security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpg,sm: Error out on compliance mismatch while decrypting. 

* g10/pubkey-enc.c (get_session_key): Bail out if the algo is not
allowed in the current compliance mode.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
--

The idea here is that the owner of the key created a non-compliant key
and later receives a mail encrypted to that key.  The sender should
have checked this key too but we can't guarantee that.  By hard
failing here the owner of the key will notice that he had created a
non-compliant key and thus has a chance to generate a new compliant
key.  In case the compliant criteria changes and the owner wants to
decrypt an old message he can still switch gpg to another compliant
mode.

Fixes-commit: a0d0cbee76
GnuPG-bug-id: 3308
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-08-01 08:41:47 +02:00
parent a21ca77988
commit 4e117f206b
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 36 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
g10/pubkey-enc.c
View File

@ -90,16 +90,19 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek)
sk->pubkey_algo = k->pubkey_algo; /* We want a pubkey with this algo. */
if (!(rc = get_seckey (ctrl, sk, k->keyid)))
{
/* Print compliance warning. */
if (!gnupg_pk_is_compliant (opt.compliance,
sk->pubkey_algo,
sk->pkey, nbits_from_pk (sk), NULL))
log_info (_("Note: key %s is not suitable for encryption"
" in %s mode\n"),
keystr_from_pk (sk),
gnupg_compliance_option_string (opt.compliance));
rc = get_it (ctrl, k, dek, sk, k->keyid);
/* Check compliance. */
if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_DECRYPTION,
sk->pubkey_algo,
sk->pkey, nbits_from_pk (sk), NULL))
{
log_info (_("key %s is not suitable for decryption"
" in %s mode\n"),
keystr_from_pk (sk),
gnupg_compliance_option_string (opt.compliance));
rc = gpg_error (GPG_ERR_PUBKEY_ALGO);
}
else
rc = get_it (ctrl, k, dek, sk, k->keyid);
}
}
else if (opt.skip_hidden_recipients)
@ -128,14 +131,17 @@ get_session_key (ctrl_t ctrl, PKT_pubkey_enc * k, DEK * dek)
log_info (_("anonymous recipient; trying secret key %s ...\n"),
keystr (keyid));
/* Print compliance warning. */
if (!gnupg_pk_is_compliant (opt.compliance,
sk->pubkey_algo,
sk->pkey, nbits_from_pk (sk), NULL))
log_info (_("Note: key %s is not suitable for encryption"
" in %s mode\n"),
keystr_from_pk (sk),
gnupg_compliance_option_string (opt.compliance));
/* Check compliance. */
if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_DECRYPTION,
sk->pubkey_algo,
sk->pkey, nbits_from_pk (sk), NULL))
{
log_info (_("key %s is not suitable for decryption"
" in %s mode\n"),
keystr_from_pk (sk),
gnupg_compliance_option_string (opt.compliance));
continue;
}
rc = get_it (ctrl, k, dek, sk, keyid);
if (!rc)

19
sm/decrypt.c
View File

@ -480,19 +480,22 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
unsigned int nbits;
int pk_algo = gpgsm_get_key_algo_info (cert, &nbits);
/* Print compliance warning. */
if (! gnupg_pk_is_compliant (opt.compliance,
pk_algo, NULL, nbits, NULL))
/* Check compliance. */
if (!gnupg_pk_is_allowed (opt.compliance,
PK_USE_DECRYPTION,
pk_algo, NULL, nbits, NULL))
{
char kidstr[10+1];
snprintf (kidstr, sizeof kidstr, "0x%08lX",
gpgsm_get_short_fingerprint (cert, NULL));
log_info
(_("Note: key %s is not suitable for encryption"
(_("key %s is not suitable for decryption"
" in %s mode\n"),
kidstr,
gnupg_compliance_option_string (opt.compliance));
rc = gpg_error (GPG_ERR_PUBKEY_ALGO);
goto oops;
}
/* Check that all certs are compliant with CO_DE_VS. */
@ -504,9 +507,11 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
oops:
if (rc)
/* We cannot check compliance of certs that we
* don't have. */
is_de_vs = 0;
{
/* We cannot check compliance of certs that we
* don't have. */
is_de_vs = 0;
}
xfree (issuer);
xfree (serial);
ksba_cert_release (cert);