security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-05-28 21:50:02 +02:00
Code Activity

gpg: Use only OpenPGP cipher algo ids.

Browse Source 
* g10/misc.c (map_cipher_openpgp_to_gcry): Use explicit mapping and
use enums for the arg and return value.
(map_cipher_gcry_to_openpgp): Ditto.
(openpgp_cipher_blocklen): Use constant macros.
(openpgp_cipher_test_algo): Use mapping function and prepare to
disable algorithms.
(openpgp_cipher_algo_name): Do not use Libgcrypt.

* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Replace
CGRY_CIPHER_* by CIPHER_ALGO_*.

* common/openpgpdefs.h (cipher_algo_t): Remove unused
CIPHER_ALGO_DUMMY.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2014-01-31 14:35:49 +01:00
parent b7f8dec632
commit 16a6311ade
4 changed files with 87 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
common/openpgpdefs.h
View File

@ -107,9 +107,7 @@ typedef enum
CIPHER_ALGO_TWOFISH = 10, /* 256 bit */ CIPHER_ALGO_TWOFISH = 10, /* 256 bit */
CIPHER_ALGO_CAMELLIA128 = 11, CIPHER_ALGO_CAMELLIA128 = 11,
CIPHER_ALGO_CAMELLIA192 = 12, CIPHER_ALGO_CAMELLIA192 = 12,
CIPHER_ALGO_CAMELLIA256 = 13, CIPHER_ALGO_CAMELLIA256 = 13
CIPHER_ALGO_DUMMY = 110 /* No encryption at all (private). */
} }
cipher_algo_t; cipher_algo_t;

6
g10/ecdh.c
View File

@ -183,9 +183,9 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi,
xfree (secret_x); xfree (secret_x);
return gpg_error (GPG_ERR_BAD_PUBKEY); return gpg_error (GPG_ERR_BAD_PUBKEY);
} }
if (kdf_encr_algo != GCRY_CIPHER_AES128 if (kdf_encr_algo != CIPHER_ALGO_AES
&& kdf_encr_algo != GCRY_CIPHER_AES192 && kdf_encr_algo != CIPHER_ALGO_AES192
&& kdf_encr_algo != GCRY_CIPHER_AES256) && kdf_encr_algo != CIPHER_ALGO_AES256)
{ {
xfree (secret_x); xfree (secret_x);
return gpg_error (GPG_ERR_BAD_PUBKEY); return gpg_error (GPG_ERR_BAD_PUBKEY);

15
g10/main.h
View File

@ -90,22 +90,25 @@ u16 checksum( byte *p, unsigned n );
u16 checksum_mpi( gcry_mpi_t a ); u16 checksum_mpi( gcry_mpi_t a );
u32 buffer_to_u32( const byte *buffer ); u32 buffer_to_u32( const byte *buffer );
const byte *get_session_marker( size_t *rlen ); const byte *get_session_marker( size_t *rlen );
int map_cipher_openpgp_to_gcry (int algo);
enum gcry_cipher_algos map_cipher_openpgp_to_gcry (cipher_algo_t algo);
#define openpgp_cipher_open(_a,_b,_c,_d) \ #define openpgp_cipher_open(_a,_b,_c,_d) \
gcry_cipher_open((_a),map_cipher_openpgp_to_gcry((_b)),(_c),(_d)) gcry_cipher_open((_a),map_cipher_openpgp_to_gcry((_b)),(_c),(_d))
#define openpgp_cipher_get_algo_keylen(_a) \ #define openpgp_cipher_get_algo_keylen(_a) \
gcry_cipher_get_algo_keylen(map_cipher_openpgp_to_gcry((_a))) gcry_cipher_get_algo_keylen(map_cipher_openpgp_to_gcry((_a)))
#define openpgp_cipher_get_algo_blklen(_a) \ #define openpgp_cipher_get_algo_blklen(_a) \
gcry_cipher_get_algo_blklen(map_cipher_openpgp_to_gcry((_a))) gcry_cipher_get_algo_blklen(map_cipher_openpgp_to_gcry((_a)))
int openpgp_cipher_blocklen (int algo); int openpgp_cipher_blocklen (cipher_algo_t algo);
int openpgp_cipher_test_algo( int algo ); int openpgp_cipher_test_algo(cipher_algo_t algo);
const char *openpgp_cipher_algo_name (int algo); const char *openpgp_cipher_algo_name (cipher_algo_t algo);
int map_pk_gcry_to_openpgp (enum gcry_pk_algos algo);
pubkey_algo_t map_pk_gcry_to_openpgp (enum gcry_pk_algos algo);
int openpgp_pk_test_algo (pubkey_algo_t algo); int openpgp_pk_test_algo (pubkey_algo_t algo);
int openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use); int openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use);
int openpgp_pk_algo_usage ( int algo ); int openpgp_pk_algo_usage ( int algo );
int openpgp_md_test_algo( int algo );
const char *openpgp_pk_algo_name (pubkey_algo_t algo); const char *openpgp_pk_algo_name (pubkey_algo_t algo);
int openpgp_md_test_algo( int algo );
const char *openpgp_md_algo_name (int algo); const char *openpgp_md_algo_name (int algo);
struct expando_args struct expando_args

98
g10/misc.c
View File

@ -341,35 +341,53 @@ print_digest_algo_note( int algo )
/* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do /* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do
this for algorithms we implemented in Libgcrypt after they become this for algorithms we implemented in Libgcrypt after they become
part of OpenPGP. */ part of OpenPGP. */
int enum gcry_cipher_algos
map_cipher_openpgp_to_gcry (int algo) map_cipher_openpgp_to_gcry (cipher_algo_t algo)
{ {
switch (algo) switch (algo)
{ {
case CIPHER_ALGO_CAMELLIA128: return 310; case CIPHER_ALGO_NONE: return GCRY_CIPHER_NONE;
case CIPHER_ALGO_CAMELLIA192: return 311; case CIPHER_ALGO_IDEA: return GCRY_CIPHER_IDEA;
case CIPHER_ALGO_CAMELLIA256: return 312; case CIPHER_ALGO_3DES: return GCRY_CIPHER_3DES;
default: return algo; case CIPHER_ALGO_CAST5: return GCRY_CIPHER_CAST5;
case CIPHER_ALGO_BLOWFISH: return GCRY_CIPHER_BLOWFISH;
case CIPHER_ALGO_AES: return GCRY_CIPHER_AES;
case CIPHER_ALGO_AES192: return GCRY_CIPHER_AES192;
case CIPHER_ALGO_AES256: return GCRY_CIPHER_AES256;
case CIPHER_ALGO_TWOFISH: return GCRY_CIPHER_TWOFISH;
case CIPHER_ALGO_CAMELLIA128: return GCRY_CIPHER_CAMELLIA128;
case CIPHER_ALGO_CAMELLIA192: return GCRY_CIPHER_CAMELLIA192;
case CIPHER_ALGO_CAMELLIA256: return GCRY_CIPHER_CAMELLIA256;
} }
return 0;
} }
/* The inverse fucntion of above. */ /* The inverse function of above. */
static int static cipher_algo_t
map_cipher_gcry_to_openpgp (int algo) map_cipher_gcry_to_openpgp (enum gcry_cipher_algos algo)
{ {
switch (algo) switch (algo)
{ {
case 310: return CIPHER_ALGO_CAMELLIA128; case GCRY_CIPHER_NONE: return CIPHER_ALGO_NONE;
case 311: return CIPHER_ALGO_CAMELLIA192; case GCRY_CIPHER_IDEA: return CIPHER_ALGO_IDEA;
case 312: return CIPHER_ALGO_CAMELLIA256; case GCRY_CIPHER_3DES: return CIPHER_ALGO_3DES;
default: return algo; case GCRY_CIPHER_CAST5: return CIPHER_ALGO_CAST5;
case GCRY_CIPHER_BLOWFISH: return CIPHER_ALGO_BLOWFISH;
case GCRY_CIPHER_AES: return CIPHER_ALGO_AES;
case GCRY_CIPHER_AES192: return CIPHER_ALGO_AES192;
case GCRY_CIPHER_AES256: return CIPHER_ALGO_AES256;
case GCRY_CIPHER_TWOFISH: return CIPHER_ALGO_TWOFISH;
case GCRY_CIPHER_CAMELLIA128: return CIPHER_ALGO_CAMELLIA128;
case GCRY_CIPHER_CAMELLIA192: return CIPHER_ALGO_CAMELLIA192;
case GCRY_CIPHER_CAMELLIA256: return CIPHER_ALGO_CAMELLIA256;
default: return 0;
} }
} }
/* Map Gcrypt public key algorithm numbers to those used by OpenPGP. /* Map Gcrypt public key algorithm numbers to those used by OpenPGP.
FIXME: This mapping is used at only two places - we should get rid FIXME: This mapping is used at only two places - we should get rid
of it. */ of it. */
int pubkey_algo_t
map_pk_gcry_to_openpgp (enum gcry_pk_algos algo) map_pk_gcry_to_openpgp (enum gcry_pk_algos algo)
{ {
switch (algo) switch (algo)
@ -383,7 +401,7 @@ map_pk_gcry_to_openpgp (enum gcry_pk_algos algo)
/* Return the block length of an OpenPGP cipher algorithm. */ /* Return the block length of an OpenPGP cipher algorithm. */
int int
openpgp_cipher_blocklen (int algo) openpgp_cipher_blocklen (cipher_algo_t algo)
{ {
/* We use the numbers from OpenPGP to be sure that we get the right /* We use the numbers from OpenPGP to be sure that we get the right
block length. This is so that the packet parsing code works even block length. This is so that the packet parsing code works even
@ -394,9 +412,13 @@ openpgp_cipher_blocklen (int algo)
size. */ size. */
switch (algo) switch (algo)
{ {
case 7: case 8: case 9: /* AES */ case CIPHER_ALGO_AES:
case 10: /* Twofish */ case CIPHER_ALGO_AES192:
case 11: case 12: case 13: /* Camellia */ case CIPHER_ALGO_AES256:
case CIPHER_ALGO_TWOFISH:
case CIPHER_ALGO_CAMELLIA128:
case CIPHER_ALGO_CAMELLIA192:
case CIPHER_ALGO_CAMELLIA256:
return 16; return 16;
default: default:
@ -409,22 +431,50 @@ openpgp_cipher_blocklen (int algo)
* the OpenPGP contraints for the algo ID. * the OpenPGP contraints for the algo ID.
*/ */
int int
openpgp_cipher_test_algo( int algo ) openpgp_cipher_test_algo (cipher_algo_t algo)
{ {
/* (5 and 6 are marked reserved by rfc4880.) */ enum gcry_cipher_algos ga;
if ( algo < 0 || algo > 110 || algo == 5 || algo == 6 )
ga = map_cipher_openpgp_to_gcry (algo);
/* Use this explicit list to disable certain algorithms. */
switch (algo)
{
/* case CIPHER_ALGO_IDEA: */
/* ga = 0; */
/* break; */
default:
break;
}
if (!ga)
return gpg_error (GPG_ERR_CIPHER_ALGO); return gpg_error (GPG_ERR_CIPHER_ALGO);
return gcry_cipher_test_algo (map_cipher_openpgp_to_gcry (algo)); return gcry_cipher_test_algo (ga);
} }
/* Map the OpenPGP cipher algorithm whose ID is contained in ALGORITHM to a /* Map the OpenPGP cipher algorithm whose ID is contained in ALGORITHM to a
string representation of the algorithm name. For unknown algorithm string representation of the algorithm name. For unknown algorithm
IDs this function returns "?". */ IDs this function returns "?". */
const char * const char *
openpgp_cipher_algo_name (int algo) openpgp_cipher_algo_name (cipher_algo_t algo)
{ {
return gnupg_cipher_algo_name (map_cipher_openpgp_to_gcry (algo)); switch (algo)
{
case CIPHER_ALGO_NONE: break;
case CIPHER_ALGO_IDEA: return "IDEA";
case CIPHER_ALGO_3DES: return "3DES";
case CIPHER_ALGO_CAST5: return "CAST5";
case CIPHER_ALGO_BLOWFISH: return "BLOWFISH";
case CIPHER_ALGO_AES: return "AES";
case CIPHER_ALGO_AES192: return "AES192";
case CIPHER_ALGO_AES256: return "AES256";
case CIPHER_ALGO_TWOFISH: return "TWOFISH";
case CIPHER_ALGO_CAMELLIA128: return "CAMELLIA128";
case CIPHER_ALGO_CAMELLIA192: return "CAMELLIA192";
case CIPHER_ALGO_CAMELLIA256: return "CAMELLIA256";
}
return "?";
} }