security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-26 15:37:03 +01:00
Code Activity

* seckey-cert.c: Workaround to allow decryption of v3 keys created

Browse Source 
with a bug in the mpi_get_secure_buffer.
This commit is contained in:
Werner Koch 2002-08-16 07:13:13 +00:00
parent 9ad0a6550b
commit 0996f7d4df
2 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
g10/ChangeLog
View File

@ -1,3 +1,8 @@
2002-08-16 Werner Koch <wk@gnupg.org>
* seckey-cert.c: Workaround to allow decryption of v3 keys created
with a bug in the mpi_get_secure_buffer.
2002-08-14 David Shaw <dshaw@jabberwocky.com>
* hkp.c (parse_hkp_index): Properly handle really large keys

26
g10/seckey-cert.c
View File

@ -158,6 +158,32 @@ do_check( PKT_secret_key *sk, const char *tryagain_text )
csum += checksum_mpi( sk->skey[i] );
m_free( buffer );
}
if( csum != sk->csum ) {
/* Due to a fix of a bug in mpi_get_secure_buffer we
might encounter seceret keys which are not correctly
encrypted. We fix this by a second try, this time
with a reversed bug fix (the memmove below). */
byte *p;
copy_secret_key( sk, save_sk );
cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
csum = 0;
for(i=pubkey_get_npkey (sk->pubkey_algo);
i < pubkey_get_nskey (sk->pubkey_algo); i++ ) {
buffer = mpi_get_secure_buffer (sk->skey[i], &nbytes,NULL);
for (p=buffer; !*p && nbytes; p++, --nbytes )
;
if (p != buffer)
memmove (buffer, p, nbytes);
cipher_sync (cipher_hd);
assert (mpi_is_protected(sk->skey[i]));
cipher_decrypt (cipher_hd, buffer, buffer, nbytes);
mpi_set_buffer (sk->skey[i], buffer, nbytes, 0);
mpi_clear_protect_flag (sk->skey[i]);
csum += checksum_mpi (sk->skey[i]);
m_free (buffer);
}
}
if( opt.emulate_bugs & EMUBUG_GPGCHKSUM ) {
csum = sk->csum;
}