diff options
| author | Timo Schulz <twoaday@freakmail.de> | 2003-08-18 23:25:03 +0200 |
|---|---|---|
| committer | Timo Schulz <twoaday@freakmail.de> | 2003-08-18 23:25:03 +0200 |
| commit | 73b5da4c7da14e40671e09842ea4cb6e8382fab4 (patch) | |
| tree | 97e6daf2f4c18596cae968f1f9a7ef83da79abeb /g10 | |
| parent | * scdaemon.c, scdaemon.h: New option --disable-opensc. (diff) | |
| download | gnupg2-73b5da4c7da14e40671e09842ea4cb6e8382fab4.tar.xz gnupg2-73b5da4c7da14e40671e09842ea4cb6e8382fab4.zip | |
2003-08-18 Timo Schulz <twoaday@freakmail.de>
* encode.c (encode_sesskey): Checked the code and removed
the warning since all compatibility checks with PGP succeeded.
* mainproc.c (symkey_decrypt_sesskey): Better check for the
algorithm and check the return values of some functions.
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/ChangeLog | 7 | ||||
| -rw-r--r-- | g10/encode.c | 51 | ||||
| -rw-r--r-- | g10/mainproc.c | 59 |
3 files changed, 66 insertions, 51 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 33d38cf13..2810ada23 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,10 @@ +2003-08-18 Timo Schulz <twoaday@freakmail.de> + + * encode.c (encode_sesskey): Checked the code and removed + the warning since all compatibility checks with PGP succeeded. + * mainproc.c (symkey_decrypt_sesskey): Better check for the + algorithm and check the return values of some functions. + 2003-08-07 Werner Koch <wk@gnupg.org> * pkglue.c (pk_sign): Fix last change. diff --git a/g10/encode.c b/g10/encode.c index ba40c0aef..59daa7474 100644 --- a/g10/encode.c +++ b/g10/encode.c @@ -78,34 +78,37 @@ encode_store( const char *filename ) } static void -encode_sesskey( DEK *dek, DEK **ret_dek, byte *enckey ) +encode_sesskey (DEK * dek, DEK ** ret_dek, byte * enckey) { -#warning This functions needs a review. - CIPHER_HANDLE hd; - DEK *c; - byte buf[33]; + CIPHER_HANDLE hd; + DEK * c; + byte buf[33]; - assert ( dek->keylen < 32 ); + assert (dek->keylen < 32); - c = xcalloc (1, sizeof *c ); - c->keylen = dek->keylen; - c->algo = dek->algo; - make_session_key( c ); - /*log_hexdump( "thekey", c->key, c->keylen );*/ - - buf[0] = c->algo; - memcpy( buf + 1, c->key, c->keylen ); + c = xcalloc (1, sizeof *c); + c->keylen = dek->keylen; + c->algo = dek->algo; + make_session_key (c); + /*log_hexdump ("thekey", c->key, c->keylen);*/ + + /* the encrypted session key is prefixed with a one-octet algorithm id */ + buf[0] = c->algo; + memcpy (buf + 1, c->key, c->keylen); - - gcry_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1 ); - gcry_cipher_setkey( hd, dek->key, dek->keylen ); - gcry_cipher_setiv( hd, NULL, 0 ); - gcry_cipher_encrypt( hd, buf, c->keylen + 1, NULL, 0 ); - gcry_cipher_close( hd ); - - memcpy( enckey, buf, c->keylen + 1 ); - wipememory( buf, sizeof buf ); /* burn key */ - *ret_dek = c; + /* due to the fact that we use only checked values, consider each + failure as fatal. */ + if (gcry_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1)) + BUG(); + if (gcry_cipher_setkey (hd, dek->key, dek->keylen)) + BUG(); + gcry_cipher_setiv (hd, NULL, 0); + gcry_cipher_encrypt (hd, buf, c->keylen + 1, NULL, 0); + gcry_cipher_close (hd); + + memcpy (enckey, buf, c->keylen + 1); + wipememory (buf, sizeof buf); /* burn key */ + *ret_dek = c; } /* We try very hard to use a MDC */ diff --git a/g10/mainproc.c b/g10/mainproc.c index 969c65066..3689525ef 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -239,37 +239,42 @@ add_signature( CTX c, PACKET *pkt ) } static void -symkey_decrypt_sesskey( DEK *dek, byte *sesskey, size_t slen ) +symkey_decrypt_sesskey (DEK * dek, byte *sesskey, size_t slen) { - CIPHER_HANDLE hd; - int n; + CIPHER_HANDLE hd; + int n; - if ( slen < 17 || slen > 33 ) { - log_error ( _("weird size for an encrypted session key (%d)\n"), - (int)slen); - return; + if (slen < 17 || slen > 33) + { + log_error ( _("weird size for an encrypted session key (%d)\n"), + (int)slen); + return; } - gcry_cipher_open ( &hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1 ); - gcry_cipher_setkey( hd, dek->key, dek->keylen ); - gcry_cipher_setiv( hd, NULL, 0 ); - gcry_cipher_decrypt( hd, sesskey, slen, NULL, 0); - gcry_cipher_close( hd ); - /* check first byte (the cipher algo) */ - if ( sesskey[0] > 10 ) { - log_error ( _("invalid symkey algorithm detected (%d)\n"), - sesskey[0] ); - return; + /* we checked the DEK values before, so consider all errors as fatal */ + if (gcry_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1)) + BUG(); + if (gcry_cipher_setkey (hd, dek->key, dek->keylen)) + BUG(); + gcry_cipher_setiv (hd, NULL, 0); + gcry_cipher_decrypt (hd, sesskey, slen, NULL, 0); + gcry_cipher_close (hd); + /* check first byte (the cipher algo) */ + if (openpgp_cipher_test_algo (sesskey[0])) + { + log_error (_("invalid symkey algorithm detected (%d)\n"), + sesskey[0]); + return; } - n = gcry_cipher_get_algo_keylen (sesskey[0]); - if (n > DIM(dek->key)) - BUG (); - /* now we replace the dek components with the real session key - to decrypt the contents of the sequencing packet. */ - dek->keylen = gcry_cipher_get_algo_keylen (sesskey[0]); - dek->algo = sesskey[0]; - memcpy (dek->key, sesskey + 1, dek->keylen); - /*log_hexdump( "thekey", dek->key, dek->keylen );*/ -} + n = gcry_cipher_get_algo_keylen (sesskey[0]); + if (n > DIM(dek->key)) + BUG (); + /* now we replace the dek components with the real session key + to decrypt the contents of the sequencing packet. */ + dek->keylen = n; + dek->algo = sesskey[0]; + memcpy (dek->key, sesskey + 1, dek->keylen); + /*log_hexdump ("thekey", dek->key, dek->keylen);*/ +} static void proc_symkey_enc( CTX c, PACKET *pkt ) |