 January 2007 22:30 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H2xZa-0006Vl-BQ for openpgp-archive@lists.ietf.org; Fri, 05 Jan 2007 17:30:02 -0500
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1H2xZY-00023a-SF for openpgp-archive@lists.ietf.org; Fri, 05 Jan 2007 17:30:02 -0500
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l05M67qI032920 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 5 Jan 2007 15:06:07 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l05M67pB032919; Fri, 5 Jan 2007 15:06:07 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from smtp.andrew.cmu.edu (smtp.andrew.cmu.edu [128.2.10.82]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l05M65ej032912 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for <ietf-openpgp@imc.org>; Fri, 5 Jan 2007 15:06:07 -0700 (MST) (envelope-from lpb@ece.cmu.edu)
Received: from [192.168.1.113] (user-24-214-137-62.knology.net [24.214.137.62]) (user=lpb mech=GSSAPI (0 bits)) by smtp.andrew.cmu.edu (8.13.6/8.13.6) with ESMTP id l05M63uu004130 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for <ietf-openpgp@imc.org>; Fri, 5 Jan 2007 17:06:05 -0500
Message-ID: <459ECBC5.3010101@ece.cmu.edu>
Date: Fri, 05 Jan 2007 16:05:57 -0600
From: Levi Broderick <lpb@ece.cmu.edu>
Organization: Carnegie Mellon University
User-Agent: Thunderbird 2.0b1 (Windows/20061224)
MIME-Version: 1.0
To: ietf-openpgp@imc.org
Subject: Packet length: header vs. context
X-Enigmail-Version: 0.94.1.2.0
OpenPGP: id=3FE7C25A; url=http://www.contrib.andrew.cmu.edu/~lpb/pubkey.asc
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.57 on 128.2.10.82
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 93238566e09e6e262849b4f805833007

(resending, as the original message seems to be MIA)

Consider the following scenario:

An implementation is parsing a public-key packet.  The packet header
gives a body length of 600 bytes; this is then buffered into memory.
The software successfully parses all the data in the packet body -
everything from the packet version number to the final MPI that it was
expecting - and realizes that it has only read 400 bytes.

Even if the public key data was successfully parsed, should the
implementation consider the packet to be malformed and reject the key?
Or should the leftover data be considered optional and be ignored?  I
think it makes more sense to error out, but the RFC draft and mailing
list archives seem to be silent on this issue.

On a somewhat related note, are V3 partial-length headers limited to the
same context as V4 partial-length headers?  That is - are they allowed
only on data packets?

Thanks for your help!
~ Levi