security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpg: Use only OpenPGP cipher algo ids. 

* g10/misc.c (map_cipher_openpgp_to_gcry): Use explicit mapping and
use enums for the arg and return value.
(map_cipher_gcry_to_openpgp): Ditto.
(openpgp_cipher_blocklen): Use constant macros.
(openpgp_cipher_test_algo): Use mapping function and prepare to
disable algorithms.
(openpgp_cipher_algo_name): Do not use Libgcrypt.

* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Replace
CGRY_CIPHER_* by CIPHER_ALGO_*.

* common/openpgpdefs.h (cipher_algo_t): Remove unused
CIPHER_ALGO_DUMMY.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2014-01-31 14:35:49 +01:00
parent b7f8dec632
commit 16a6311ade
4 changed files with 87 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
common/openpgpdefs.h
View File

@ -107,9 +107,7 @@ typedef enum
CIPHER_ALGO_TWOFISH = 10, /* 256 bit */
CIPHER_ALGO_CAMELLIA128 = 11,
CIPHER_ALGO_CAMELLIA192 = 12,
CIPHER_ALGO_CAMELLIA256 = 13,
CIPHER_ALGO_DUMMY = 110 /* No encryption at all (private). */
CIPHER_ALGO_CAMELLIA256 = 13
}
cipher_algo_t;

6
g10/ecdh.c
View File

@ -183,9 +183,9 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi,
xfree (secret_x);
return gpg_error (GPG_ERR_BAD_PUBKEY);
}
if (kdf_encr_algo != GCRY_CIPHER_AES128
&& kdf_encr_algo != GCRY_CIPHER_AES192
&& kdf_encr_algo != GCRY_CIPHER_AES256)
if (kdf_encr_algo != CIPHER_ALGO_AES
&& kdf_encr_algo != CIPHER_ALGO_AES192
&& kdf_encr_algo != CIPHER_ALGO_AES256)
{
xfree (secret_x);
return gpg_error (GPG_ERR_BAD_PUBKEY);

15
g10/main.h
View File

@ -90,22 +90,25 @@ u16 checksum( byte *p, unsigned n );
u16 checksum_mpi( gcry_mpi_t a );
u32 buffer_to_u32( const byte *buffer );
const byte *get_session_marker( size_t *rlen );
int map_cipher_openpgp_to_gcry (int algo);
enum gcry_cipher_algos map_cipher_openpgp_to_gcry (cipher_algo_t algo);
#define openpgp_cipher_open(_a,_b,_c,_d) \
gcry_cipher_open((_a),map_cipher_openpgp_to_gcry((_b)),(_c),(_d))
#define openpgp_cipher_get_algo_keylen(_a) \
gcry_cipher_get_algo_keylen(map_cipher_openpgp_to_gcry((_a)))
#define openpgp_cipher_get_algo_blklen(_a) \
gcry_cipher_get_algo_blklen(map_cipher_openpgp_to_gcry((_a)))
int openpgp_cipher_blocklen (int algo);
int openpgp_cipher_test_algo( int algo );
const char *openpgp_cipher_algo_name (int algo);
int map_pk_gcry_to_openpgp (enum gcry_pk_algos algo);
int openpgp_cipher_blocklen (cipher_algo_t algo);
int openpgp_cipher_test_algo(cipher_algo_t algo);
const char *openpgp_cipher_algo_name (cipher_algo_t algo);
pubkey_algo_t map_pk_gcry_to_openpgp (enum gcry_pk_algos algo);
int openpgp_pk_test_algo (pubkey_algo_t algo);
int openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use);
int openpgp_pk_algo_usage ( int algo );
int openpgp_md_test_algo( int algo );
const char *openpgp_pk_algo_name (pubkey_algo_t algo);
int openpgp_md_test_algo( int algo );
const char *openpgp_md_algo_name (int algo);
struct expando_args

98
g10/misc.c
View File

@ -341,35 +341,53 @@ print_digest_algo_note( int algo )
/* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do
this for algorithms we implemented in Libgcrypt after they become
part of OpenPGP. */
int
map_cipher_openpgp_to_gcry (int algo)
enum gcry_cipher_algos
map_cipher_openpgp_to_gcry (cipher_algo_t algo)
{
switch (algo)
{
case CIPHER_ALGO_CAMELLIA128: return 310;
case CIPHER_ALGO_CAMELLIA192: return 311;
case CIPHER_ALGO_CAMELLIA256: return 312;
default: return algo;
case CIPHER_ALGO_NONE: return GCRY_CIPHER_NONE;
case CIPHER_ALGO_IDEA: return GCRY_CIPHER_IDEA;
case CIPHER_ALGO_3DES: return GCRY_CIPHER_3DES;
case CIPHER_ALGO_CAST5: return GCRY_CIPHER_CAST5;
case CIPHER_ALGO_BLOWFISH: return GCRY_CIPHER_BLOWFISH;
case CIPHER_ALGO_AES: return GCRY_CIPHER_AES;
case CIPHER_ALGO_AES192: return GCRY_CIPHER_AES192;
case CIPHER_ALGO_AES256: return GCRY_CIPHER_AES256;
case CIPHER_ALGO_TWOFISH: return GCRY_CIPHER_TWOFISH;
case CIPHER_ALGO_CAMELLIA128: return GCRY_CIPHER_CAMELLIA128;
case CIPHER_ALGO_CAMELLIA192: return GCRY_CIPHER_CAMELLIA192;
case CIPHER_ALGO_CAMELLIA256: return GCRY_CIPHER_CAMELLIA256;
}
return 0;
}
/* The inverse fucntion of above. */
static int
map_cipher_gcry_to_openpgp (int algo)
/* The inverse function of above. */
static cipher_algo_t
map_cipher_gcry_to_openpgp (enum gcry_cipher_algos algo)
{
switch (algo)
{
case 310: return CIPHER_ALGO_CAMELLIA128;
case 311: return CIPHER_ALGO_CAMELLIA192;
case 312: return CIPHER_ALGO_CAMELLIA256;
default: return algo;
case GCRY_CIPHER_NONE: return CIPHER_ALGO_NONE;
case GCRY_CIPHER_IDEA: return CIPHER_ALGO_IDEA;
case GCRY_CIPHER_3DES: return CIPHER_ALGO_3DES;
case GCRY_CIPHER_CAST5: return CIPHER_ALGO_CAST5;
case GCRY_CIPHER_BLOWFISH: return CIPHER_ALGO_BLOWFISH;
case GCRY_CIPHER_AES: return CIPHER_ALGO_AES;
case GCRY_CIPHER_AES192: return CIPHER_ALGO_AES192;
case GCRY_CIPHER_AES256: return CIPHER_ALGO_AES256;
case GCRY_CIPHER_TWOFISH: return CIPHER_ALGO_TWOFISH;
case GCRY_CIPHER_CAMELLIA128: return CIPHER_ALGO_CAMELLIA128;
case GCRY_CIPHER_CAMELLIA192: return CIPHER_ALGO_CAMELLIA192;
case GCRY_CIPHER_CAMELLIA256: return CIPHER_ALGO_CAMELLIA256;
default: return 0;
}
}
/* Map Gcrypt public key algorithm numbers to those used by OpenPGP.
FIXME: This mapping is used at only two places - we should get rid
of it. */
int
pubkey_algo_t
map_pk_gcry_to_openpgp (enum gcry_pk_algos algo)
{
switch (algo)
@ -383,7 +401,7 @@ map_pk_gcry_to_openpgp (enum gcry_pk_algos algo)
/* Return the block length of an OpenPGP cipher algorithm. */
int
openpgp_cipher_blocklen (int algo)
openpgp_cipher_blocklen (cipher_algo_t algo)
{
/* We use the numbers from OpenPGP to be sure that we get the right
block length. This is so that the packet parsing code works even
@ -394,9 +412,13 @@ openpgp_cipher_blocklen (int algo)
size. */
switch (algo)
{
case 7: case 8: case 9: /* AES */
case 10: /* Twofish */
case 11: case 12: case 13: /* Camellia */
case CIPHER_ALGO_AES:
case CIPHER_ALGO_AES192:
case CIPHER_ALGO_AES256:
case CIPHER_ALGO_TWOFISH:
case CIPHER_ALGO_CAMELLIA128:
case CIPHER_ALGO_CAMELLIA192:
case CIPHER_ALGO_CAMELLIA256:
return 16;
default:
@ -409,22 +431,50 @@ openpgp_cipher_blocklen (int algo)
* the OpenPGP contraints for the algo ID.
*/
int
openpgp_cipher_test_algo( int algo )
openpgp_cipher_test_algo (cipher_algo_t algo)
{
/* (5 and 6 are marked reserved by rfc4880.) */
if ( algo < 0 || algo > 110 || algo == 5 || algo == 6 )
enum gcry_cipher_algos ga;
ga = map_cipher_openpgp_to_gcry (algo);
/* Use this explicit list to disable certain algorithms. */
switch (algo)
{
/* case CIPHER_ALGO_IDEA: */
/* ga = 0; */
/* break; */
default:
break;
}
if (!ga)
return gpg_error (GPG_ERR_CIPHER_ALGO);
return gcry_cipher_test_algo (map_cipher_openpgp_to_gcry (algo));
return gcry_cipher_test_algo (ga);
}
/* Map the OpenPGP cipher algorithm whose ID is contained in ALGORITHM to a
string representation of the algorithm name. For unknown algorithm
IDs this function returns "?". */
const char *
openpgp_cipher_algo_name (int algo)
openpgp_cipher_algo_name (cipher_algo_t algo)
{
return gnupg_cipher_algo_name (map_cipher_openpgp_to_gcry (algo));
switch (algo)
{
case CIPHER_ALGO_NONE: break;
case CIPHER_ALGO_IDEA: return "IDEA";
case CIPHER_ALGO_3DES: return "3DES";
case CIPHER_ALGO_CAST5: return "CAST5";
case CIPHER_ALGO_BLOWFISH: return "BLOWFISH";
case CIPHER_ALGO_AES: return "AES";
case CIPHER_ALGO_AES192: return "AES192";
case CIPHER_ALGO_AES256: return "AES256";
case CIPHER_ALGO_TWOFISH: return "TWOFISH";
case CIPHER_ALGO_CAMELLIA128: return "CAMELLIA128";
case CIPHER_ALGO_CAMELLIA192: return "CAMELLIA192";
case CIPHER_ALGO_CAMELLIA256: return "CAMELLIA256";
}
return "?";
}