summaryrefslogtreecommitdiffstats
path: root/agent
diff options
context:
space:
mode:
Diffstat (limited to 'agent')
-rw-r--r--agent/agent.h9
-rw-r--r--agent/command-ssh.c2
-rw-r--r--agent/command.c8
-rw-r--r--agent/cvt-openpgp.c2
-rw-r--r--agent/findkey.c245
-rw-r--r--agent/genkey.c2
-rw-r--r--agent/gpg-agent.c16
-rw-r--r--agent/protect-tool.c6
-rw-r--r--agent/protect.c136
-rw-r--r--agent/t-protect.c2
10 files changed, 152 insertions, 276 deletions
diff --git a/agent/agent.h b/agent/agent.h
index 303f92e50..4e7452eee 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -141,13 +141,6 @@ struct
passphrase change. */
int enable_passphrase_history;
- /* If set the extended key format is used for new keys. Note that
- * this may have the value 2 in which case
- * --disable-extended-key-format won't have any effect and thus
- * effectivley locking it. This is required to support existing
- * profiles which lock the use of --enable-extended-key-format. */
- int enable_extended_key_format;
-
int running_detached; /* We are running detached from the tty. */
/* If this global option is true, the passphrase cache is ignored
@@ -566,7 +559,7 @@ unsigned char get_standard_s2k_count_rfc4880 (void);
unsigned long get_standard_s2k_time (void);
int agent_protect (const unsigned char *plainkey, const char *passphrase,
unsigned char **result, size_t *resultlen,
- unsigned long s2k_count, int use_ocb);
+ unsigned long s2k_count);
gpg_error_t agent_unprotect (ctrl_t ctrl,
const unsigned char *protectedkey, const char *passphrase,
gnupg_isotime_t protected_at,
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index 7621e7c2f..b41177be6 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -3142,7 +3142,7 @@ ssh_key_to_protected_buffer (gcry_sexp_t key, const char *passphrase,
buffer_new, buffer_new_n);
if (*passphrase)
- err = agent_protect (buffer_new, passphrase, buffer, buffer_n, 0, -1);
+ err = agent_protect (buffer_new, passphrase, buffer, buffer_n, 0);
else
{
/* The key derivation function does not support zero length
diff --git a/agent/command.c b/agent/command.c
index c113caba7..2e996d096 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -1218,12 +1218,6 @@ cmd_keyattr (assuan_context_t ctx, char *line)
if (ctrl->restricted)
return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
- if (!opt.enable_extended_key_format)
- {
- err = gpg_error (GPG_ERR_NOT_SUPPORTED);
- goto leave;
- }
-
opt_delete = has_option (line, "--delete");
line = skip_options (line);
@@ -2910,7 +2904,7 @@ cmd_import_key (assuan_context_t ctx, char *line)
if (passphrase)
{
err = agent_protect (key, passphrase, &finalkey, &finalkeylen,
- ctrl->s2k_count, -1);
+ ctrl->s2k_count);
if (!err)
err = agent_write_private_key (grip, finalkey, finalkeylen, force,
NULL, NULL, opt_timestamp);
diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c
index d170fdedc..9bb815ff8 100644
--- a/agent/cvt-openpgp.c
+++ b/agent/cvt-openpgp.c
@@ -1146,7 +1146,7 @@ convert_from_openpgp_native (ctrl_t ctrl,
if (!agent_protect (*r_key, passphrase,
&protectedkey, &protectedkeylen,
- ctrl->s2k_count, -1))
+ ctrl->s2k_count))
agent_write_private_key (grip, protectedkey, protectedkeylen, 1,
NULL, NULL, 0);
xfree (protectedkey);
diff --git a/agent/findkey.c b/agent/findkey.c
index 060cb786d..098d5224f 100644
--- a/agent/findkey.c
+++ b/agent/findkey.c
@@ -2,6 +2,7 @@
* Copyright (C) 2001, 2002, 2003, 2004, 2005, 2007,
* 2010, 2011 Free Software Foundation, Inc.
* Copyright (C) 2014, 2019 Werner Koch
+ * Copyright (C) 2023 g10 Code GmbH
*
* This file is part of GnuPG.
*
@@ -79,19 +80,114 @@ linefeed_to_percent0A (const char *string)
}
-/* Note: Ownership of FNAME and FP are moved to this function. */
-static gpg_error_t
-write_extended_private_key (char *fname, estream_t fp, int update, int newkey,
- const void *buf, size_t len,
- const char *serialno, const char *keyref,
- time_t timestamp)
+/* Write the S-expression formatted key (BUFFER,LENGTH) to our key
+ * storage. With FORCE passed as true an existing key with the given
+ * GRIP will get overwritten. If SERIALNO and KEYREF are given a
+ * Token line is added to the key if the extended format is used. If
+ * TIMESTAMP is not zero and the key doies not yet exists it will be
+ * recorded as creation date. */
+int
+agent_write_private_key (const unsigned char *grip,
+ const void *buffer, size_t length, int force,
+ const char *serialno, const char *keyref,
+ time_t timestamp)
{
gpg_error_t err;
+ char *fname;
+ estream_t fp;
+ char hexgrip[40+4+1];
+ int update, newkey;
nvc_t pk = NULL;
gcry_sexp_t key = NULL;
int remove = 0;
char *token = NULL;
+ bin2hex (grip, 20, hexgrip);
+ strcpy (hexgrip+40, ".key");
+
+ fname = make_filename (gnupg_homedir (), GNUPG_PRIVATE_KEYS_DIR,
+ hexgrip, NULL);
+
+ /* FIXME: Write to a temp file first so that write failures during
+ key updates won't lead to a key loss. */
+
+ if (!force && !gnupg_access (fname, F_OK))
+ {
+ log_error ("secret key file '%s' already exists\n", fname);
+ xfree (fname);
+ return gpg_error (GPG_ERR_EEXIST);
+ }
+
+ fp = es_fopen (fname, force? "rb+,mode=-rw" : "wbx,mode=-rw");
+ if (!fp)
+ {
+ gpg_error_t tmperr = gpg_error_from_syserror ();
+
+ if (force && gpg_err_code (tmperr) == GPG_ERR_ENOENT)
+ {
+ fp = es_fopen (fname, "wbx,mode=-rw");
+ if (!fp)
+ tmperr = gpg_error_from_syserror ();
+ }
+ if (!fp)
+ {
+ log_error ("can't create '%s': %s\n", fname, gpg_strerror (tmperr));
+ xfree (fname);
+ return tmperr;
+ }
+ update = 0;
+ newkey = 1;
+ }
+ else if (force)
+ {
+ gpg_error_t rc;
+ char first;
+
+ /* See if an existing key is in extended format. */
+ if (es_fread (&first, 1, 1, fp) != 1)
+ {
+ rc = gpg_error_from_syserror ();
+ log_error ("error reading first byte from '%s': %s\n",
+ fname, strerror (errno));
+ xfree (fname);
+ es_fclose (fp);
+ return rc;
+ }
+
+ rc = es_fseek (fp, 0, SEEK_SET);
+ if (rc)
+ {
+ log_error ("error seeking in '%s': %s\n", fname, strerror (errno));
+ xfree (fname);
+ es_fclose (fp);
+ return rc;
+ }
+
+ if (first == '(')
+ {
+ /* Key is still in the old format - force it into extended
+ * format. We do not request an update here because an
+ * existing key is not yet in extended key format and no
+ * extended infos are yet available. */
+ update = 0;
+ newkey = 0;
+ }
+ else
+ {
+ /* Key is already in the extended format. */
+ update = 1;
+ newkey = 0;
+ }
+ }
+ else
+ {
+ /* The key file did not exist: we assume this is a new key and
+ * write the Created: entry. */
+ update = 0;
+ newkey = 1;
+ }
+
+
if (update)
{
int line;
@@ -115,10 +211,11 @@ write_extended_private_key (char *fname, estream_t fp, int update, int newkey,
}
es_clearerr (fp);
- err = gcry_sexp_sscan (&key, NULL, buf, len);
+ /* Turn (BUFFER,LENGTH) into a gcrypt s-expression and set it into
+ * our name value container. */
+ err = gcry_sexp_sscan (&key, NULL, buffer, length);
if (err)
goto leave;
-
err = nvc_set_private_key (pk, key);
if (err)
goto leave;
@@ -153,7 +250,7 @@ write_extended_private_key (char *fname, estream_t fp, int update, int newkey,
}
}
- /* If a timestamp has been supplied and the key is new write a
+ /* If a timestamp has been supplied and the key is new, write a
* creation timestamp. (We douple check that there is no Created
* item yet.)*/
if (timestamp && newkey && !nvc_lookup (pk, "Created:"))
@@ -166,7 +263,7 @@ write_extended_private_key (char *fname, estream_t fp, int update, int newkey,
goto leave;
}
-
+ /* Back to start and write. */
err = es_fseek (fp, 0, SEEK_SET);
if (err)
goto leave;
@@ -212,133 +309,6 @@ write_extended_private_key (char *fname, estream_t fp, int update, int newkey,
return err;
}
-/* Write an S-expression formatted key to our key storage. With FORCE
- * passed as true an existing key with the given GRIP will get
- * overwritten. If SERIALNO and KEYREF are given a Token line is
- * added to the key if the extended format is used. If TIMESTAMP is
- * not zero and the key doies not yet exists it will be recorded as
- * creation date. */
-int
-agent_write_private_key (const unsigned char *grip,
- const void *buffer, size_t length, int force,
- const char *serialno, const char *keyref,
- time_t timestamp)
-{
- char *fname;
- estream_t fp;
- char hexgrip[40+4+1];
-
- bin2hex (grip, 20, hexgrip);
- strcpy (hexgrip+40, ".key");
-
- fname = make_filename (gnupg_homedir (), GNUPG_PRIVATE_KEYS_DIR,
- hexgrip, NULL);
-
- /* FIXME: Write to a temp file first so that write failures during
- key updates won't lead to a key loss. */
-
- if (!force && !gnupg_access (fname, F_OK))
- {
- log_error ("secret key file '%s' already exists\n", fname);
- xfree (fname);
- return gpg_error (GPG_ERR_EEXIST);
- }
-
- fp = es_fopen (fname, force? "rb+,mode=-rw" : "wbx,mode=-rw");
- if (!fp)
- {
- gpg_error_t tmperr = gpg_error_from_syserror ();
-
- if (force && gpg_err_code (tmperr) == GPG_ERR_ENOENT)
- {
- fp = es_fopen (fname, "wbx,mode=-rw");
- if (!fp)
- tmperr = gpg_error_from_syserror ();
- }
- if (!fp)
- {
- log_error ("can't create '%s': %s\n", fname, gpg_strerror (tmperr));
- xfree (fname);
- return tmperr;
- }
- }
- else if (force)
- {
- gpg_error_t rc;
- char first;
-
- /* See if an existing key is in extended format. */
- if (es_fread (&first, 1, 1, fp) != 1)
- {
- rc = gpg_error_from_syserror ();
- log_error ("error reading first byte from '%s': %s\n",
- fname, strerror (errno));
- xfree (fname);
- es_fclose (fp);
- return rc;
- }
-
- rc = es_fseek (fp, 0, SEEK_SET);
- if (rc)
- {
- log_error ("error seeking in '%s': %s\n", fname, strerror (errno));
- xfree (fname);
- es_fclose (fp);
- return rc;
- }
-
- if (first != '(')
- {
- /* Key is already in the extended format. */
- return write_extended_private_key (fname, fp, 1, 0, buffer, length,
- serialno, keyref, timestamp);
- }
- if (first == '(' && opt.enable_extended_key_format)
- {
- /* Key is in the old format - but we want the extended format. */
- return write_extended_private_key (fname, fp, 0, 0, buffer, length,
- serialno, keyref, timestamp);
- }
- }
-
- if (opt.enable_extended_key_format)
- return write_extended_private_key (fname, fp, 0, 1, buffer, length,
- serialno, keyref, timestamp);
-
- if (es_fwrite (buffer, length, 1, fp) != 1)
- {
- gpg_error_t tmperr = gpg_error_from_syserror ();
- log_error ("error writing '%s': %s\n", fname, gpg_strerror (tmperr));
- es_fclose (fp);
- gnupg_remove (fname);
- xfree (fname);
- return tmperr;
- }
-
- /* When force is given, the file might have to be truncated. */
- if (force && ftruncate (es_fileno (fp), es_ftello (fp)))
- {
- gpg_error_t tmperr = gpg_error_from_syserror ();
- log_error ("error truncating '%s': %s\n", fname, gpg_strerror (tmperr));
- es_fclose (fp);
- gnupg_remove (fname);
- xfree (fname);
- return tmperr;
- }
-
- if (es_fclose (fp))
- {
- gpg_error_t tmperr = gpg_error_from_syserror ();
- log_error ("error closing '%s': %s\n", fname, gpg_strerror (tmperr));
- gnupg_remove (fname);
- xfree (fname);
- return tmperr;
- }
- bump_key_eventcounter ();
- xfree (fname);
- return 0;
-}
-
gpg_error_t
agent_update_private_key (const unsigned char *grip, nvc_t pk)
@@ -393,6 +363,7 @@ agent_update_private_key (const unsigned char *grip, nvc_t pk)
return err;
}
+
/* Callback function to try the unprotection from the passphrase query
code. */
static gpg_error_t
diff --git a/agent/genkey.c b/agent/genkey.c
index eb6791dca..7660443ca 100644
--- a/agent/genkey.c
+++ b/agent/genkey.c
@@ -57,7 +57,7 @@ store_key (gcry_sexp_t private, const char *passphrase, int force,
{
unsigned char *p;
- rc = agent_protect (buf, passphrase, &p, &len, s2k_count, -1);
+ rc = agent_protect (buf, passphrase, &p, &len, s2k_count);
if (rc)
{
xfree (buf);
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index 381999cea..1db422737 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -116,8 +116,6 @@ enum cmd_and_opt_values
oCheckSymPassphrasePattern,
oMaxPassphraseDays,
oEnablePassphraseHistory,
- oDisableExtendedKeyFormat,
- oEnableExtendedKeyFormat,
oStealSocket,
oUseStandardSocket,
oNoUseStandardSocket,
@@ -238,8 +236,6 @@ static gpgrt_opt_t opts[] = {
/* */ "@"
#endif
),
- ARGPARSE_s_n (oDisableExtendedKeyFormat, "disable-extended-key-format", "@"),
- ARGPARSE_s_n (oEnableExtendedKeyFormat, "enable-extended-key-format", "@"),
ARGPARSE_s_i (oListenBacklog, "listen-backlog", "@"),
ARGPARSE_op_u (oAutoExpandSecmem, "auto-expand-secmem", "@"),
ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
@@ -315,7 +311,8 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_n (oNoUseStandardSocket, "no-use-standard-socket", "@"),
/* Dummy options. */
-
+ ARGPARSE_s_n (oNoop, "disable-extended-key-format", "@"),
+ ARGPARSE_s_n (oNoop, "enable-extended-key-format", "@"),
ARGPARSE_end () /* End of list */
};
@@ -885,7 +882,6 @@ parse_rereadable_options (gpgrt_argparse_t *pargs, int reread)
opt.check_sym_passphrase_pattern = NULL;
opt.max_passphrase_days = MAX_PASSPHRASE_DAYS;
opt.enable_passphrase_history = 0;
- opt.enable_extended_key_format = 1;
opt.ignore_cache_for_signing = 0;
opt.allow_mark_trusted = 1;
opt.sys_trustlist_name = NULL;
@@ -974,14 +970,6 @@ parse_rereadable_options (gpgrt_argparse_t *pargs, int reread)
opt.enable_passphrase_history = 1;
break;
- case oEnableExtendedKeyFormat:
- opt.enable_extended_key_format = 2;
- break;
- case oDisableExtendedKeyFormat:
- if (opt.enable_extended_key_format != 2)
- opt.enable_extended_key_format = 0;
- break;
-
case oIgnoreCacheForSigning: opt.ignore_cache_for_signing = 1; break;
case oAllowMarkTrusted: opt.allow_mark_trusted = 1; break;
diff --git a/agent/protect-tool.c b/agent/protect-tool.c
index bb17033a8..87cf36814 100644
--- a/agent/protect-tool.c
+++ b/agent/protect-tool.c
@@ -97,7 +97,6 @@ static const char *opt_passphrase;
static char *opt_prompt;
static int opt_status_msg;
static const char *opt_agent_program;
-static int opt_debug_use_ocb;
static char *get_passphrase (int promptno);
static void release_passphrase (char *pw);
@@ -343,8 +342,7 @@ read_and_protect (const char *fname)
return;
pw = get_passphrase (1);
- rc = agent_protect (key, pw, &result, &resultlen, 0,
- opt_debug_use_ocb? 1 : -1);
+ rc = agent_protect (key, pw, &result, &resultlen, 0);
release_passphrase (pw);
xfree (key);
if (rc)
@@ -610,7 +608,7 @@ main (int argc, char **argv )
case oHaveCert: opt_have_cert = 1; break;
case oPrompt: opt_prompt = pargs.r.ret_str; break;
case oStatusMsg: opt_status_msg = 1; break;
- case oDebugUseOCB: opt_debug_use_ocb = 1; break;
+ case oDebugUseOCB: /* dummy */; break;
default: pargs.err = ARGPARSE_PRINT_ERROR; break;
}
diff --git a/agent/protect.c b/agent/protect.c
index 1084ee208..7197cf7e6 100644
--- a/agent/protect.c
+++ b/agent/protect.c
@@ -379,12 +379,11 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
const char *passphrase,
const char *timestamp_exp, size_t timestamp_exp_len,
unsigned char **result, size_t *resultlen,
- unsigned long s2k_count, int use_ocb)
+ unsigned long s2k_count)
{
gcry_cipher_hd_t hd;
const char *modestr;
- unsigned char hashvalue[20];
- int blklen, enclen, outlen;
+ int enclen, outlen;
unsigned char *iv = NULL;
unsigned int ivsize; /* Size of the buffer allocated for IV. */
const unsigned char *s2ksalt; /* Points into IV. */
@@ -398,44 +397,26 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
*resultlen = 0;
*result = NULL;
- modestr = (use_ocb? "openpgp-s2k3-ocb-aes"
- /* */: "openpgp-s2k3-sha1-" PROT_CIPHER_STRING "-cbc");
+ modestr = "openpgp-s2k3-ocb-aes";
rc = gcry_cipher_open (&hd, PROT_CIPHER,
- use_ocb? GCRY_CIPHER_MODE_OCB :
- GCRY_CIPHER_MODE_CBC,
+ GCRY_CIPHER_MODE_OCB,
GCRY_CIPHER_SECURE);
if (rc)
return rc;
/* We need to work on a copy of the data because this makes it
* easier to add the trailer and the padding and more important we
- * have to prefix the text with 2 parenthesis. In CBC mode we
- * have to allocate enough space for:
- *
- * ((<parameter_list>)(4:hash4:sha120:<hashvalue>)) + padding
- *
- * we always append a full block of random bytes as padding but
- * encrypt only what is needed for a full blocksize. In OCB mode we
+ * have to prefix the text with 2 parenthesis. Due to OCB mode we
* have to allocate enough space for just:
*
* ((<parameter_list>))
*/
- blklen = gcry_cipher_get_algo_blklen (PROT_CIPHER);
- if (use_ocb)
- {
- /* (( )) */
- outlen = 2 + protlen + 2 ;
- enclen = outlen + 16 /* taglen */;
- outbuf = gcry_malloc_secure (enclen);
- }
- else
- {
- /* (( )( 4:hash 4:sha1 20:<hash> )) <padding> */
- outlen = 2 + protlen + 2 + 6 + 6 + 23 + 2 + blklen;
- enclen = outlen/blklen * blklen;
- outbuf = gcry_malloc_secure (outlen);
- }
+
+ /* (( )) */
+ outlen = 2 + protlen + 2 ;
+ enclen = outlen + 16 /* taglen */;
+ outbuf = gcry_malloc_secure (enclen);
if (!outbuf)
{
rc = out_of_core ();
@@ -445,10 +426,10 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
/* Allocate a buffer for the nonce and the salt. */
if (!rc)
{
- /* Allocate random bytes to be used as IV, padding and s2k salt
- * or in OCB mode for a nonce and the s2k salt. The IV/nonce is
- * set later because for OCB we need to set the key first. */
- ivsize = (use_ocb? 12 : (blklen*2)) + 8;
+ /* Allocate random bytes to be used as nonce and s2k salt. The
+ * nonce is set later because for OCB we need to set the key
+ * first. */
+ ivsize = 12 + 8;
iv = xtrymalloc (ivsize);
if (!iv)
rc = gpg_error_from_syserror ();
@@ -484,40 +465,17 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
goto leave;
/* Set the IV/nonce. */
- rc = gcry_cipher_setiv (hd, iv, use_ocb? 12 : blklen);
+ rc = gcry_cipher_setiv (hd, iv, 12);
if (rc)
goto leave;
- if (use_ocb)
- {
- /* In OCB Mode we use only the public key parameters as AAD. */
- rc = gcry_cipher_authenticate (hd, hashbegin, protbegin - hashbegin);
- if (!rc)
- rc = gcry_cipher_authenticate (hd, timestamp_exp, timestamp_exp_len);
- if (!rc)
- rc = gcry_cipher_authenticate
- (hd, protbegin+protlen, hashlen - (protbegin+protlen - hashbegin));
- }
- else
- {
- /* Hash the entire expression for CBC mode. Because
- * TIMESTAMP_EXP won't get protected, we can't simply hash a
- * continuous buffer but need to call md_write several times. */
- gcry_md_hd_t md;
-
- rc = gcry_md_open (&md, GCRY_MD_SHA1, 0 );
- if (!rc)
- {
- gcry_md_write (md, hashbegin, protbegin - hashbegin);
- gcry_md_write (md, protbegin, protlen);
- gcry_md_write (md, timestamp_exp, timestamp_exp_len);
- gcry_md_write (md, protbegin+protlen,
- hashlen - (protbegin+protlen - hashbegin));
- memcpy (hashvalue, gcry_md_read (md, GCRY_MD_SHA1), 20);
- gcry_md_close (md);
- }
- }
-
+ /* In OCB Mode we use only the public key parameters as AAD. */
+ rc = gcry_cipher_authenticate (hd, hashbegin, protbegin - hashbegin);
+ if (!rc)
+ rc = gcry_cipher_authenticate (hd, timestamp_exp, timestamp_exp_len);
+ if (!rc)
+ rc = gcry_cipher_authenticate
+ (hd, protbegin+protlen, hashlen - (protbegin+protlen - hashbegin));
/* Encrypt. */
if (!rc)
@@ -527,36 +485,15 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
*p++ = '(';
memcpy (p, protbegin, protlen);
p += protlen;
- if (use_ocb)
- {
- *p++ = ')';
- *p++ = ')';
- }
- else
- {
- memcpy (p, ")(4:hash4:sha120:", 17);
- p += 17;
- memcpy (p, hashvalue, 20);
- p += 20;
- *p++ = ')';
- *p++ = ')';
- memcpy (p, iv+blklen, blklen); /* Add padding. */
- p += blklen;
- }
+ *p++ = ')';
+ *p++ = ')';
log_assert ( p - outbuf == outlen);
- if (use_ocb)
- {
- gcry_cipher_final (hd);
- rc = gcry_cipher_encrypt (hd, outbuf, outlen, NULL, 0);
- if (!rc)
- {
- log_assert (outlen + 16 == enclen);
- rc = gcry_cipher_gettag (hd, outbuf + outlen, 16);
- }
- }
- else
+ gcry_cipher_final (hd);
+ rc = gcry_cipher_encrypt (hd, outbuf, outlen, NULL, 0);
+ if (!rc)
{
- rc = gcry_cipher_encrypt (hd, outbuf, enclen, NULL, 0);
+ log_assert (outlen + 16 == enclen);
+ rc = gcry_cipher_gettag (hd, outbuf + outlen, 16);
}
}
@@ -584,7 +521,7 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
(int)strlen (modestr), modestr,
&saltpos,
(unsigned int)strlen (countbuf), countbuf,
- use_ocb? 12 : blklen, &ivpos, use_ocb? 12 : blklen, "",
+ 12, &ivpos, 12, "",
enclen, &encpos, enclen, "");
if (!p)
{
@@ -598,7 +535,7 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
*resultlen = strlen (p);
*result = (unsigned char*)p;
memcpy (p+saltpos, s2ksalt, 8);
- memcpy (p+ivpos, iv, use_ocb? 12 : blklen);
+ memcpy (p+ivpos, iv, 12);
memcpy (p+encpos, outbuf, enclen);
xfree (iv);
xfree (outbuf);
@@ -614,13 +551,11 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
/* Protect the key encoded in canonical format in PLAINKEY. We assume
- a valid S-Exp here. With USE_UCB set to -1 the default scheme is
- used (ie. either CBC or OCB), set to 0 the old CBC mode is used,
- and set to 1 OCB is used. */
+ * a valid S-Exp here. */
int
agent_protect (const unsigned char *plainkey, const char *passphrase,
unsigned char **result, size_t *resultlen,
- unsigned long s2k_count, int use_ocb)
+ unsigned long s2k_count)
{
int rc;
const char *parmlist;
@@ -637,9 +572,6 @@ agent_protect (const unsigned char *plainkey, const char *passphrase,
unsigned char *p;
int have_curve = 0;
- if (use_ocb == -1)
- use_ocb = !!opt.enable_extended_key_format;
-
/* Create an S-expression with the protected-at timestamp. */
memcpy (timestamp_exp, "(12:protected-at15:", 19);
gnupg_get_isotime (timestamp_exp+19);
@@ -743,7 +675,7 @@ agent_protect (const unsigned char *plainkey, const char *passphrase,
rc = do_encryption (hash_begin, hash_end - hash_begin + 1,
prot_begin, prot_end - prot_begin + 1,
passphrase, timestamp_exp, sizeof (timestamp_exp),
- &protected, &protectedlen, s2k_count, use_ocb);
+ &protected, &protectedlen, s2k_count);
if (rc)
return rc;
diff --git a/agent/t-protect.c b/agent/t-protect.c
index 88b552585..e6edbffba 100644
--- a/agent/t-protect.c
+++ b/agent/t-protect.c
@@ -196,7 +196,7 @@ test_agent_protect (void)
{
ret = agent_protect ((const unsigned char*)specs[i].key,
specs[i].passphrase,
- &specs[i].result, &specs[i].resultlen, 0, -1);
+ &specs[i].result, &specs[i].resultlen, 0);
if (gpg_err_code (ret) != specs[i].ret_expected)
{
printf ("agent_protect(%d) returned '%i/%s'; expected '%i/%s'\n",