security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-09 12:54:23 +01:00
Code Activity

Disable the "quick check" bytes for PK decryptions. This is in

Browse Source 
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.
This commit is contained in:
David Shaw 2005-02-10 04:06:30 +00:00
parent 2dbfc709ad
commit a3ea962679
5 changed files with 32 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
g10/ChangeLog
View File

@ -1,3 +1,12 @@
2005-02-09 David Shaw <dshaw@jabberwocky.com>
* encr-data.c (decrypt_data): Use it here to turn off the "quick
check" bytes for PK decryptions. This is in regards to the Mister
and Zuccherato attack on OpenPGP CFB mode.
* mainproc.c (proc_symkey_enc): Set a flag to indicate that a
particular session key came from a passphrase and not a PK.
2005-02-06 David Shaw <dshaw@jabberwocky.com> 2005-02-06 David Shaw <dshaw@jabberwocky.com>
* trustdb.h, trustdb.c (trustdb_check_or_update): New. If the * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the

6
g10/encr-data.c
View File

@ -1,5 +1,5 @@
/* encr-data.c - process an encrypted data packet /* encr-data.c - process an encrypted data packet
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc. * Copyright (C) 1998, 1999, 2000, 2001, 2005 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -125,7 +125,9 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
cipher_sync( dfx.cipher_hd ); cipher_sync( dfx.cipher_hd );
p = temp; p = temp;
/* log_hexdump( "prefix", temp, nprefix+2 ); */ /* log_hexdump( "prefix", temp, nprefix+2 ); */
if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) { if(dek->symmetric
&& (p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1]) )
{
rc = G10ERR_BAD_KEY; rc = G10ERR_BAD_KEY;
goto leave; goto leave;
} }

6
g10/mainproc.c
View File

@ -1,6 +1,6 @@
/* mainproc.c - handle packets /* mainproc.c - handle packets
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
* 2004 Free Software Foundation, Inc. * 2005 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -330,6 +330,8 @@ proc_symkey_enc( CTX c, PACKET *pkt )
if(c->dek) if(c->dek)
{ {
c->dek->symmetric=1;
/* FIXME: This doesn't work perfectly if a symmetric /* FIXME: This doesn't work perfectly if a symmetric
key comes before a public key in the message - if key comes before a public key in the message - if
the user doesn't know the passphrase, then there is the user doesn't know the passphrase, then there is

4
include/ChangeLog
View File

@ -1,3 +1,7 @@
2005-02-09 David Shaw <dshaw@jabberwocky.com>
* cipher.h: Add a flag for a symmetric DEK.
2004-12-16 David Shaw <dshaw@jabberwocky.com> 2004-12-16 David Shaw <dshaw@jabberwocky.com>
* memory.h: Return a flag to indicate whether we got the lock. * memory.h: Return a flag to indicate whether we got the lock.

8
include/cipher.h
View File

@ -1,6 +1,6 @@
/* cipher.h /* cipher.h
* Copyright (C) 1998, 1999, 2000, 2001, 2003, * Copyright (C) 1998, 1999, 2000, 2001, 2003, 2004,
* 2004 Free Software Foundation, Inc. * 2005 Free Software Foundation, Inc.
* *
* This file is part of GNUPG. * This file is part of GNUPG.
* *
@ -70,11 +70,13 @@
#define is_ELGAMAL(a) ((a)==PUBKEY_ALGO_ELGAMAL_E) #define is_ELGAMAL(a) ((a)==PUBKEY_ALGO_ELGAMAL_E)
#define is_DSA(a) ((a)==PUBKEY_ALGO_DSA) #define is_DSA(a) ((a)==PUBKEY_ALGO_DSA)
typedef struct { typedef struct
{
int algo; int algo;
int keylen; int keylen;
int algo_info_printed; int algo_info_printed;
int use_mdc; int use_mdc;
int symmetric;
byte key[32]; /* this is the largest used keylen (256 bit) */ byte key[32]; /* this is the largest used keylen (256 bit) */
} DEK; } DEK;