diff options
| author | Werner Koch <wk@gnupg.org> | 2020-07-07 12:58:29 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2020-07-07 12:58:29 +0200 |
| commit | 6864bba78e76a1ff72aec140ae9f4e752454c463 (patch) | |
| tree | 237ee31079d3ce0fee59ae6bc3bce1b67738dda0 | |
| parent | sm: Exclude rsaPSS from de-vs compliance mode. (diff) | |
| download | gnupg2-6864bba78e76a1ff72aec140ae9f4e752454c463.tar.xz gnupg2-6864bba78e76a1ff72aec140ae9f4e752454c463.zip | |
gpg: Fix flaw in symmetric algorithm selection in mixed mode.
* g10/encrypt.c (setup_symkey): Use default_cipher_algo function
instead of the fallback s2k_cipher_algo. Fix error code.
(encrypt_simple): Use setup_symkey.
--
Aside of removing code duplication this patch fixes the flaw that the
S2K cipher algorithm was used when mixing public key and symmetric
encryption or signatures with symmetric encrypion. The
default_algorithm function should be used here so that the command
line option --cipher-algo and --personal-cipher-preferences have an
effect.
Signed-off-by: Werner Koch <wk@gnupg.org>
| -rw-r--r-- | g10/encrypt.c | 24 | ||||
| -rw-r--r-- | g10/main.h | 2 | ||||
| -rw-r--r-- | g10/passphrase.c | 2 |
3 files changed, 10 insertions, 18 deletions
diff --git a/g10/encrypt.c b/g10/encrypt.c index 39626f1e2..40169e1e5 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -319,19 +319,11 @@ encrypt_simple (const char *filename, int mode, int use_seskey) cfx.dek = NULL; if ( mode ) { - int canceled; aead_algo_t aead_algo; - s2k = xmalloc_clear( sizeof *s2k ); - s2k->mode = opt.s2k_mode; - s2k->hash_algo = S2K_DIGEST_ALGO; - cfx.dek = passphrase_to_dek (default_cipher_algo (), s2k, 1, 0, - NULL, &canceled); - if ( !cfx.dek || !cfx.dek->keylen ) + rc = setup_symkey (&s2k, &cfx.dek); + if (rc) { - rc = gpg_error (canceled? GPG_ERR_CANCELED:GPG_ERR_INV_PASSPHRASE); - xfree (cfx.dek); - xfree (s2k); iobuf_close (inp); log_error (_("error creating passphrase: %s\n"), gpg_strerror (rc)); release_progress_context (pfx); @@ -534,22 +526,22 @@ encrypt_simple (const char *filename, int mode, int use_seskey) } -int -setup_symkey (STRING2KEY **symkey_s2k,DEK **symkey_dek) +gpg_error_t +setup_symkey (STRING2KEY **symkey_s2k, DEK **symkey_dek) { int canceled; - *symkey_s2k=xmalloc_clear(sizeof(STRING2KEY)); + *symkey_s2k = xmalloc_clear (sizeof **symkey_s2k); (*symkey_s2k)->mode = opt.s2k_mode; (*symkey_s2k)->hash_algo = S2K_DIGEST_ALGO; - *symkey_dek = passphrase_to_dek (opt.s2k_cipher_algo, + *symkey_dek = passphrase_to_dek (default_cipher_algo (), *symkey_s2k, 1, 0, NULL, &canceled); - if(!*symkey_dek || !(*symkey_dek)->keylen) + if (!*symkey_dek || !(*symkey_dek)->keylen) { xfree(*symkey_dek); xfree(*symkey_s2k); - return gpg_error (canceled?GPG_ERR_CANCELED:GPG_ERR_BAD_PASSPHRASE); + return gpg_error (canceled?GPG_ERR_CANCELED:GPG_ERR_INV_PASSPHRASE); } return 0; diff --git a/g10/main.h b/g10/main.h index dedd60e73..f7f6d0dd1 100644 --- a/g10/main.h +++ b/g10/main.h @@ -234,7 +234,7 @@ int cpr_get_answer_okay_cancel (const char *keyword, void display_online_help( const char *keyword ); /*-- encode.c --*/ -int setup_symkey (STRING2KEY **symkey_s2k,DEK **symkey_dek); +gpg_error_t setup_symkey (STRING2KEY **symkey_s2k,DEK **symkey_dek); gpg_error_t encrypt_seskey (DEK *dek, aead_algo_t aead_algo, DEK **r_seskey, void **r_enckey, size_t *r_enckeylen); aead_algo_t use_aead (pk_list_t pk_list, int algo); diff --git a/g10/passphrase.c b/g10/passphrase.c index 54a183e54..7c2e34cc9 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -268,7 +268,7 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, *canceled = 0; if (opt.no_symkey_cache) - nocache = 1; /* Force no symmtric key caching. */ + nocache = 1; /* Force no symmetric key caching. */ if ( !s2k ) { |