security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-11 22:01:08 +02:00
Code Activity

indent: Re-indent g10/cipher.c

Browse Source 
--
This commit is contained in:
Werner Koch 2017-12-13 11:56:28 +01:00
parent 9f641430dc
commit 067e62fe55
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 108 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

210
g10/cipher.c
View File

@ -1,6 +1,6 @@
/* cipher.c - En-/De-ciphering filter /* cipher.c - En-/De-ciphering filter
* Copyright (C) 1998, 1999, 2000, 2001, 2003, * Copyright (C) 1998-2003, 2006, 2009 Free Software Foundation, Inc.
* 2006, 2009 Free Software Foundation, Inc. * Copyright (C) 1998-2003, 2006, 2009, 2017 Werner koch
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -16,6 +16,7 @@
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, see <https://www.gnu.org/licenses/>. * along with this program; if not, see <https://www.gnu.org/licenses/>.
* SPDX-License-Identifier: GPL-3.0+
*/ */
#include <config.h> #include <config.h>
@ -39,124 +40,129 @@
static void static void
write_header( cipher_filter_context_t *cfx, IOBUF a ) write_header (cipher_filter_context_t *cfx, iobuf_t a)
{ {
gcry_error_t err; gcry_error_t err;
PACKET pkt; PACKET pkt;
PKT_encrypted ed; PKT_encrypted ed;
byte temp[18]; byte temp[18];
unsigned int blocksize; unsigned int blocksize;
unsigned int nprefix; unsigned int nprefix;
blocksize = openpgp_cipher_get_algo_blklen (cfx->dek->algo); blocksize = openpgp_cipher_get_algo_blklen (cfx->dek->algo);
if ( blocksize < 8 || blocksize > 16 ) if ( blocksize < 8 || blocksize > 16 )
log_fatal("unsupported blocksize %u\n", blocksize ); log_fatal ("unsupported blocksize %u\n", blocksize);
memset( &ed, 0, sizeof ed );
ed.len = cfx->datalen;
ed.extralen = blocksize+2;
ed.new_ctb = !ed.len;
if( cfx->dek->use_mdc ) {
ed.mdc_method = DIGEST_ALGO_SHA1;
gcry_md_open (&cfx->mdc_hash, DIGEST_ALGO_SHA1, 0);
if ( DBG_HASHING )
gcry_md_debug (cfx->mdc_hash, "creatmdc");
}
memset (&ed, 0, sizeof ed);
ed.len = cfx->datalen;
ed.extralen = blocksize + 2;
ed.new_ctb = !ed.len;
if (cfx->dek->use_mdc)
{ {
char buf[20]; ed.mdc_method = DIGEST_ALGO_SHA1;
gcry_md_open (&cfx->mdc_hash, DIGEST_ALGO_SHA1, 0);
sprintf (buf, "%d %d", ed.mdc_method, cfx->dek->algo); if (DBG_HASHING)
write_status_text (STATUS_BEGIN_ENCRYPTION, buf); gcry_md_debug (cfx->mdc_hash, "creatmdc");
} }
init_packet( &pkt ); {
pkt.pkttype = cfx->dek->use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED; char buf[20];
pkt.pkt.encrypted = &ed;
if( build_packet( a, &pkt )) snprintf (buf, sizeof buf, "%d %d", ed.mdc_method, cfx->dek->algo);
log_bug("build_packet(ENCR_DATA) failed\n"); write_status_text (STATUS_BEGIN_ENCRYPTION, buf);
nprefix = blocksize; }
gcry_randomize (temp, nprefix, GCRY_STRONG_RANDOM );
temp[nprefix] = temp[nprefix-2]; init_packet (&pkt);
temp[nprefix+1] = temp[nprefix-1]; pkt.pkttype = cfx->dek->use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
print_cipher_algo_note( cfx->dek->algo ); pkt.pkt.encrypted = &ed;
err = openpgp_cipher_open (&cfx->cipher_hd, if (build_packet( a, &pkt))
cfx->dek->algo, log_bug ("build_packet(ENCR_DATA) failed\n");
GCRY_CIPHER_MODE_CFB, nprefix = blocksize;
(GCRY_CIPHER_SECURE gcry_randomize (temp, nprefix, GCRY_STRONG_RANDOM );
| ((cfx->dek->use_mdc || cfx->dek->algo >= 100)? temp[nprefix] = temp[nprefix-2];
0 : GCRY_CIPHER_ENABLE_SYNC))); temp[nprefix+1] = temp[nprefix-1];
if (err) { print_cipher_algo_note (cfx->dek->algo);
/* We should never get an error here cause we already checked, err = openpgp_cipher_open (&cfx->cipher_hd,
* that the algorithm is available. */ cfx->dek->algo,
BUG(); GCRY_CIPHER_MODE_CFB,
(GCRY_CIPHER_SECURE
| ((cfx->dek->use_mdc || cfx->dek->algo >= 100)?
0 : GCRY_CIPHER_ENABLE_SYNC)));
if (err)
{
/* We should never get an error here cause we already checked,
* that the algorithm is available. */
BUG();
} }
/* log_hexdump( "thekey", cfx->dek->key, cfx->dek->keylen );*/ /* log_hexdump ("thekey", cfx->dek->key, cfx->dek->keylen); */
gcry_cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen ); gcry_cipher_setkey (cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen);
gcry_cipher_setiv( cfx->cipher_hd, NULL, 0 ); gcry_cipher_setiv (cfx->cipher_hd, NULL, 0);
/* log_hexdump( "prefix", temp, nprefix+2 ); */ /* log_hexdump ("prefix", temp, nprefix+2); */
if (cfx->mdc_hash) /* Hash the "IV". */ if (cfx->mdc_hash) /* Hash the "IV". */
gcry_md_write (cfx->mdc_hash, temp, nprefix+2 ); gcry_md_write (cfx->mdc_hash, temp, nprefix+2 );
gcry_cipher_encrypt (cfx->cipher_hd, temp, nprefix+2, NULL, 0); gcry_cipher_encrypt (cfx->cipher_hd, temp, nprefix+2, NULL, 0);
gcry_cipher_sync (cfx->cipher_hd); gcry_cipher_sync (cfx->cipher_hd);
iobuf_write(a, temp, nprefix+2); iobuf_write (a, temp, nprefix+2);
cfx->header=1; cfx->header = 1;
} }
/*
/**************** * This filter is used to en/de-cipher data with a symmetric algorithm
* This filter is used to en/de-cipher data with a conventional algorithm
*/ */
int int
cipher_filter( void *opaque, int control, cipher_filter (void *opaque, int control, iobuf_t a, byte *buf, size_t *ret_len)
IOBUF a, byte *buf, size_t *ret_len)
{ {
size_t size = *ret_len; cipher_filter_context_t *cfx = opaque;
cipher_filter_context_t *cfx = opaque; size_t size = *ret_len;
int rc=0; int rc = 0;
if( control == IOBUFCTRL_UNDERFLOW ) { /* decrypt */ if (control == IOBUFCTRL_UNDERFLOW) /* decrypt */
rc = -1; /* not yet used */ {
rc = -1; /* not yet used */
} }
else if( control == IOBUFCTRL_FLUSH ) { /* encrypt */ else if (control == IOBUFCTRL_FLUSH) /* encrypt */
log_assert(a); {
if( !cfx->header ) { log_assert (a);
write_header( cfx, a ); if (!cfx->header)
write_header (cfx, a);
if (cfx->mdc_hash)
gcry_md_write (cfx->mdc_hash, buf, size);
gcry_cipher_encrypt (cfx->cipher_hd, buf, size, NULL, 0);
rc = iobuf_write (a, buf, size);
}
else if (control == IOBUFCTRL_FREE)
{
if (cfx->mdc_hash)
{
byte *hash;
int hashlen = gcry_md_get_algo_dlen (gcry_md_get_algo(cfx->mdc_hash));
byte temp[22];
log_assert (hashlen == 20);
/* We must hash the prefix of the MDC packet here. */
temp[0] = 0xd3;
temp[1] = 0x14;
gcry_md_putc (cfx->mdc_hash, temp[0]);
gcry_md_putc (cfx->mdc_hash, temp[1]);
gcry_md_final (cfx->mdc_hash);
hash = gcry_md_read (cfx->mdc_hash, 0);
memcpy(temp+2, hash, 20);
gcry_cipher_encrypt (cfx->cipher_hd, temp, 22, NULL, 0);
gcry_md_close (cfx->mdc_hash); cfx->mdc_hash = NULL;
if (iobuf_write( a, temp, 22))
log_error ("writing MDC packet failed\n");
} }
if (cfx->mdc_hash)
gcry_md_write (cfx->mdc_hash, buf, size);
gcry_cipher_encrypt (cfx->cipher_hd, buf, size, NULL, 0);
rc = iobuf_write( a, buf, size );
}
else if( control == IOBUFCTRL_FREE ) {
if( cfx->mdc_hash ) {
byte *hash;
int hashlen = gcry_md_get_algo_dlen (gcry_md_get_algo
(cfx->mdc_hash));
byte temp[22];
log_assert( hashlen == 20 ); gcry_cipher_close (cfx->cipher_hd);
/* We must hash the prefix of the MDC packet here. */ }
temp[0] = 0xd3; else if (control == IOBUFCTRL_DESC)
temp[1] = 0x14; {
gcry_md_putc (cfx->mdc_hash, temp[0]); mem2str (buf, "cipher_filter", *ret_len);
gcry_md_putc (cfx->mdc_hash, temp[1]); }
gcry_md_final (cfx->mdc_hash); return rc;
hash = gcry_md_read (cfx->mdc_hash, 0);
memcpy(temp+2, hash, 20);
gcry_cipher_encrypt (cfx->cipher_hd, temp, 22, NULL, 0);
gcry_md_close (cfx->mdc_hash); cfx->mdc_hash = NULL;
if( iobuf_write( a, temp, 22 ) )
log_error("writing MDC packet failed\n" );
}
gcry_cipher_close (cfx->cipher_hd);
}
else if( control == IOBUFCTRL_DESC ) {
mem2str (buf, "cipher_filter", *ret_len);
}
return rc;
} }