fixed last passphrase bug

2025-07-03 22:56:33 +02:00 · 1998-05-03 19:35:33 +00:00 · 1998-05-03 19:35:33 +00:00 · 2cd12c5c8f
commit 2cd12c5c8f
parent 1d4718a1a6
13 changed files with 60 additions and 30 deletions
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@ -54,12 +54,8 @@ do_check( PKT_secret_cert *cert )
 	  case CIPHER_ALGO_BLOWFISH:
 	  case CIPHER_ALGO_CAST:
 	    keyid_from_skc( cert, keyid );
-	    if( cert->protect.s2k.mode == 1 || cert->protect.s2k.mode == 4 )
-		dek = get_passphrase_hash( keyid, NULL,
-						 cert->protect.s2k.salt );
-	    else
-		dek = get_passphrase_hash( keyid, NULL, NULL );
-
+	    dek = get_passphrase_hash( keyid, cert->protect.algo,
+					      &cert->protect.s2k );
 	    cipher_hd = cipher_open( cert->protect.algo,
 				     CIPHER_MODE_AUTO_CFB, 1);
 	    cipher_setkey( cipher_hd, dek->key, dek->keylen );
@ -216,11 +212,22 @@ check_secret_key( PKT_secret_cert *cert )

    for(i=0; i < 3 && rc == G10ERR_BAD_PASS; i++ ) {
 	if( i )
-	    log_error("Invalid passphrase; please try again ...\n");
+	    log_error("Invalid passphrase; please try again ...\n\n");
 	switch( cert->pubkey_algo ) {
 	  case PUBKEY_ALGO_ELGAMAL:
 	  case PUBKEY_ALGO_DSA:
 	    rc = do_check( cert );
+	    if( rc == G10ERR_BAD_PASS && cert->is_protected
+		&& cert->protect.algo == CIPHER_ALGO_BLOWFISH ) {
+		/* Workaround for a bug in 0.2.16 which still used
+		 * a 160 bit key for BLOWFISH. */
+		log_info("trying workaround for 0.2.16 passphrase bug ...\n");
+		cert->protect.algo = CIPHER_ALGO_BLOWFISH160;
+		rc = do_check( cert );
+		if( rc )
+		    rc = G10ERR_BAD_PASS;
+		cert->protect.algo = CIPHER_ALGO_BLOWFISH;
+	    }
 	    break;
 	  default: rc = G10ERR_PUBKEY_ALGO;
 	}