From 2cd12c5c8f507b5ef344cd7d400b585d05090285 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Sun, 3 May 1998 19:35:33 +0000 Subject: [PATCH] fixed last passphrase bug --- NEWS | 13 +++++++++++++ TODO | 2 -- g10/ChangeLog | 5 +++++ g10/build-packet.c | 4 +++- g10/keydb.h | 2 +- g10/keygen.c | 2 +- g10/ks-proto.c | 5 +++-- g10/packet.h | 3 ++- g10/parse-packet.c | 10 ++++++---- g10/passphrase.c | 16 +++++++--------- g10/ringedit.c | 6 ++++-- g10/seckey-cert.c | 21 ++++++++++++++------- g10/sign.c | 1 + 13 files changed, 60 insertions(+), 30 deletions(-) diff --git a/NEWS b/NEWS index 3571b1997..d4dcdc070 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,16 @@ +Noteworthy changes in version 0.2.?? +------------------------------------ + + * Comment packets are now of private type 61. + + * passphrase code still used a 160 bit blowfish key, add a + silly workaround. Please change your passphrase again - sorry. + + * Conventional encryption now uses a type 3 packet to describe the + used algorithms. + + + Noteworthy changes in version 0.2.16 ------------------------------------ diff --git a/TODO b/TODO index 7eea85eeb..3e39c0886 100644 --- a/TODO +++ b/TODO @@ -49,5 +49,3 @@ * add multi-user-id-sigs handling to import.c - * add tag 3 packet support to "-c" - diff --git a/g10/ChangeLog b/g10/ChangeLog index b4a74ab72..3ddb311e3 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,8 @@ +Sun May 3 17:50:26 1998 Werner Koch (wk@isil.d.shuttle.de) + + * packet.h (PKT_OLD_COMMENT): New name for type 16. + * parse-packet.c (parse_comment): Now uses type 61 + Fri May 1 12:44:39 1998 Werner Koch,mobil,,, (wk@tobold) * packet.h (count): Chnaged s2k count from byte to u32. diff --git a/g10/build-packet.c b/g10/build-packet.c index 384957515..eff3314a5 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -68,6 +68,8 @@ build_packet( IOBUF out, PACKET *pkt ) if( DBG_PACKET ) log_debug("build_packet() type=%d\n", pkt->pkttype ); + if( pkt->pkttype == PKT_OLD_COMMENT ) + pkt->pkttype = PKT_COMMENT; assert( pkt->pkt.generic ); if( pkt->pkttype > 15 ) /* new format */ ctb = 0xc0 | (pkt->pkttype & 0x3f); @@ -109,7 +111,7 @@ build_packet( IOBUF out, PACKET *pkt ) break; case PKT_RING_TRUST: default: - log_bug("invalid packet type in build_packet()"); + log_bug("invalid packet type in build_packet()\n"); break; } diff --git a/g10/keydb.h b/g10/keydb.h index 96dc652df..d2b64ea19 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -97,7 +97,7 @@ int build_skc_list( STRLIST locusr, SKC_LIST *ret_skc_list, /*-- passphrase.h --*/ void set_passphrase_fd( int fd ); int get_passphrase_fd(void); -DEK *get_passphrase_hash( u32 *keyid, char *text, STRING2KEY *s2k ); +DEK *get_passphrase_hash( u32 *keyid, int cipher_algo, STRING2KEY *s2k ); int make_dek_from_passphrase( DEK *dek, int mode, STRING2KEY *s2k ); /*-- getkey.c --*/ diff --git a/g10/keygen.c b/g10/keygen.c index 1d3f9004e..bcef7528a 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -532,7 +532,7 @@ generate_keypair() for(;;) { dek->algo = CIPHER_ALGO_BLOWFISH; s2k->mode = 1; - s2k->hash_algo = DIGESTA_ALGO_RMD160; + s2k->hash_algo = DIGEST_ALGO_RMD160; rc = make_dek_from_passphrase( dek , 2, s2k ); if( rc == -1 ) { m_free(dek); dek = NULL; diff --git a/g10/ks-proto.c b/g10/ks-proto.c index 91ced86f6..38f21762b 100644 --- a/g10/ks-proto.c +++ b/g10/ks-proto.c @@ -25,15 +25,16 @@ #include "util.h" #include "ks-proto.h" +#if 0 /**************** * Read a protocol line */ static int read_line( FILE *fp ) { - + return -1; } - +#endif diff --git a/g10/packet.h b/g10/packet.h index fb8ac20d8..4f3efec9b 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -49,7 +49,8 @@ typedef enum { PKT_RING_TRUST =12, /* keyring trust packet */ PKT_USER_ID =13, /* user id packet */ PKT_PUBKEY_SUBCERT=14, /* subkey certificate (OpenPGP) */ - PKT_COMMENT =16 /* new comment packet (OpenPGP) */ + PKT_OLD_COMMENT =16, /* comment packet from an OpenPGP draft */ + PKT_COMMENT =61 /* new comment packet (private) */ } pkttype_t; typedef struct packet_struct PACKET; diff --git a/g10/parse-packet.c b/g10/parse-packet.c index f7913d3f9..0f54d3a86 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -303,6 +303,7 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos, case PKT_USER_ID: rc = parse_user_id(inp, pkttype, pktlen, pkt ); break; + case PKT_OLD_COMMENT: case PKT_COMMENT: rc = parse_comment(inp, pkttype, pktlen, pkt); break; @@ -838,10 +839,10 @@ parse_certificate( IOBUF inp, int pkttype, unsigned long pktlen, version = iobuf_get_noeof(inp); pktlen--; if( pkttype == PKT_PUBKEY_SUBCERT && version == '#' ) { - /* early versions of G10 use old comments packets; luckily all those - * comments are started by a hash */ + /* early versions of G10 use old PGP comments packets; + * luckily all those comments are started by a hash */ if( list_mode ) { - printf(":old comment packet: \"" ); + printf(":rfc1991 comment packet: \"" ); for( ; pktlen; pktlen-- ) { int c; c = iobuf_get_noeof(inp); @@ -1267,7 +1268,8 @@ parse_comment( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet ) if( list_mode ) { int n = packet->pkt.comment->len; - printf(":comment packet: \""); + printf(":%scomment packet: \"", pkttype == PKT_OLD_COMMENT? + "OpenPGP draft " : "" ); for(p=packet->pkt.comment->data; n; p++, n-- ) { if( *p >= ' ' && *p <= 'z' ) putchar(*p); diff --git a/g10/passphrase.c b/g10/passphrase.c index 5ae3966ac..9711f5aff 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -33,7 +33,7 @@ static int pwfd = -1; -static void hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k ); +static void hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create ); void set_passphrase_fd( int fd ) @@ -54,7 +54,7 @@ get_passphrase_fd() * Returns: m_alloced md5 passphrase hash; caller must free */ DEK * -get_passphrase_hash( u32 *keyid, char *text, byte *salt ) +get_passphrase_hash( u32 *keyid, int cipher_algo, STRING2KEY *s2k ) { char *pw; DEK *dek; @@ -97,9 +97,8 @@ get_passphrase_hash( u32 *keyid, char *text, byte *salt ) tty_kill_prompt(); } dek = m_alloc_secure( sizeof *dek ); - dek->algo = CIPHER_ALGO_BLOWFISH; /* fixme: allow others ciphers */ - if( hash_passphrase( dek, pw, salt ) ) - log_bug("get_passphrase_hash\n"); + dek->algo = cipher_algo; + hash_passphrase( dek, pw, s2k, 0 ); m_free(pw); /* is allocated in secure memory, so it will be burned */ return dek; } @@ -146,20 +145,19 @@ static void hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create ) { MD_HANDLE md; - int rc = 0; assert( s2k->hash_algo ); dek->keylen = 0; md = md_open( s2k->hash_algo, 1); if( s2k->mode == 1 || s2k->mode == 4 ) { if( create ) - randomize_buffer(&s2k->salt, 8, 1); + randomize_buffer(s2k->salt, 8, 1); md_write( md, s2k->salt, 8 ); } md_write( md, pw, strlen(pw) ); md_final( md ); - dek->keylen = cipher_get_keylen( dek->algo ); - assert(dek->keylen > 0 && dek->keylen < DIM(dek->key) ); + dek->keylen = cipher_get_keylen( dek->algo ) / 8; + assert(dek->keylen > 0 && dek->keylen <= DIM(dek->key) ); memcpy( dek->key, md_read(md,0), dek->keylen ); md_close(md); } diff --git a/g10/ringedit.c b/g10/ringedit.c index a7797a358..def4a4306 100644 --- a/g10/ringedit.c +++ b/g10/ringedit.c @@ -673,11 +673,13 @@ keyring_enum( KBPOS *kbpos, KBNODE *ret_root, int skipsigs ) default: /* skip pakets at the beginning of a keyring, until we find * a start packet; issue a warning if it is not a comment */ - if( !root && pkt->pkttype != PKT_COMMENT ) + if( !root && pkt->pkttype != PKT_COMMENT + && pkt->pkttype != PKT_OLD_COMMENT ) log_info("keyring_enum: skipped packet of type %d\n", pkt->pkttype ); if( !root || (skipsigs && ( pkt->pkttype == PKT_SIGNATURE - ||pkt->pkttype == PKT_COMMENT )) ) { + ||pkt->pkttype == PKT_COMMENT + ||pkt->pkttype == PKT_OLD_COMMENT )) ) { init_packet(pkt); break; } diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c index 340551cb2..23ba0314b 100644 --- a/g10/seckey-cert.c +++ b/g10/seckey-cert.c @@ -54,12 +54,8 @@ do_check( PKT_secret_cert *cert ) case CIPHER_ALGO_BLOWFISH: case CIPHER_ALGO_CAST: keyid_from_skc( cert, keyid ); - if( cert->protect.s2k.mode == 1 || cert->protect.s2k.mode == 4 ) - dek = get_passphrase_hash( keyid, NULL, - cert->protect.s2k.salt ); - else - dek = get_passphrase_hash( keyid, NULL, NULL ); - + dek = get_passphrase_hash( keyid, cert->protect.algo, + &cert->protect.s2k ); cipher_hd = cipher_open( cert->protect.algo, CIPHER_MODE_AUTO_CFB, 1); cipher_setkey( cipher_hd, dek->key, dek->keylen ); @@ -216,11 +212,22 @@ check_secret_key( PKT_secret_cert *cert ) for(i=0; i < 3 && rc == G10ERR_BAD_PASS; i++ ) { if( i ) - log_error("Invalid passphrase; please try again ...\n"); + log_error("Invalid passphrase; please try again ...\n\n"); switch( cert->pubkey_algo ) { case PUBKEY_ALGO_ELGAMAL: case PUBKEY_ALGO_DSA: rc = do_check( cert ); + if( rc == G10ERR_BAD_PASS && cert->is_protected + && cert->protect.algo == CIPHER_ALGO_BLOWFISH ) { + /* Workaround for a bug in 0.2.16 which still used + * a 160 bit key for BLOWFISH. */ + log_info("trying workaround for 0.2.16 passphrase bug ...\n"); + cert->protect.algo = CIPHER_ALGO_BLOWFISH160; + rc = do_check( cert ); + if( rc ) + rc = G10ERR_BAD_PASS; + cert->protect.algo = CIPHER_ALGO_BLOWFISH; + } break; default: rc = G10ERR_PUBKEY_ALGO; } diff --git a/g10/sign.c b/g10/sign.c index 5c68bbb6d..ddcded7f1 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -406,6 +406,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile ) else { const char *s = digest_algo_to_string(opt.def_digest_algo); assert(s); + iobuf_writestr(out, "Hash: " ); iobuf_writestr(out, s ); iobuf_writestr(out, "\n\n" ); }