1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Switch to AES256 for symmetric encryption in de-vs mode.

* g10/gpg.c (set_compliance_option): For AES256 and SHA256 in de-vs
mode.
* g10/encrypt.c (setup_symkey): Add extra compliance check.
(encrypt_simple): Avoid printing a second error oncplinace failure.
--

Because we used the RFC4880 mode as base for the de-vs mode we got
3DES as symmetric encryption algorithm.  With the default gnupg mode
that was already used.  The new extra compliance checks are added to
detect whether a --personal-cipher-preference or --cipher-algo option
tried to override the algorithms.  They are still possible but now
non-compliant algorithms will throw an error.

Manual testing can be done with commands like this:

  gpg --no-options --compliance=de-vs \
   --personal-cipher-preferences "S1 S7" \
   --pinentry-mode loopback -v --passphrase abc -ac </etc/motd

Here the command fails due to IDEA (S1) being the preferred cipher
algorithm.  Using "--s2k-digest-algo SHA1" instead of
--personal-cipher-preferences will also fail.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d1f2a6d9f71cf50318f4891c84aeedb975553896)
This commit is contained in:
Werner Koch 2020-11-03 13:55:25 +01:00
parent ccecdc1f34
commit 166e779634
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 31 additions and 4 deletions

View File

@ -195,6 +195,10 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
if (rc) if (rc)
{ {
iobuf_close (inp); iobuf_close (inp);
if (gpg_err_code (rc) == GPG_ERR_CIPHER_ALGO
|| gpg_err_code (rc) == GPG_ERR_DIGEST_ALGO)
; /* Error has already been printed. */
else
log_error (_("error creating passphrase: %s\n"), gpg_strerror (rc)); log_error (_("error creating passphrase: %s\n"), gpg_strerror (rc));
release_progress_context (pfx); release_progress_context (pfx);
return rc; return rc;
@ -373,12 +377,33 @@ gpg_error_t
setup_symkey (STRING2KEY **symkey_s2k, DEK **symkey_dek) setup_symkey (STRING2KEY **symkey_s2k, DEK **symkey_dek)
{ {
int canceled; int canceled;
int defcipher;
int s2kdigest;
defcipher = default_cipher_algo ();
if (!gnupg_cipher_is_allowed (opt.compliance, 1, defcipher,
GCRY_CIPHER_MODE_CFB))
{
log_error (_("cipher algorithm '%s' may not be used in %s mode\n"),
openpgp_cipher_algo_name (defcipher),
gnupg_compliance_option_string (opt.compliance));
return gpg_error (GPG_ERR_CIPHER_ALGO);
}
s2kdigest = S2K_DIGEST_ALGO;
if (!gnupg_digest_is_allowed (opt.compliance, 1, s2kdigest))
{
log_error (_("digest algorithm '%s' may not be used in %s mode\n"),
gcry_md_algo_name (s2kdigest),
gnupg_compliance_option_string (opt.compliance));
return gpg_error (GPG_ERR_DIGEST_ALGO);
}
*symkey_s2k = xmalloc_clear (sizeof **symkey_s2k); *symkey_s2k = xmalloc_clear (sizeof **symkey_s2k);
(*symkey_s2k)->mode = opt.s2k_mode; (*symkey_s2k)->mode = opt.s2k_mode;
(*symkey_s2k)->hash_algo = S2K_DIGEST_ALGO; (*symkey_s2k)->hash_algo = s2kdigest;
*symkey_dek = passphrase_to_dek (default_cipher_algo (), *symkey_dek = passphrase_to_dek (defcipher,
*symkey_s2k, 1, 0, NULL, &canceled); *symkey_s2k, 1, 0, NULL, &canceled);
if (!*symkey_dek || !(*symkey_dek)->keylen) if (!*symkey_dek || !(*symkey_dek)->keylen)
{ {

View File

@ -2188,7 +2188,9 @@ set_compliance_option (enum cmd_and_opt_values option)
case oDE_VS: case oDE_VS:
set_compliance_option (oOpenPGP); set_compliance_option (oOpenPGP);
opt.compliance = CO_DE_VS; opt.compliance = CO_DE_VS;
/* Fixme: Change other options. */ /* We divert here from the backward compatible rfc4880 algos. */
opt.s2k_digest_algo = DIGEST_ALGO_SHA256;
opt.s2k_cipher_algo = CIPHER_ALGO_AES256;
break; break;
default: default: