diff options
Diffstat (limited to '')
| -rw-r--r-- | g10/ChangeLog | 14 | ||||
| -rw-r--r-- | g10/keydb.h | 1 | ||||
| -rw-r--r-- | g10/passphrase.c | 29 | ||||
| -rw-r--r-- | g10/pubkey-enc.c | 19 |
4 files changed, 43 insertions, 20 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 7db892c3a..4187c1a75 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,17 @@ +2006-01-17 David Shaw <dshaw@jabberwocky.com> + + * keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a + passphrase as if it was used (move from next_pw to last_pw). + + * pubkey-enc.c (get_session_key): Use it here to handle the case + where a passphrase happens to be correct for a secret key, but yet + that key isn't the anonymous recipient (i.e. the secret key could + be decrypted, but not the session key). This also handles the + case where a secret key is located on a card and a secret key with + no passphrase. Note this does not fix bug 594 (anonymous + recipients on smartcard do not work) - it just prevents the + anonymous search from stopping when the card is encountered. + 2006-01-07 David Shaw <dshaw@jabberwocky.com> * keyserver.c (keyserver_refresh): Fix problem when more than one diff --git a/g10/keydb.h b/g10/keydb.h index add6f02da..bad6a2e9c 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -211,6 +211,7 @@ DEK *passphrase_to_dek( u32 *keyid, int pubkey_algo, const char *tryagain_text, int *canceled); void set_next_passphrase( const char *s ); char *get_last_passphrase(void); +void next_to_last_passphrase(void); /*-- getkey.c --*/ int classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc); diff --git a/g10/passphrase.c b/g10/passphrase.c index d0a19d25d..944c52325 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -55,24 +55,6 @@ #include "assuan.h" #endif /*ENABLE_AGENT_SUPPORT*/ - -#define buftou32( p ) ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \ - (*((byte*)(p)+2) << 8) | (*((byte*)(p)+3))) -#define u32tobuf( p, a ) do { \ - ((byte*)p)[0] = (byte)((a) >> 24); \ - ((byte*)p)[1] = (byte)((a) >> 16); \ - ((byte*)p)[2] = (byte)((a) >> 8); \ - ((byte*)p)[3] = (byte)((a) ); \ - } while(0) - -#define digitp(p) (*(p) >= '0' && *(p) <= '9') -#define hexdigitp(a) (digitp (a) \ - || (*(a) >= 'A' && *(a) <= 'F') \ - || (*(a) >= 'a' && *(a) <= 'f')) -#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \ - *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10)) -#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1)) - static char *fd_passwd = NULL; static char *next_pw = NULL; static char *last_pw = NULL; @@ -115,6 +97,17 @@ get_last_passphrase() return p; } +/* As if we had used the passphrase - make it the last_pw. */ +void +next_to_last_passphrase(void) +{ + if(next_pw) + { + last_pw=next_pw; + next_pw=NULL; + } +} + /* Here's an interesting question: since this passphrase was passed in on the command line, is there really any point in using secure memory for it? I'm going with 'yes', since it doesn't hurt, and diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index ad2bea64d..cffa79c62 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -115,11 +115,26 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek ) only once */ if( !rc ) + { rc = get_it( k, dek, sk, keyid ); - if( !rc ) { + /* Successfully checked the secret key (either it was + a card, had no passphrase, or had the right + passphrase) but couldn't decrypt the session key, + so thus that key is not the anonymous recipient. + Move the next passphrase into last for the next + round. We only do this if the secret key was + successfully checked as in the normal case, + check_secret_key handles this for us via + passphrase_to_dek */ + if(rc) + next_to_last_passphrase(); + } + + if( !rc ) + { log_info(_("okay, we are the anonymous recipient.\n") ); break; - } + } } enum_secret_keys( &enum_context, NULL, 0, 0 ); /* free context */ } |