mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
agent: For OCB key files return Bad Passprase instead of Checksum Error.
* agent/protect.c (do_decryption): Map error checksum to bad passpharse protection * agent/call-pinentry.c (unlock_pinentry): Don't munge the error source for corrupted protection. -- GnuPG-bug-id: 3266 Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
1c35e29af9
commit
5cf95157c5
@ -167,6 +167,10 @@ unlock_pinentry (gpg_error_t rc)
|
|||||||
case GPG_ERR_BAD_PIN:
|
case GPG_ERR_BAD_PIN:
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case GPG_ERR_CORRUPTED_PROTECTION:
|
||||||
|
/* This comes from gpg-agent. */
|
||||||
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
rc = gpg_err_make (GPG_ERR_SOURCE_PINENTRY, gpg_err_code (rc));
|
rc = gpg_err_make (GPG_ERR_SOURCE_PINENTRY, gpg_err_code (rc));
|
||||||
break;
|
break;
|
||||||
|
@ -813,7 +813,14 @@ do_decryption (const unsigned char *aad_begin, size_t aad_len,
|
|||||||
protected, protectedlen - 16);
|
protected, protectedlen - 16);
|
||||||
}
|
}
|
||||||
if (!rc)
|
if (!rc)
|
||||||
|
{
|
||||||
rc = gcry_cipher_checktag (hd, protected + protectedlen - 16, 16);
|
rc = gcry_cipher_checktag (hd, protected + protectedlen - 16, 16);
|
||||||
|
if (gpg_err_code (rc) == GPG_ERR_CHECKSUM)
|
||||||
|
{
|
||||||
|
/* Return Bad Passphrase instead of checksum error */
|
||||||
|
rc = gpg_error (GPG_ERR_BAD_PASSPHRASE);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@ -833,8 +840,6 @@ do_decryption (const unsigned char *aad_begin, size_t aad_len,
|
|||||||
/* Do a quick check on the data structure. */
|
/* Do a quick check on the data structure. */
|
||||||
if (*outbuf != '(' && outbuf[1] != '(')
|
if (*outbuf != '(' && outbuf[1] != '(')
|
||||||
{
|
{
|
||||||
/* Note that in OCB mode this is actually invalid _encrypted_
|
|
||||||
* data and not a bad passphrase. */
|
|
||||||
xfree (outbuf);
|
xfree (outbuf);
|
||||||
return gpg_error (GPG_ERR_BAD_PASSPHRASE);
|
return gpg_error (GPG_ERR_BAD_PASSPHRASE);
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user