summaryrefslogtreecommitdiffstats
path: root/g10/pubkey-enc.c
diff options
context:
space:
mode:
authorAndrey Jivsov <openpgp@brainhub.org>2011-01-06 02:33:17 +0100
committerAndrey Jivsov <openpgp@brainhub.org>2011-01-06 02:33:17 +0100
commite0972d3d962548972872d889b362560e499340d1 (patch)
tree26c597a42968ecef26bb7c36b9850b26cb17ebf5 /g10/pubkey-enc.c
parentMake sure that --disable-optimization works in its attempt to replace -Ox wit... (diff)
downloadgnupg2-e0972d3d962548972872d889b362560e499340d1.tar.xz
gnupg2-e0972d3d962548972872d889b362560e499340d1.zip
Integrating http://code.google.com/p/gnupg-ecc/source/detail?r=15 .
The following works: gpg2 --gen-key (ECC) gpg2 --list-keys gpg2 --list-packets ~/.gnupg/pubring.gpg gpg2 --list-packets <private key from http://sites.google.com/site/brainhub/pgpecckeys> ECDH doesn't work yet as the code must be re-written to adjust for gpg-agent refactoring.
Diffstat (limited to 'g10/pubkey-enc.c')
-rw-r--r--g10/pubkey-enc.c62
1 files changed, 40 insertions, 22 deletions
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index 312b591e9..a5224e20a 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -145,6 +145,8 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
gcry_sexp_t s_data;
char *desc;
char *keygrip;
+ byte fp[MAX_FINGERPRINT_LEN];
+ size_t fpn;
/* Get the keygrip. */
err = hexkeygrip_from_pk (sk, &keygrip);
@@ -174,9 +176,12 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
if (err)
goto leave;
+ fingerprint_from_pk( sk, fp, &fpn );
+ assert( fpn == 20 );
+
/* Decrypt. */
desc = gpg_format_keydesc (sk, 0, 1);
- err = agent_pkdecrypt (NULL, keygrip, desc, s_data, &frame, &nframe);
+ err = agent_pkdecrypt (NULL, keygrip, desc, s_data, fp, &frame, &nframe);
xfree (desc);
gcry_sexp_release (s_data);
if (err)
@@ -202,28 +207,41 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
if (DBG_CIPHER)
log_printhex ("DEK frame:", frame, nframe);
n = 0;
- if (!card)
- {
- if (n + 7 > nframe)
- {
- err = gpg_error (G10ERR_WRONG_SECKEY);
- goto leave;
- }
- if (frame[n] == 1 && frame[nframe - 1] == 2)
- {
- log_info (_("old encoding of the DEK is not supported\n"));
- err = gpg_error (G10ERR_CIPHER_ALGO);
- goto leave;
- }
- if (frame[n] != 2) /* Something went wrong. */
- {
- err = gpg_error (G10ERR_WRONG_SECKEY);
- goto leave;
- }
- for (n++; n < nframe && frame[n]; n++) /* Skip the random bytes. */
- ;
- n++; /* Skip the zero byte. */
+
+ if( sk->pubkey_algo != PUBKEY_ALGO_ECDH ) {
+ if (!card)
+ {
+ if (n + 7 > nframe)
+ {
+ err = gpg_error (G10ERR_WRONG_SECKEY);
+ goto leave;
+ }
+ if (frame[n] == 1 && frame[nframe - 1] == 2)
+ {
+ log_info (_("old encoding of the DEK is not supported\n"));
+ err = gpg_error (G10ERR_CIPHER_ALGO);
+ goto leave;
+ }
+ if (frame[n] != 2) /* Something went wrong. */
+ {
+ err = gpg_error (G10ERR_WRONG_SECKEY);
+ goto leave;
+ }
+ for (n++; n < nframe && frame[n]; n++) /* Skip the random bytes. */
+ ;
+ n++; /* Skip the zero byte. */
+ }
+ }
+ else {
+ /* Allow double padding for the benefit of DEK size concealment.
+ * Higher than this is wasteful.
+ */
+ if( frame[nframe-1] > 8*2 || nframe <= 8 ) {
+ err = G10ERR_WRONG_SECKEY; goto leave;
}
+ nframe -= frame[nframe-1]; /* remove padding */
+ assert( n==0 ); /* used just bellow */
+ }
if (n + 4 > nframe)
{