security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-01 22:28:02 +02:00
Code Activity

* seckey-cert.c (do_check): Handle case when checksum was okay but

Browse Source 
passphrase still wrong.  Roman Pavlik found such a case.

* mpicoder.c (mpi_read_from_buffer): Don't abort in case of an
invalid MPI but print a message and return NULL.  Use log_info and
not log_error.
This commit is contained in:
Werner Koch 2004-12-20 10:05:20 +00:00
parent be4bb5a88b
commit 9e3526f236
6 changed files with 49 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -12,6 +12,11 @@
* configure.ac: Check for arpa/nameser.h.
2004-12-16 Werner Koch <wk@g10code.com>
* THANKS: Added John Clizbe for help testing the 1.4.0a W32
binary.
2004-12-16 Werner Koch <wk@g10code.com>
Released 1.4.0.

1
THANKS
View File

@ -101,6 +101,7 @@ Jim Small cavenewt@my-deja.com
Joachim Backes backes@rhrk.uni-kl.de
Joe Rhett jrhett@isite.net
John A. Martin jam@jamux.com
John Clizbe JPClizbe@comcast.net
Johnny Teveßen j.tevessen@gmx.de
Jörg Schilling schilling@fokus.gmd.de
Jos Backus Jos.Backus@nl.origin-it.com

5
g10/ChangeLog
View File

@ -1,3 +1,8 @@
2004-12-20 Werner Koch <wk@g10code.com>
* seckey-cert.c (do_check): Handle case when checksum was okay but
passphrase still wrong. Roman Pavlik found such a case.
2004-12-20 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (keyedit_menu): Invisible alias "passwd" as

19
g10/seckey-cert.c
View File

@ -147,12 +147,20 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
}
}
/* must check it here otherwise the mpi_read_xx would fail
/* Must check it here otherwise the mpi_read_xx would fail
because the length may have an arbitrary value */
if( sk->csum == csum ) {
for( ; i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
nbytes = ndata;
sk->skey[i] = mpi_read_from_buffer(p, &nbytes, 1 );
if (!sk->skey[i])
{
/* Checksum was okay, but not correctly
decrypted. */
sk->csum = 0;
csum = 1;
break;
}
ndata -= nbytes;
p += nbytes;
}
@ -179,8 +187,15 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
csum += checksum (buffer, ndata);
mpi_free (sk->skey[i]);
sk->skey[i] = mpi_read_from_buffer (buffer, &ndata, 1);
assert (sk->skey[i]);
m_free (buffer);
if (!sk->skey[i])
{
/* Checksum was okay, but not correctly
decrypted. */
sk->csum = 0;
csum = 1;
break;
}
/* csum += checksum_mpi (sk->skey[i]); */
}
}

6
mpi/ChangeLog
View File

@ -1,3 +1,9 @@
2004-12-20 Werner Koch <wk@g10code.com>
* mpicoder.c (mpi_read_from_buffer): Don't abort in case of an
invalid MPI but print a message and return NULL. Use log_info and
not log_error.
2004-10-26 Werner Koch <wk@g10code.com>
* config.links: Use HOST instead of TARGET.

21
mpi/mpicoder.c
View File

@ -125,7 +125,7 @@ mpi_read(IOBUF inp, unsigned *ret_nread, int secure)
MPI
mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure)
mpi_read_from_buffer(byte *buffer, unsigned int *ret_nread, int secure)
{
int i, j;
unsigned nbits, nbytes, nlimbs, nread=0;
@ -136,7 +136,7 @@ mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure)
goto leave;
nbits = buffer[0] << 8 | buffer[1];
if( nbits > MAX_EXTERN_MPI_BITS ) {
log_error("mpi too large (%u bits)\n", nbits);
log_info ("mpi too large (%u bits)\n", nbits);
goto leave;
}
buffer += 2;
@ -154,10 +154,19 @@ mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure)
for( ; j > 0; j-- ) {
a = 0;
for(; i < BYTES_PER_MPI_LIMB; i++ ) {
if( ++nread > *ret_nread )
log_bug("mpi larger than buffer\n");
a <<= 8;
a |= *buffer++;
if( ++nread > *ret_nread ) {
/* This (as well as the above error condition) may
happen if we use this function to parse a decrypted
MPI which didn't turn out to be a real MPI - possible
because the supplied key was wrong but the OpenPGP
checksum didn't caught it. */
log_info ("mpi larger than buffer\n");
mpi_free (val);
val = MPI_NULL;
goto leave;
}
a <<= 8;
a |= *buffer++;
}
i = 0;
val->d[j-1] = a;