security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

Update head to match stable 1.0

Browse source
This commit is contained in:
David Shaw 2002-06-29 13:46:34 +00:00
parent 151ee2f47b
commit 3f51f7db3d
155 changed files with 83872 additions and 37585 deletions
Download patch file Download diff file Expand all files Collapse all files

96
g10/encr-data.c
View file

@ -1,5 +1,5 @@
/* encr-data.c - process an encrypted data packet
* Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -23,10 +23,11 @@
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include <gcrypt.h>
#include "util.h"
#include "memory.h"
#include "packet.h"
#include "mpi.h"
#include "cipher.h"
#include "options.h"
#include "i18n.h"
@ -37,8 +38,8 @@ static int decode_filter( void *opaque, int control, IOBUF a,
byte *buf, size_t *ret_len);
typedef struct {
GCRY_CIPHER_HD cipher_hd;
GCRY_MD_HD mdc_hash;
CIPHER_HANDLE cipher_hd;
MD_HANDLE mdc_hash;
char defer[20];
int defer_filled;
int eof_seen;
@ -55,20 +56,21 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
byte *p;
int rc=0, c, i;
byte temp[32];
unsigned int blocksize;
unsigned int nprefix;
unsigned blocksize;
unsigned nprefix;
memset( &dfx, 0, sizeof dfx );
if( gcry_cipher_test_algo( dek->algo ) ) {
if( opt.verbose )
if( opt.verbose && !dek->algo_info_printed ) {
const char *s = cipher_algo_to_string( dek->algo );
if( s )
log_info(_("%s encrypted data\n"), s );
else
log_info(_("encrypted with unknown algorithm %d\n"), dek->algo );
rc = GPGERR_CIPHER_ALGO;
goto leave;
dek->algo_info_printed = 1;
}
if( opt.verbose )
log_info(_("%s encrypted data\n"), gcry_cipher_algo_name( dek->algo ) );
blocksize = gcry_cipher_get_algo_blklen( dek->algo );
if( (rc=check_cipher_algo(dek->algo)) )
goto leave;
blocksize = cipher_get_blocksize(dek->algo);
if( !blocksize || blocksize > 16 )
log_fatal("unsupported blocksize %u\n", blocksize );
nprefix = blocksize;
@ -76,36 +78,28 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
BUG();
if( ed->mdc_method ) {
dfx.mdc_hash = gcry_md_open( ed->mdc_method, 0 );
dfx.mdc_hash = md_open( ed->mdc_method, 0 );
if ( DBG_HASHING )
gcry_md_start_debug(dfx.mdc_hash, "checkmdc");
md_start_debug(dfx.mdc_hash, "checkmdc");
}
if( !(dfx.cipher_hd = gcry_cipher_open( dek->algo,
GCRY_CIPHER_MODE_CFB,
GCRY_CIPHER_SECURE
| ((ed->mdc_method || dek->algo >= 100)?
0 : GCRY_CIPHER_ENABLE_SYNC) ))
) {
/* we should never get an error here cause we already checked, that
* the algorithm is available. What about a flag to let the function
* die in this case? */
BUG();
}
dfx.cipher_hd = cipher_open( dek->algo,
ed->mdc_method? CIPHER_MODE_CFB
: CIPHER_MODE_AUTO_CFB, 1 );
/* log_hexdump( "thekey", dek->key, dek->keylen );*/
rc = gcry_cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
if( rc == GCRYERR_WEAK_KEY ) {
rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
if( rc == G10ERR_WEAK_KEY )
log_info(_("WARNING: message was encrypted with "
"a weak key in the symmetric cipher.\n"));
rc = 0;
}
else if( rc ) {
log_error("key setup failed: %s\n", gcry_strerror(rc) );
log_error("key setup failed: %s\n", g10_errstr(rc) );
goto leave;
}
if (!ed->buf) {
log_error(_("problem handling encrypted packet\n"));
goto leave;
}
gcry_cipher_setiv( dfx.cipher_hd, NULL, 0 );
cipher_setiv( dfx.cipher_hd, NULL, 0 );
if( ed->len ) {
for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) {
@ -122,17 +116,17 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
else
temp[i] = c;
}
gcry_cipher_decrypt( dfx.cipher_hd, temp, nprefix+2, NULL, 0 );
gcry_cipher_sync( dfx.cipher_hd );
cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2);
cipher_sync( dfx.cipher_hd );
p = temp;
/* log_hexdump( "prefix", temp, nprefix+2 ); */
if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
rc = GPGERR_BAD_KEY;
rc = G10ERR_BAD_KEY;
goto leave;
}
if( dfx.mdc_hash )
gcry_md_write( dfx.mdc_hash, temp, nprefix+2 );
md_write( dfx.mdc_hash, temp, nprefix+2 );
if( ed->mdc_method )
iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx );
@ -142,21 +136,23 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
proc_packets( procctx, ed->buf );
ed->buf = NULL;
if( ed->mdc_method && dfx.eof_seen == 2 )
rc = GPGERR_INVALID_PACKET;
rc = G10ERR_INVALID_PACKET;
else if( ed->mdc_method ) { /* check the mdc */
int datalen = gcry_md_get_algo_dlen( ed->mdc_method );
int datalen = md_digest_length( ed->mdc_method );
gcry_cipher_decrypt( dfx.cipher_hd, dfx.defer, 20, NULL, 0);
cipher_decrypt( dfx.cipher_hd, dfx.defer, dfx.defer, 20);
md_final( dfx.mdc_hash );
if( datalen != 20
|| memcmp(gcry_md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
rc = GPGERR_BAD_SIGN;
|| memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
rc = G10ERR_BAD_SIGN;
/*log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);*/
/*log_hexdump("MDC message :", dfx.defer, 20);*/
}
leave:
gcry_cipher_close(dfx.cipher_hd);
gcry_md_close( dfx.mdc_hash );
cipher_close(dfx.cipher_hd);
md_close( dfx.mdc_hash );
return rc;
}
@ -222,8 +218,8 @@ mdc_decode_filter( void *opaque, int control, IOBUF a,
}
if( n ) {
gcry_cipher_decrypt( dfx->cipher_hd, buf, n, NULL, 0);
gcry_md_write( dfx->mdc_hash, buf, n );
cipher_decrypt( dfx->cipher_hd, buf, buf, n);
md_write( dfx->mdc_hash, buf, n );
}
else {
assert( dfx->eof_seen );
@ -249,7 +245,7 @@ decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len)
n = iobuf_read( a, buf, size );
if( n == -1 ) n = 0;
if( n )
gcry_cipher_decrypt( fc->cipher_hd, buf, n, NULL, 0 );
cipher_decrypt( fc->cipher_hd, buf, buf, n);
else
rc = -1; /* eof */
*ret_len = n;