gpg: Don't try decryption by session key when NULL.

* g10/mainproc.c (proc_encrypted): Only call get_session_key when PKENC_LIST is not NULL. Return GPG_ERR_BAD_KEY, instead of GPG_ERR_NO_SECKEY, when it's encrypted only by symmetric key. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-07-12 09:26:00 +09:00 · 2019-07-12 09:26:00 +09:00 · 89303b9998
parent 02d8b38383
commit 89303b9998
1 changed files with 6 additions and 3 deletions
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -574,7 +574,7 @@ proc_encrypted (CTX c, PACKET *pkt)
          write_status_error ("pkdecrypt_failed", result);
        }
    }
-  else
+  else if (c->pkenc_list)
    {
      c->dek = xmalloc_secure_clear (sizeof *c->dek);
      result = get_session_key (c->ctrl, c->pkenc_list, c->dek);
@ -669,8 +669,11 @@ proc_encrypted (CTX c, PACKET *pkt)
    }
  else if (!c->dek)
    {
+      if (c->symkeys && !c->pkenc_list)
+        result = gpg_error (GPG_ERR_BAD_KEY);
+
      if (!result)
-        result = GPG_ERR_NO_SECKEY;
+        result = gpg_error (GPG_ERR_NO_SECKEY);
    }

  /* Compute compliance with CO_DE_VS.  */
@ -783,7 +786,7 @@ proc_encrypted (CTX c, PACKET *pkt)
      if ((gpg_err_code (result) == GPG_ERR_BAD_KEY
 	   || gpg_err_code (result) == GPG_ERR_CHECKSUM
 	   || gpg_err_code (result) == GPG_ERR_CIPHER_ALGO)
-          && *c->dek->s2k_cacheid != '\0')
+          && c->dek && *c->dek->s2k_cacheid != '\0')
        {
          if (opt.debug)
            log_debug ("cleared passphrase cached with ID: %s\n",