openpgp: Fix panic on v3 public keys with too-short modulus.

Found using gofuzz.

Fixes golang/go#11504

Change-Id: I49cf01e75e37c5d87dad58c5349161d79d0b72f5
Reviewed-on: https://go-review.googlesource.com/12635
Reviewed-by: Adam Langley <[email protected]>

Author: marete

openpgp/packet/public_key_v3.go

@@ -95,6 +95,11 @@ func (pk *PublicKeyV3) parseRSA(r io.Reader) (err error) {
 		return
 	}
 
+	// RFC 4880 Section 12.2 requires the low 8 bytes of the
+	// modulus to form the key id.
+	if len(pk.n.bytes) < 8 {
+		return errors.StructuralError("v3 public key modulus is too short")
+	}
 	if len(pk.e.bytes) > 3 {
 		err = errors.UnsupportedError("large public exponent")
 		return

openpgp/read_test.go

@@ -369,12 +369,10 @@ func TestNoArmoredData(t *testing.T) {
 	}
 }
 
-func TestIssue11503(t *testing.T) {
-	data := "8c040402000aa430aa8228b9248b01fc899a91197130303030"
-
-	buf, err := hex.DecodeString(data)
+func testReadMessageError(t *testing.T, messageHex string) {
+	buf, err := hex.DecodeString(messageHex)
 	if err != nil {
-		t.Errorf("hex.DecodeSting(): %v", err)
+		t.Errorf("hex.DecodeString(): %v", err)
 	}
 
 	kr, err := ReadKeyRing(new(bytes.Buffer))
@@ -392,6 +390,14 @@ func TestIssue11503(t *testing.T) {
 	}
 }
 
+func TestIssue11503(t *testing.T) {
+	testReadMessageError(t, "8c040402000aa430aa8228b9248b01fc899a91197130303030")
+}
+
+func TestIssue11504(t *testing.T) {
+	testReadMessageError(t, "9303000130303030303030303030983002303030303030030000000130")
+}
+
 const testKey1KeyId = 0xA34D7E18C20C31BB
 const testKey3KeyId = 0x338934250CCC0360