security-research-notebook/openpgpjs-cve-2025-47934-rootcause/index.html

252 lines · html

<!doctype html>
<html lang="en"><head><meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>openpgpjs-v6 hunt, iteration 1 | Zion Boggan</title>
<meta name="description" content="Root-cause walk-through of CVE-2025-47934 (signature-verification bypass via `msg.packets` mutation) and a variant search against the v6.2.0 compressi">
<link rel="icon" href="data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 32 32'%3E%3Crect width='32' height='32' rx='6' fill='%230c0e12'/%3E%3Ctext x='16' y='22' font-family='monospace' font-size='15' fill='%236cc7b8' text-anchor='middle'%3Ezb%3C/text%3E%3C/svg%3E">
<style>
  :root{
    --bg:#0c0e12; --bg2:#0f1217; --panel:#14181f; --panel2:#171c24;
    --line:#222936; --line2:#2c3543;
    --ink:#e8eaed; --soft:#c3cad4; --muted:#8a94a3; --faint:#5d6675;
    --accent:#6cc7b8; --accent-dim:#274b47;
    --maxw:1020px;
  }
  *{box-sizing:border-box;}
  html{scroll-behavior:smooth;}
  body{margin:0;background:var(--bg);color:var(--ink);
    font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Helvetica,Arial,sans-serif;
    font-size:16px;line-height:1.65;-webkit-font-smoothing:antialiased;}
  .mono{font-family:ui-monospace,SFMono-Regular,"SF Mono",Menlo,Consolas,monospace;}
  a{color:var(--accent);text-decoration:none;}
  a:hover{color:#8fe0d2;}
  .wrap{max-width:var(--maxw);margin:0 auto;padding:0 24px;}
 
  /* nav */
  nav{position:sticky;top:0;z-index:20;background:rgba(12,14,18,.82);
    backdrop-filter:blur(10px);border-bottom:1px solid var(--line);}
  nav .wrap{display:flex;align-items:center;justify-content:space-between;height:58px;}
  nav .brand{font-weight:600;letter-spacing:.2px;}
  nav .brand .dot{color:var(--accent);}
  nav .links{display:flex;gap:26px;font-size:13.5px;}
  nav .links a{color:var(--muted);}
  nav .links a:hover{color:var(--ink);}
  @media(max-width:680px){nav .links{display:none;}}
 
  /* hero */
  header.hero{padding:74px 0 54px;border-bottom:1px solid var(--line);
    background:radial-gradient(900px 380px at 78% -10%, #11201e 0%, transparent 60%);}
  .avail{font-size:12.5px;letter-spacing:1.5px;text-transform:uppercase;color:var(--accent);
    display:flex;align-items:center;gap:9px;margin-bottom:20px;}
  .avail .pulse{width:7px;height:7px;border-radius:50%;background:var(--accent);
    box-shadow:0 0 0 0 rgba(108,199,184,.5);animation:p 2.4s infinite;}
  @keyframes p{0%{box-shadow:0 0 0 0 rgba(108,199,184,.45)}70%{box-shadow:0 0 0 8px rgba(108,199,184,0)}100%{box-shadow:0 0 0 0 rgba(108,199,184,0)}}
  h1{font-size:clamp(34px,6vw,52px);line-height:1.05;margin:0 0 8px;letter-spacing:-1px;font-weight:680;}
  .hero .sub{font-size:clamp(16px,2.4vw,20px);color:var(--soft);margin:0 0 24px;font-weight:500;}
  .hero .lede{max-width:660px;color:var(--soft);font-size:17px;margin:0 0 28px;}
  .hero .lede b{color:var(--ink);font-weight:600;}
  .cta{display:flex;flex-wrap:wrap;gap:12px;align-items:center;}
  .btn{display:inline-flex;align-items:center;gap:8px;padding:10px 18px;border-radius:8px;
    font-size:14.5px;font-weight:550;border:1px solid var(--line2);color:var(--ink);background:var(--panel);}
  .btn:hover{border-color:var(--accent-dim);background:var(--panel2);color:var(--ink);}
  .btn.primary{background:var(--accent);color:#06231f;border-color:var(--accent);font-weight:650;}
  .btn.primary:hover{background:#8fe0d2;color:#06231f;}
  .meta{margin-top:26px;display:flex;flex-wrap:wrap;gap:8px 22px;font-size:13px;color:var(--muted);}
  .meta .mono{color:var(--faint);}
 
  /* sections */
  section{padding:64px 0;border-bottom:1px solid var(--line);}
  .shead{display:flex;align-items:baseline;gap:14px;margin-bottom:30px;}
  .shead .idx{font-size:13px;color:var(--accent);letter-spacing:1px;}
  .shead h2{font-size:14px;letter-spacing:2px;text-transform:uppercase;color:var(--muted);margin:0;font-weight:600;}
  .shead .rule{flex:1;height:1px;background:var(--line);}
 
  /* flagship */
  .flag{background:linear-gradient(180deg,var(--panel) 0%,var(--bg2) 100%);
    border:1px solid var(--line2);border-radius:14px;overflow:hidden;}
  .flag .top{padding:30px 32px 8px;}
  .flag .tag{font-size:12px;letter-spacing:1.5px;text-transform:uppercase;color:var(--accent);margin-bottom:12px;}
  .flag h3{font-size:27px;margin:0 0 6px;letter-spacing:-.4px;}
  .flag h3 .v{font-size:13px;color:var(--muted);font-weight:500;margin-left:8px;letter-spacing:0;}
  .flag .grid{display:grid;grid-template-columns:1.25fr 1fr;gap:30px;padding:14px 32px 30px;}
  .flag p{color:var(--soft);margin:0 0 16px;}
  .flag .stats{display:grid;grid-template-columns:1fr 1fr;gap:12px;margin-top:6px;}
  .stat{background:var(--bg);border:1px solid var(--line);border-radius:9px;padding:13px 15px;}
  .stat .n{font-size:21px;font-weight:680;color:var(--ink);}
  .stat .k{font-size:12px;color:var(--muted);margin-top:2px;}
  .spec{background:var(--bg);border:1px solid var(--line);border-radius:10px;padding:18px 18px;}
  .spec .sk{font-size:11px;letter-spacing:1.5px;text-transform:uppercase;color:var(--faint);margin-bottom:10px;}
  .spec ul{margin:0;padding:0;list-style:none;font-size:13.5px;}
  .spec li{padding:6px 0;border-top:1px solid var(--line);color:var(--soft);display:flex;justify-content:space-between;gap:14px;}
  .spec li:first-child{border-top:none;}
  .spec li span{color:var(--muted);}
  .flag .foot{padding:0 32px 28px;display:flex;gap:18px;flex-wrap:wrap;font-size:14px;}
  @media(max-width:720px){.flag .grid{grid-template-columns:1fr;}}
 
  /* lab cards */
  .cards{display:grid;grid-template-columns:1fr 1fr;gap:20px;}
  @media(max-width:680px){.cards{grid-template-columns:1fr;}}
  .card{border:1px solid var(--line);border-radius:12px;overflow:hidden;background:var(--panel);
    display:flex;flex-direction:column;transition:border-color .15s,transform .15s;}
  .card:hover{border-color:var(--accent-dim);transform:translateY(-2px);}
  .card .thumb{height:172px;overflow:hidden;border-bottom:1px solid var(--line);background:#fff;}
  .card .thumb img{width:100%;height:100%;object-fit:cover;object-position:top left;display:block;}
  .card .body{padding:18px 20px 20px;display:flex;flex-direction:column;flex:1;}
  .card h3{margin:0 0 9px;font-size:17px;}
  .card p{margin:0 0 14px;font-size:14px;color:var(--soft);flex:1;}
  .tags{display:flex;flex-wrap:wrap;gap:6px;margin-bottom:14px;}
  .tags span{font-size:11.5px;color:var(--muted);background:var(--bg);border:1px solid var(--line);
    border-radius:5px;padding:3px 8px;}
  .card .lnk{font-size:13.5px;font-family:ui-monospace,Menlo,monospace;}
  .card .lnk::after{content:" →";}
 
  /* research */
  .rlede{color:var(--soft);max-width:680px;margin:-6px 0 26px;}
  .research{display:flex;flex-direction:column;gap:0;border:1px solid var(--line);border-radius:12px;overflow:hidden;}
  .ritem{display:grid;grid-template-columns:120px 1fr auto;gap:18px;align-items:center;
    padding:18px 22px;border-top:1px solid var(--line);}
  .ritem:first-child{border-top:none;}
  .ritem:hover{background:var(--panel);}
  .ritem .cls{font-size:11px;letter-spacing:.5px;text-transform:uppercase;color:var(--accent);}
  .ritem h3{margin:0 0 3px;font-size:16px;}
  .ritem p{margin:0;font-size:13.5px;color:var(--muted);}
  .ritem .go{font-family:ui-monospace,Menlo,monospace;font-size:13px;white-space:nowrap;}
  @media(max-width:680px){.ritem{grid-template-columns:1fr;gap:6px;}.ritem .go{margin-top:4px;}}
  .progs{margin-top:22px;}
  .progs .sk{font-size:11px;letter-spacing:1.5px;text-transform:uppercase;color:var(--faint);margin-bottom:11px;}
  .progs .row{display:flex;flex-wrap:wrap;gap:7px;}
  .progs .row span{font-size:12.5px;color:var(--soft);background:var(--panel);border:1px solid var(--line);
    border-radius:6px;padding:4px 10px;}
 
  /* credentials */
  .cred{display:grid;grid-template-columns:1.1fr 1fr;gap:28px;}
  @media(max-width:680px){.cred{grid-template-columns:1fr;}}
  .cred p{color:var(--soft);margin:0 0 14px;}
  .cred .role{font-size:14px;color:var(--muted);}
  .cred .role b{color:var(--ink);font-weight:600;}
  .certs{list-style:none;margin:0;padding:0;}
  .certs li{padding:9px 0;border-top:1px solid var(--line);font-size:14px;color:var(--soft);
    display:flex;gap:10px;align-items:baseline;}
  .certs li:first-child{border-top:none;}
  .certs li .c{color:var(--accent);font-family:ui-monospace,Menlo,monospace;font-size:12px;}
 
  footer{padding:46px 0 64px;}
  footer .row{display:flex;flex-wrap:wrap;justify-content:space-between;gap:18px;align-items:center;}
  footer .links a{color:var(--soft);margin-right:20px;font-size:14px;}
  footer .note{color:var(--faint);font-size:12.5px;max-width:520px;}
 
  .detail-hero{padding:40px 0 26px;}
  .back{display:inline-block;font-size:13px;color:var(--muted);margin-bottom:20px;font-family:ui-monospace,Menlo,monospace;}
  .back:hover{color:var(--ink);}
  .kicker{font-size:12px;letter-spacing:2px;text-transform:uppercase;color:var(--accent);margin-bottom:13px;font-family:ui-monospace,Menlo,monospace;}
  .detail-hero h1{font-size:clamp(26px,4.6vw,38px);margin:0 0 12px;letter-spacing:-.5px;}
  .detail-hero .tagline{font-size:clamp(15px,2vw,18px);color:var(--soft);max-width:800px;margin:0 0 16px;}
  .facts{display:grid;grid-template-columns:repeat(auto-fit,minmax(150px,1fr));gap:12px;margin-top:22px;}
  .content{padding:8px 0 0;max-width:840px;}
  .content h1{font-size:24px;margin:40px 0 14px;letter-spacing:-.4px;color:var(--ink);}
  .content h2{font-size:13px;letter-spacing:2px;text-transform:uppercase;color:var(--muted);margin:42px 0 15px;font-weight:600;border-top:1px solid var(--line);padding-top:28px;}
  .content h3{font-size:17px;margin:28px 0 10px;color:var(--ink);font-weight:600;}
  .content h4{font-size:14px;margin:22px 0 8px;color:var(--soft);font-weight:600;text-transform:uppercase;letter-spacing:.5px;}
  .content p{color:var(--soft);margin:0 0 15px;}
  .content ul,.content ol{color:var(--soft);margin:0 0 15px;padding-left:22px;}
  .content li{margin:5px 0;}
  .content strong{color:var(--ink);font-weight:600;}
  .content a{color:var(--accent);}
  .content code{font-family:ui-monospace,Menlo,monospace;font-size:12.8px;background:var(--panel2);border:1px solid var(--line);border-radius:4px;padding:1px 5px;color:var(--soft);}
  .content pre{background:var(--bg2);border:1px solid var(--line2);border-radius:10px;padding:15px 18px;overflow-x:auto;margin:0 0 18px;}
  .content pre code{background:none;border:none;padding:0;font-size:12.4px;color:var(--soft);line-height:1.6;white-space:pre;}
  .content table{width:100%;border-collapse:collapse;margin:2px 0 20px;font-size:13.3px;}
  .content th{text-align:left;color:var(--muted);font-weight:600;border-bottom:1px solid var(--line2);padding:9px 12px;font-size:11px;letter-spacing:.6px;text-transform:uppercase;}
  .content td{color:var(--soft);border-bottom:1px solid var(--line);padding:9px 12px;vertical-align:top;}
  .content blockquote{border-left:3px solid var(--accent-dim);margin:0 0 16px;padding:2px 0 2px 18px;color:var(--muted);}
  .content hr{border:none;border-top:1px solid var(--line);margin:30px 0;}
  /* notebook index */
  .nbgroup{margin:40px 0 0;}
  .nbgroup h2{font-size:13px;letter-spacing:2px;text-transform:uppercase;color:var(--accent);margin:0 0 4px;font-weight:600;}
  .nbgroup .gd{color:var(--faint);font-size:13px;margin:0 0 14px;}
  .nbtable{width:100%;border-collapse:collapse;font-size:14px;border:1px solid var(--line);border-radius:12px;overflow:hidden;}
  .nbtable tr{border-top:1px solid var(--line);}
  .nbtable tr:first-child{border-top:none;}
  .nbtable tr:hover{background:var(--panel);}
  .nbtable td{padding:14px 16px;vertical-align:top;}
  .nbtable .cls{white-space:nowrap;color:var(--accent);font-family:ui-monospace,Menlo,monospace;font-size:11.5px;text-transform:uppercase;letter-spacing:.5px;width:150px;}
  .nbtable .ti a{font-weight:600;color:var(--ink);}
  .nbtable .ti a:hover{color:var(--accent);}
  .nbtable .ol{color:var(--muted);font-size:13px;margin-top:3px;}
  @media(max-width:680px){.nbtable .cls{width:auto;display:block;}}
</style>
<link rel="canonical" href="https://zionboggan.com/security-research-notebook/openpgpjs-cve-2025-47934-rootcause/">
<meta name="author" content="Zion Boggan">
<meta name="robots" content="index, follow, max-image-preview:large">
<meta property="og:type" content="article">
<meta property="og:site_name" content="Zion Boggan">
<meta property="og:title" content="openpgpjs-v6 hunt - iteration 1 | Zion Boggan">
<meta property="og:description" content="Root-cause walk-through of CVE-2025-47934 (signature-verification bypass via `msg.packets` mutation) and a variant search against the v6.2.0 compressi">
<meta property="og:url" content="https://zionboggan.com/security-research-notebook/openpgpjs-cve-2025-47934-rootcause/">
<meta property="og:image" content="https://zionboggan.com/assets/og-default.png">
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:title" content="openpgpjs-v6 hunt - iteration 1 | Zion Boggan">
<meta name="twitter:description" content="Root-cause walk-through of CVE-2025-47934 (signature-verification bypass via `msg.packets` mutation) and a variant search against the v6.2.0 compressi">
<meta name="twitter:image" content="https://zionboggan.com/assets/og-default.png">
<script type="application/ld+json">{"@context":"https://schema.org","@type":"TechArticle","headline":"openpgpjs-v6 hunt - iteration 1","description":"Root-cause walk-through of CVE-2025-47934 (signature-verification bypass via `msg.packets` mutation) and a variant search against the v6.2.0 compressi","url":"https://zionboggan.com/security-research-notebook/openpgpjs-cve-2025-47934-rootcause/","image":"https://zionboggan.com/assets/og-default.png","author":{"@type":"Person","name":"Zion Boggan","url":"https://zionboggan.com"},"publisher":{"@type":"Person","name":"Zion Boggan"}}</script>
</head><body>
<nav><div class="wrap">
  <a class="brand mono" href="/" style="color:var(--ink)">zion_boggan<span class="dot">.</span></a>
  <span class="links"><a href="/#oversight">Oversight</a><a href="/#labs">Labs</a><a href="/#research">Research</a><a href="/security-research-notebook/">Notebook</a><a href="/">Home</a></span>
</div></nav>
<header class="hero detail-hero"><div class="wrap">
  <a class="back" href="/security-research-notebook/">&larr; Research notebook</a>
  <div class="kicker">Methodology</div>
  <h1>openpgpjs-v6 hunt, iteration 1</h1>
</div></header>
<section><div class="wrap"><div class="content">
<p>Time: 2026-04-17 ~07:10 UTC
Target: openpgpjs (YWH program: openpgp-js-bug-bounty-program, sponsored by Sovereign Tech Agency, €10k critical)</p>
<h2>Confirmed in scope</h2>
<ul>
<li>YWH program URL: https://yeswehack.com/programs/openpgp-js-bug-bounty-program</li>
<li>Acknowledged in GHSA-8qff-qr5q-5pr8 (CVE-2025-47934).</li>
</ul>
<h2>Patched bug, CVE-2025-47934</h2>
<ul>
<li>v6.1.0 → v6.1.1 patched in <code>src/message.js</code> <code>verify()</code> (lines 591-606).</li>
<li>Root cause: <code>verify()</code> mutated <code>msg.packets</code> by <code>push(...)</code>-ing packets drained from the message stream. The <code>literalDataList</code> was computed BEFORE the mutation; signatures were verified against <code>literalDataList[0]</code> (the original/legit literal data). After verify returned, <code>openpgp.verify</code> wrapper called <code>message.getLiteralData()</code> which uses <code>msg.packets.findPacket(literalData)</code>, which now returns the FIRST literal data, but the streamed (post-mutation) literal data ends up in <code>result.data</code> via the linked stream.</li>
<li>Fix: use a local <code>packets</code> variable that is <code>packets.concat(streamed)</code> instead of mutating <code>msg.packets</code>.</li>
</ul>
<h2>Variant candidates to chase next iteration</h2>
<h3>Candidate A, Compression Streams refactor (commit fccbc3ec, in 6.2.0+)</h3>
<p>Big rewrite of <code>compressed_data.js</code> for native Compression Streams API. The new flow:
- Decompress: pulls <code>this.compressed</code> through a web stream, then ArrayStream-back if not originally a stream.
- The decompressed bytes are then handed to <code>PacketList.fromBinary</code>/parser as a stream.</p>
<p>Risk: nested compressed messages with attacker-shaped inner packets may bypass the local-packets fix because <code>unwrapCompressed()</code> (line 656) returns <code>new Message(compressed[0].packets)</code>, the inner packets list. Subsequent verify on inner packets uses the same <code>packets.concat(stream)</code> pattern, but <code>getLiteralData()</code> (line 318) calls <code>unwrapCompressed()</code> AGAIN, so on the OUTER message it traverses to inner.packets which may now have been further mutated by stream parsing in another async path.</p>
<h3>Candidate B, <code>decrypt</code> flow re-verification</h3>
<p>Per advisory, <code>decrypt</code> with <code>verificationKeys</code> is also affected. The fix path goes through <code>verify()</code> so should be covered, BUT: <code>decrypt</code> returns a NEW <code>Message(symEncryptedPacket.packets)</code> (line 148) and then sets <code>symEncryptedPacket.packets = new PacketList()</code>. If the inner packets list still has a live <code>.stream</code> reference, subsequent verify→getLiteralData on the new Message has the same window. Need to check whether the inner stream gets a <code>concat</code> or stays mutated.</p>
<h3>Candidate C, <code>appendSignature</code> (line 669)</h3>
<pre><code class="language-js">async appendSignature(detachedSignature, config) {
  await this.packets.read(
    util.isUint8Array(detachedSignature) ? detachedSignature : (await unarmor(detachedSignature)).data,
    allowedDetachedSignaturePackets,
    config
  );
}
</code></pre>
<p>This calls <code>this.packets.read(...)</code>, does <code>read</code> mutate? <code>PacketList.read</code> typically appends to <code>this</code>. So <code>appendSignature</code> MUTATES <code>msg.packets</code>. If a caller does:
1. <code>msg = readMessage(M_evil)</code> → msg.packets has [literal(P_evil)]
2. <code>msg.appendSignature(legitSigOverPlegit)</code> → msg.packets = [literal(P_evil), sig(legit over P_legit)]
3. <code>verify(msg, key)</code>, sig is genuine over P_legit, but literalDataList[0] = P_evil → <code>signature.verify</code> should reject because hash mismatch.</p>
<p>So C might not work, verify computes hash of literalDataList[0] and compares with the sig&rsquo;s hashed digest. They won&rsquo;t match.</p>
<p>UNLESS the sig&rsquo;s hashed digest can be made to match by attacker controlling P_evil to be a near-collision of P_legit (cryptographic). Out of scope.</p>
<h2>Next iteration plan</h2>
<ol>
<li>Run a streaming PoC against 6.1.0 to confirm the canonical bug fires.</li>
<li>Run the same PoC structure against 6.3.0 to confirm patched.</li>
<li>Then mutate the PoC to use compressed-data wrapper with attacker-controlled inner literal, see if 6.3.0 still leaks in the linkStreams/result.data path.</li>
<li>If candidate A holds: write report. If not, pivot to OpenPGP.js v5 line and check if 5.11.3 fix is structurally identical (variants may exist on the v5 line that don&rsquo;t backport cleanly).</li>
</ol>
<hr><p style="color:var(--faint);font-size:12.5px;font-family:ui-monospace,Menlo,monospace">Source &middot; github.com/zionboggan/security-research-notebook &middot; methodology/openpgpjs-cve-2025-47934-rootcause.md</p>
</div></div></section>
<footer><div class="wrap row">
  <div class="links"><a href="/">Portfolio</a><a href="https://www.linkedin.com/in/zion-boggan">LinkedIn</a><a href="/security-research-notebook/">Notebook</a><a href="mailto:zionboggan0@gmail.com">Email</a></div>
  <div class="note">Coordinated-disclosure research. Findings appear here only after the program's disclosure window closed, the patch shipped, or a CVE was published. No customer data was accessed.</div>
</div></footer>
</body></html>

1	<!doctype html>
2	<html lang="en"><head><meta charset="utf-8">
3	<meta name="viewport" content="width=device-width, initial-scale=1.0">
4	<title>openpgpjs-v6 hunt, iteration 1 \| Zion Boggan</title>
5	<meta name="description" content="Root-cause walk-through of CVE-2025-47934 (signature-verification bypass via `msg.packets` mutation) and a variant search against the v6.2.0 compressi">
6	<link rel="icon" href="data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 32 32'%3E%3Crect width='32' height='32' rx='6' fill='%230c0e12'/%3E%3Ctext x='16' y='22' font-family='monospace' font-size='15' fill='%236cc7b8' text-anchor='middle'%3Ezb%3C/text%3E%3C/svg%3E">
7	<style>
8	:root{
9	--bg:#0c0e12; --bg2:#0f1217; --panel:#14181f; --panel2:#171c24;
10	--line:#222936; --line2:#2c3543;
11	--ink:#e8eaed; --soft:#c3cad4; --muted:#8a94a3; --faint:#5d6675;
12	--accent:#6cc7b8; --accent-dim:#274b47;
13	--maxw:1020px;
14	}
15	*{box-sizing:border-box;}
16	html{scroll-behavior:smooth;}
17	body{margin:0;background:var(--bg);color:var(--ink);
18	font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Helvetica,Arial,sans-serif;
19	font-size:16px;line-height:1.65;-webkit-font-smoothing:antialiased;}
20	.mono{font-family:ui-monospace,SFMono-Regular,"SF Mono",Menlo,Consolas,monospace;}
21	a{color:var(--accent);text-decoration:none;}
22	a:hover{color:#8fe0d2;}
23	.wrap{max-width:var(--maxw);margin:0 auto;padding:0 24px;}
24
25	/* nav */
26	nav{position:sticky;top:0;z-index:20;background:rgba(12,14,18,.82);
27	backdrop-filter:blur(10px);border-bottom:1px solid var(--line);}
28	nav .wrap{display:flex;align-items:center;justify-content:space-between;height:58px;}
29	nav .brand{font-weight:600;letter-spacing:.2px;}
30	nav .brand .dot{color:var(--accent);}
31	nav .links{display:flex;gap:26px;font-size:13.5px;}
32	nav .links a{color:var(--muted);}
33	nav .links a:hover{color:var(--ink);}
34	@media(max-width:680px){nav .links{display:none;}}
35
36	/* hero */
37	header.hero{padding:74px 0 54px;border-bottom:1px solid var(--line);
38	background:radial-gradient(900px 380px at 78% -10%, #11201e 0%, transparent 60%);}
39	.avail{font-size:12.5px;letter-spacing:1.5px;text-transform:uppercase;color:var(--accent);
40	display:flex;align-items:center;gap:9px;margin-bottom:20px;}
41	.avail .pulse{width:7px;height:7px;border-radius:50%;background:var(--accent);
42	box-shadow:0 0 0 0 rgba(108,199,184,.5);animation:p 2.4s infinite;}
43	@keyframes p{0%{box-shadow:0 0 0 0 rgba(108,199,184,.45)}70%{box-shadow:0 0 0 8px rgba(108,199,184,0)}100%{box-shadow:0 0 0 0 rgba(108,199,184,0)}}
44	h1{font-size:clamp(34px,6vw,52px);line-height:1.05;margin:0 0 8px;letter-spacing:-1px;font-weight:680;}
45	.hero .sub{font-size:clamp(16px,2.4vw,20px);color:var(--soft);margin:0 0 24px;font-weight:500;}
46	.hero .lede{max-width:660px;color:var(--soft);font-size:17px;margin:0 0 28px;}
47	.hero .lede b{color:var(--ink);font-weight:600;}
48	.cta{display:flex;flex-wrap:wrap;gap:12px;align-items:center;}
49	.btn{display:inline-flex;align-items:center;gap:8px;padding:10px 18px;border-radius:8px;
50	font-size:14.5px;font-weight:550;border:1px solid var(--line2);color:var(--ink);background:var(--panel);}
51	.btn:hover{border-color:var(--accent-dim);background:var(--panel2);color:var(--ink);}
52	.btn.primary{background:var(--accent);color:#06231f;border-color:var(--accent);font-weight:650;}
53	.btn.primary:hover{background:#8fe0d2;color:#06231f;}
54	.meta{margin-top:26px;display:flex;flex-wrap:wrap;gap:8px 22px;font-size:13px;color:var(--muted);}
55	.meta .mono{color:var(--faint);}
56
57	/* sections */
58	section{padding:64px 0;border-bottom:1px solid var(--line);}
59	.shead{display:flex;align-items:baseline;gap:14px;margin-bottom:30px;}
60	.shead .idx{font-size:13px;color:var(--accent);letter-spacing:1px;}
61	.shead h2{font-size:14px;letter-spacing:2px;text-transform:uppercase;color:var(--muted);margin:0;font-weight:600;}
62	.shead .rule{flex:1;height:1px;background:var(--line);}
63
64	/* flagship */
65	.flag{background:linear-gradient(180deg,var(--panel) 0%,var(--bg2) 100%);
66	border:1px solid var(--line2);border-radius:14px;overflow:hidden;}
67	.flag .top{padding:30px 32px 8px;}
68	.flag .tag{font-size:12px;letter-spacing:1.5px;text-transform:uppercase;color:var(--accent);margin-bottom:12px;}
69	.flag h3{font-size:27px;margin:0 0 6px;letter-spacing:-.4px;}
70	.flag h3 .v{font-size:13px;color:var(--muted);font-weight:500;margin-left:8px;letter-spacing:0;}
71	.flag .grid{display:grid;grid-template-columns:1.25fr 1fr;gap:30px;padding:14px 32px 30px;}
72	.flag p{color:var(--soft);margin:0 0 16px;}
73	.flag .stats{display:grid;grid-template-columns:1fr 1fr;gap:12px;margin-top:6px;}
74	.stat{background:var(--bg);border:1px solid var(--line);border-radius:9px;padding:13px 15px;}
75	.stat .n{font-size:21px;font-weight:680;color:var(--ink);}
76	.stat .k{font-size:12px;color:var(--muted);margin-top:2px;}
77	.spec{background:var(--bg);border:1px solid var(--line);border-radius:10px;padding:18px 18px;}
78	.spec .sk{font-size:11px;letter-spacing:1.5px;text-transform:uppercase;color:var(--faint);margin-bottom:10px;}
79	.spec ul{margin:0;padding:0;list-style:none;font-size:13.5px;}
80	.spec li{padding:6px 0;border-top:1px solid var(--line);color:var(--soft);display:flex;justify-content:space-between;gap:14px;}
81	.spec li:first-child{border-top:none;}
82	.spec li span{color:var(--muted);}
83	.flag .foot{padding:0 32px 28px;display:flex;gap:18px;flex-wrap:wrap;font-size:14px;}
84	@media(max-width:720px){.flag .grid{grid-template-columns:1fr;}}
85
86	/* lab cards */
87	.cards{display:grid;grid-template-columns:1fr 1fr;gap:20px;}
88	@media(max-width:680px){.cards{grid-template-columns:1fr;}}
89	.card{border:1px solid var(--line);border-radius:12px;overflow:hidden;background:var(--panel);
90	display:flex;flex-direction:column;transition:border-color .15s,transform .15s;}
91	.card:hover{border-color:var(--accent-dim);transform:translateY(-2px);}
92	.card .thumb{height:172px;overflow:hidden;border-bottom:1px solid var(--line);background:#fff;}
93	.card .thumb img{width:100%;height:100%;object-fit:cover;object-position:top left;display:block;}
94	.card .body{padding:18px 20px 20px;display:flex;flex-direction:column;flex:1;}
95	.card h3{margin:0 0 9px;font-size:17px;}
96	.card p{margin:0 0 14px;font-size:14px;color:var(--soft);flex:1;}
97	.tags{display:flex;flex-wrap:wrap;gap:6px;margin-bottom:14px;}
98	.tags span{font-size:11.5px;color:var(--muted);background:var(--bg);border:1px solid var(--line);
99	border-radius:5px;padding:3px 8px;}
100	.card .lnk{font-size:13.5px;font-family:ui-monospace,Menlo,monospace;}
101	.card .lnk::after{content:" →";}
102
103	/* research */
104	.rlede{color:var(--soft);max-width:680px;margin:-6px 0 26px;}
105	.research{display:flex;flex-direction:column;gap:0;border:1px solid var(--line);border-radius:12px;overflow:hidden;}
106	.ritem{display:grid;grid-template-columns:120px 1fr auto;gap:18px;align-items:center;
107	padding:18px 22px;border-top:1px solid var(--line);}
108	.ritem:first-child{border-top:none;}
109	.ritem:hover{background:var(--panel);}
110	.ritem .cls{font-size:11px;letter-spacing:.5px;text-transform:uppercase;color:var(--accent);}
111	.ritem h3{margin:0 0 3px;font-size:16px;}
112	.ritem p{margin:0;font-size:13.5px;color:var(--muted);}
113	.ritem .go{font-family:ui-monospace,Menlo,monospace;font-size:13px;white-space:nowrap;}
114	@media(max-width:680px){.ritem{grid-template-columns:1fr;gap:6px;}.ritem .go{margin-top:4px;}}
115	.progs{margin-top:22px;}
116	.progs .sk{font-size:11px;letter-spacing:1.5px;text-transform:uppercase;color:var(--faint);margin-bottom:11px;}
117	.progs .row{display:flex;flex-wrap:wrap;gap:7px;}
118	.progs .row span{font-size:12.5px;color:var(--soft);background:var(--panel);border:1px solid var(--line);
119	border-radius:6px;padding:4px 10px;}
120
121	/* credentials */
122	.cred{display:grid;grid-template-columns:1.1fr 1fr;gap:28px;}
123	@media(max-width:680px){.cred{grid-template-columns:1fr;}}
124	.cred p{color:var(--soft);margin:0 0 14px;}
125	.cred .role{font-size:14px;color:var(--muted);}
126	.cred .role b{color:var(--ink);font-weight:600;}
127	.certs{list-style:none;margin:0;padding:0;}
128	.certs li{padding:9px 0;border-top:1px solid var(--line);font-size:14px;color:var(--soft);
129	display:flex;gap:10px;align-items:baseline;}
130	.certs li:first-child{border-top:none;}
131	.certs li .c{color:var(--accent);font-family:ui-monospace,Menlo,monospace;font-size:12px;}
132
133	footer{padding:46px 0 64px;}
134	footer .row{display:flex;flex-wrap:wrap;justify-content:space-between;gap:18px;align-items:center;}
135	footer .links a{color:var(--soft);margin-right:20px;font-size:14px;}
136	footer .note{color:var(--faint);font-size:12.5px;max-width:520px;}
137
138	.detail-hero{padding:40px 0 26px;}
139	.back{display:inline-block;font-size:13px;color:var(--muted);margin-bottom:20px;font-family:ui-monospace,Menlo,monospace;}
140	.back:hover{color:var(--ink);}
141	.kicker{font-size:12px;letter-spacing:2px;text-transform:uppercase;color:var(--accent);margin-bottom:13px;font-family:ui-monospace,Menlo,monospace;}
142	.detail-hero h1{font-size:clamp(26px,4.6vw,38px);margin:0 0 12px;letter-spacing:-.5px;}
143	.detail-hero .tagline{font-size:clamp(15px,2vw,18px);color:var(--soft);max-width:800px;margin:0 0 16px;}
144	.facts{display:grid;grid-template-columns:repeat(auto-fit,minmax(150px,1fr));gap:12px;margin-top:22px;}
145	.content{padding:8px 0 0;max-width:840px;}
146	.content h1{font-size:24px;margin:40px 0 14px;letter-spacing:-.4px;color:var(--ink);}
147	.content h2{font-size:13px;letter-spacing:2px;text-transform:uppercase;color:var(--muted);margin:42px 0 15px;font-weight:600;border-top:1px solid var(--line);padding-top:28px;}
148	.content h3{font-size:17px;margin:28px 0 10px;color:var(--ink);font-weight:600;}
149	.content h4{font-size:14px;margin:22px 0 8px;color:var(--soft);font-weight:600;text-transform:uppercase;letter-spacing:.5px;}
150	.content p{color:var(--soft);margin:0 0 15px;}
151	.content ul,.content ol{color:var(--soft);margin:0 0 15px;padding-left:22px;}
152	.content li{margin:5px 0;}
153	.content strong{color:var(--ink);font-weight:600;}
154	.content a{color:var(--accent);}
155	.content code{font-family:ui-monospace,Menlo,monospace;font-size:12.8px;background:var(--panel2);border:1px solid var(--line);border-radius:4px;padding:1px 5px;color:var(--soft);}
156	.content pre{background:var(--bg2);border:1px solid var(--line2);border-radius:10px;padding:15px 18px;overflow-x:auto;margin:0 0 18px;}
157	.content pre code{background:none;border:none;padding:0;font-size:12.4px;color:var(--soft);line-height:1.6;white-space:pre;}
158	.content table{width:100%;border-collapse:collapse;margin:2px 0 20px;font-size:13.3px;}
159	.content th{text-align:left;color:var(--muted);font-weight:600;border-bottom:1px solid var(--line2);padding:9px 12px;font-size:11px;letter-spacing:.6px;text-transform:uppercase;}
160	.content td{color:var(--soft);border-bottom:1px solid var(--line);padding:9px 12px;vertical-align:top;}
161	.content blockquote{border-left:3px solid var(--accent-dim);margin:0 0 16px;padding:2px 0 2px 18px;color:var(--muted);}
162	.content hr{border:none;border-top:1px solid var(--line);margin:30px 0;}
163	/* notebook index */
164	.nbgroup{margin:40px 0 0;}
165	.nbgroup h2{font-size:13px;letter-spacing:2px;text-transform:uppercase;color:var(--accent);margin:0 0 4px;font-weight:600;}
166	.nbgroup .gd{color:var(--faint);font-size:13px;margin:0 0 14px;}
167	.nbtable{width:100%;border-collapse:collapse;font-size:14px;border:1px solid var(--line);border-radius:12px;overflow:hidden;}
168	.nbtable tr{border-top:1px solid var(--line);}
169	.nbtable tr:first-child{border-top:none;}
170	.nbtable tr:hover{background:var(--panel);}
171	.nbtable td{padding:14px 16px;vertical-align:top;}
172	.nbtable .cls{white-space:nowrap;color:var(--accent);font-family:ui-monospace,Menlo,monospace;font-size:11.5px;text-transform:uppercase;letter-spacing:.5px;width:150px;}
173	.nbtable .ti a{font-weight:600;color:var(--ink);}
174	.nbtable .ti a:hover{color:var(--accent);}
175	.nbtable .ol{color:var(--muted);font-size:13px;margin-top:3px;}
176	@media(max-width:680px){.nbtable .cls{width:auto;display:block;}}
177	</style>
178	<link rel="canonical" href="https://zionboggan.com/security-research-notebook/openpgpjs-cve-2025-47934-rootcause/">
179	<meta name="author" content="Zion Boggan">
180	<meta name="robots" content="index, follow, max-image-preview:large">
181	<meta property="og:type" content="article">
182	<meta property="og:site_name" content="Zion Boggan">
183	<meta property="og:title" content="openpgpjs-v6 hunt - iteration 1 \| Zion Boggan">
184	<meta property="og:description" content="Root-cause walk-through of CVE-2025-47934 (signature-verification bypass via `msg.packets` mutation) and a variant search against the v6.2.0 compressi">
185	<meta property="og:url" content="https://zionboggan.com/security-research-notebook/openpgpjs-cve-2025-47934-rootcause/">
186	<meta property="og:image" content="https://zionboggan.com/assets/og-default.png">
187	<meta name="twitter:card" content="summary_large_image">
188	<meta name="twitter:title" content="openpgpjs-v6 hunt - iteration 1 \| Zion Boggan">
189	<meta name="twitter:description" content="Root-cause walk-through of CVE-2025-47934 (signature-verification bypass via `msg.packets` mutation) and a variant search against the v6.2.0 compressi">
190	<meta name="twitter:image" content="https://zionboggan.com/assets/og-default.png">
191	<script type="application/ld+json">{"@context":"https://schema.org","@type":"TechArticle","headline":"openpgpjs-v6 hunt - iteration 1","description":"Root-cause walk-through of CVE-2025-47934 (signature-verification bypass via `msg.packets` mutation) and a variant search against the v6.2.0 compressi","url":"https://zionboggan.com/security-research-notebook/openpgpjs-cve-2025-47934-rootcause/","image":"https://zionboggan.com/assets/og-default.png","author":{"@type":"Person","name":"Zion Boggan","url":"https://zionboggan.com"},"publisher":{"@type":"Person","name":"Zion Boggan"}}</script>
192	</head><body>
193	<nav><div class="wrap">
194	<a class="brand mono" href="/" style="color:var(--ink)">zion_boggan<span class="dot">.</span></a>
195	<span class="links"><a href="/#oversight">Oversight</a><a href="/#labs">Labs</a><a href="/#research">Research</a><a href="/security-research-notebook/">Notebook</a><a href="/">Home</a></span>
196	</div></nav>
197	<header class="hero detail-hero"><div class="wrap">
198	<a class="back" href="/security-research-notebook/">← Research notebook</a>
199	<div class="kicker">Methodology</div>
200	<h1>openpgpjs-v6 hunt, iteration 1</h1>
201	</div></header>
202	<section><div class="wrap"><div class="content">
203	<p>Time: 2026-04-17 ~07:10 UTC
204	Target: openpgpjs (YWH program: openpgp-js-bug-bounty-program, sponsored by Sovereign Tech Agency, €10k critical)</p>
205	<h2>Confirmed in scope</h2>
206	<ul>
207	<li>YWH program URL: https://yeswehack.com/programs/openpgp-js-bug-bounty-program</li>
208	<li>Acknowledged in GHSA-8qff-qr5q-5pr8 (CVE-2025-47934).</li>
209	</ul>
210	<h2>Patched bug, CVE-2025-47934</h2>
211	<ul>
212	<li>v6.1.0 → v6.1.1 patched in <code>src/message.js</code> <code>verify()</code> (lines 591-606).</li>
213	<li>Root cause: <code>verify()</code> mutated <code>msg.packets</code> by <code>push(...)</code>-ing packets drained from the message stream. The <code>literalDataList</code> was computed BEFORE the mutation; signatures were verified against <code>literalDataList[0]</code> (the original/legit literal data). After verify returned, <code>openpgp.verify</code> wrapper called <code>message.getLiteralData()</code> which uses <code>msg.packets.findPacket(literalData)</code>, which now returns the FIRST literal data, but the streamed (post-mutation) literal data ends up in <code>result.data</code> via the linked stream.</li>
214	<li>Fix: use a local <code>packets</code> variable that is <code>packets.concat(streamed)</code> instead of mutating <code>msg.packets</code>.</li>
215	</ul>
216	<h2>Variant candidates to chase next iteration</h2>
217	<h3>Candidate A, Compression Streams refactor (commit fccbc3ec, in 6.2.0+)</h3>
218	<p>Big rewrite of <code>compressed_data.js</code> for native Compression Streams API. The new flow:
219	- Decompress: pulls <code>this.compressed</code> through a web stream, then ArrayStream-back if not originally a stream.
220	- The decompressed bytes are then handed to <code>PacketList.fromBinary</code>/parser as a stream.</p>
221	<p>Risk: nested compressed messages with attacker-shaped inner packets may bypass the local-packets fix because <code>unwrapCompressed()</code> (line 656) returns <code>new Message(compressed[0].packets)</code>, the inner packets list. Subsequent verify on inner packets uses the same <code>packets.concat(stream)</code> pattern, but <code>getLiteralData()</code> (line 318) calls <code>unwrapCompressed()</code> AGAIN, so on the OUTER message it traverses to inner.packets which may now have been further mutated by stream parsing in another async path.</p>
222	<h3>Candidate B, <code>decrypt</code> flow re-verification</h3>
223	<p>Per advisory, <code>decrypt</code> with <code>verificationKeys</code> is also affected. The fix path goes through <code>verify()</code> so should be covered, BUT: <code>decrypt</code> returns a NEW <code>Message(symEncryptedPacket.packets)</code> (line 148) and then sets <code>symEncryptedPacket.packets = new PacketList()</code>. If the inner packets list still has a live <code>.stream</code> reference, subsequent verify→getLiteralData on the new Message has the same window. Need to check whether the inner stream gets a <code>concat</code> or stays mutated.</p>
224	<h3>Candidate C, <code>appendSignature</code> (line 669)</h3>
225	<pre><code class="language-js">async appendSignature(detachedSignature, config) {
226	await this.packets.read(
227	util.isUint8Array(detachedSignature) ? detachedSignature : (await unarmor(detachedSignature)).data,
228	allowedDetachedSignaturePackets,
229	config
230	);
231	}
232	</code></pre>
233	<p>This calls <code>this.packets.read(...)</code>, does <code>read</code> mutate? <code>PacketList.read</code> typically appends to <code>this</code>. So <code>appendSignature</code> MUTATES <code>msg.packets</code>. If a caller does:
234	1. <code>msg = readMessage(M_evil)</code> → msg.packets has [literal(P_evil)]
235	2. <code>msg.appendSignature(legitSigOverPlegit)</code> → msg.packets = [literal(P_evil), sig(legit over P_legit)]
236	3. <code>verify(msg, key)</code>, sig is genuine over P_legit, but literalDataList[0] = P_evil → <code>signature.verify</code> should reject because hash mismatch.</p>
237	<p>So C might not work, verify computes hash of literalDataList[0] and compares with the sig’s hashed digest. They won’t match.</p>
238	<p>UNLESS the sig’s hashed digest can be made to match by attacker controlling P_evil to be a near-collision of P_legit (cryptographic). Out of scope.</p>
239	<h2>Next iteration plan</h2>
240	<ol>
241	<li>Run a streaming PoC against 6.1.0 to confirm the canonical bug fires.</li>
242	<li>Run the same PoC structure against 6.3.0 to confirm patched.</li>
243	<li>Then mutate the PoC to use compressed-data wrapper with attacker-controlled inner literal, see if 6.3.0 still leaks in the linkStreams/result.data path.</li>
244	<li>If candidate A holds: write report. If not, pivot to OpenPGP.js v5 line and check if 5.11.3 fix is structurally identical (variants may exist on the v5 line that don’t backport cleanly).</li>
245	</ol>
246	<hr><p style="color:var(--faint);font-size:12.5px;font-family:ui-monospace,Menlo,monospace">Source · github.com/zionboggan/security-research-notebook · methodology/openpgpjs-cve-2025-47934-rootcause.md</p>
247	</div></div></section>
248	<footer><div class="wrap row">
249	<div class="links"><a href="/">Portfolio</a><a href="https://www.linkedin.com/in/zion-boggan">LinkedIn</a><a href="/security-research-notebook/">Notebook</a><a href="mailto:zionboggan0@gmail.com">Email</a></div>
250	<div class="note">Coordinated-disclosure research. Findings appear here only after the program's disclosure window closed, the patch shipped, or a CVE was published. No customer data was accessed.</div>
251	</div></footer>
252	</body></html>