mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-25 15:27:03 +01:00
gpg: Print info about the used AEAD algorithm.
* g10/misc.c (openpgp_cipher_algo_mode_name): New. * g10/decrypt-data.c (decrypt_data): Use function here. -- With out this change we would see gpg: cipher algorithm 'AES256' may not be used in --compliance=de-vs mode This is confusing because AES256 is compliant. Now we see gpg: cipher algorithm 'AES256.OCB' may not be used in --compliance=de-vs mode which gives a hint on the problem.
This commit is contained in:
parent
c145366549
commit
15eda7ce78
@ -244,7 +244,7 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek,
|
|||||||
{
|
{
|
||||||
if (!openpgp_cipher_test_algo (dek->algo))
|
if (!openpgp_cipher_test_algo (dek->algo))
|
||||||
log_info (_("%s encrypted data\n"),
|
log_info (_("%s encrypted data\n"),
|
||||||
openpgp_cipher_algo_name (dek->algo));
|
openpgp_cipher_algo_mode_name (dek->algo, ed->aead_algo));
|
||||||
else
|
else
|
||||||
log_info (_("encrypted with unknown algorithm %d\n"), dek->algo );
|
log_info (_("encrypted with unknown algorithm %d\n"), dek->algo );
|
||||||
dek->algo_info_printed = 1;
|
dek->algo_info_printed = 1;
|
||||||
@ -264,7 +264,7 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek,
|
|||||||
if (!gnupg_cipher_is_allowed (opt.compliance, 0, dek->algo, ciphermode))
|
if (!gnupg_cipher_is_allowed (opt.compliance, 0, dek->algo, ciphermode))
|
||||||
{
|
{
|
||||||
log_error (_("cipher algorithm '%s' may not be used in %s mode\n"),
|
log_error (_("cipher algorithm '%s' may not be used in %s mode\n"),
|
||||||
openpgp_cipher_algo_name (dek->algo),
|
openpgp_cipher_algo_mode_name (dek->algo,ed->aead_algo),
|
||||||
gnupg_compliance_option_string (opt.compliance));
|
gnupg_compliance_option_string (opt.compliance));
|
||||||
*compliance_error = 1;
|
*compliance_error = 1;
|
||||||
if (opt.flags.require_compliance)
|
if (opt.flags.require_compliance)
|
||||||
|
@ -122,6 +122,8 @@ enum gcry_cipher_algos map_cipher_openpgp_to_gcry (cipher_algo_t algo);
|
|||||||
int openpgp_cipher_blocklen (cipher_algo_t algo);
|
int openpgp_cipher_blocklen (cipher_algo_t algo);
|
||||||
int openpgp_cipher_test_algo(cipher_algo_t algo);
|
int openpgp_cipher_test_algo(cipher_algo_t algo);
|
||||||
const char *openpgp_cipher_algo_name (cipher_algo_t algo);
|
const char *openpgp_cipher_algo_name (cipher_algo_t algo);
|
||||||
|
const char *openpgp_cipher_algo_mode_name (cipher_algo_t algo,
|
||||||
|
aead_algo_t aead);
|
||||||
|
|
||||||
gpg_error_t openpgp_aead_test_algo (aead_algo_t algo);
|
gpg_error_t openpgp_aead_test_algo (aead_algo_t algo);
|
||||||
const char *openpgp_aead_algo_name (aead_algo_t algo);
|
const char *openpgp_aead_algo_name (aead_algo_t algo);
|
||||||
|
18
g10/misc.c
18
g10/misc.c
@ -608,6 +608,24 @@ openpgp_cipher_algo_name (cipher_algo_t algo)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Same as openpgp_cipher_algo_name but returns a string in the form
|
||||||
|
* "ALGO.MODE" if AEAD is not 0. Note that in this version we do not
|
||||||
|
* print "ALGO.CFB" as we do in 2.3 to avoid confusing users. */
|
||||||
|
const char *
|
||||||
|
openpgp_cipher_algo_mode_name (cipher_algo_t algo, aead_algo_t aead)
|
||||||
|
{
|
||||||
|
|
||||||
|
if (aead == AEAD_ALGO_NONE)
|
||||||
|
return openpgp_cipher_algo_name (algo);
|
||||||
|
|
||||||
|
return map_static_strings ("openpgp_cipher_algo_mode_name", algo, aead,
|
||||||
|
openpgp_cipher_algo_name (algo),
|
||||||
|
".",
|
||||||
|
openpgp_aead_algo_name (aead),
|
||||||
|
NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Return 0 if ALGO is supported. Return an error if not. */
|
/* Return 0 if ALGO is supported. Return an error if not. */
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
openpgp_aead_test_algo (aead_algo_t algo)
|
openpgp_aead_test_algo (aead_algo_t algo)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user