From ac977526accb684d7ba18673e52068c7900dd5b7 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Thu, 21 Nov 2019 16:12:19 +0900 Subject: [PATCH] gpg: Use opaque MPI for ECDH. Signed-off-by: NIIBE Yutaka --- g10/ecdh.c | 24 ++---------------------- g10/pkglue.c | 4 ++-- 2 files changed, 4 insertions(+), 24 deletions(-) diff --git a/g10/ecdh.c b/g10/ecdh.c index 6587cc4b4..661841686 100644 --- a/g10/ecdh.c +++ b/g10/ecdh.c @@ -98,7 +98,7 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi, gpg_error_t err; byte *secret_x; int secret_x_size; - unsigned int nbits; + unsigned int nbits, nbits1; const unsigned char *kek_params; size_t kek_params_size; int kdf_hash_algo; @@ -118,19 +118,7 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi, /* Extract x component of the shared point: this is the actual shared secret. */ nbytes = (mpi_get_nbits (pkey[1] /* public point */)+7)/8; - secret_x = xtrymalloc_secure (nbytes); - if (!secret_x) - return gpg_error_from_syserror (); - - err = gcry_mpi_print (GCRYMPI_FMT_USG, secret_x, nbytes, - &nbytes, shared_mpi); - if (err) - { - xfree (secret_x); - log_error ("ECDH ephemeral export of shared point failed: %s\n", - gpg_strerror (err)); - return err; - } + secret_x = gcry_mpi_get_opaque (shared_mpi, &nbits1); /* Expected size of the x component */ secret_x_size = (nbits+7)/8; @@ -184,7 +172,6 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi, /* Expect 4 bytes 03 01 hash_alg symm_alg. */ if (kek_params_size != 4 || kek_params[0] != 3 || kek_params[1] != 1) { - xfree (secret_x); return gpg_error (GPG_ERR_BAD_PUBKEY); } @@ -200,14 +187,12 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi, && kdf_hash_algo != GCRY_MD_SHA384 && kdf_hash_algo != GCRY_MD_SHA512) { - xfree (secret_x); return gpg_error (GPG_ERR_BAD_PUBKEY); } if (kdf_encr_algo != CIPHER_ALGO_AES && kdf_encr_algo != CIPHER_ALGO_AES192 && kdf_encr_algo != CIPHER_ALGO_AES256) { - xfree (secret_x); return gpg_error (GPG_ERR_BAD_PUBKEY); } @@ -231,7 +216,6 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi, iobuf_close (obuf); if (err) { - xfree (secret_x); return err; } @@ -249,7 +233,6 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi, { log_error ("gcry_md_open failed for kdf_hash_algo %d: %s", kdf_hash_algo, gpg_strerror (err)); - xfree (secret_x); return err; } gcry_md_write(h, "\x00\x00\x00\x01", 4); /* counter = 1 */ @@ -290,13 +273,10 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi, { log_error ("ecdh failed to initialize AESWRAP: %s\n", gpg_strerror (err)); - xfree (secret_x); return err; } err = gcry_cipher_setkey (hd, secret_x, secret_x_size); - xfree (secret_x); - secret_x = NULL; if (err) { gcry_cipher_close (hd); diff --git a/g10/pkglue.c b/g10/pkglue.c index 8021a94db..339db67f3 100644 --- a/g10/pkglue.c +++ b/g10/pkglue.c @@ -314,8 +314,8 @@ pk_encrypt (pubkey_algo_t algo, gcry_mpi_t *resarr, gcry_mpi_t data, size_t fpn; /* Get the shared point and the ephemeral public key. */ - shared = get_mpi_from_sexp (s_ciph, "s", GCRYMPI_FMT_USG); - public = get_mpi_from_sexp (s_ciph, "e", GCRYMPI_FMT_USG); + shared = get_mpi_from_sexp (s_ciph, "s", GCRYMPI_FMT_OPAQUE); + public = get_mpi_from_sexp (s_ciph, "e", GCRYMPI_FMT_OPAQUE); gcry_sexp_release (s_ciph); s_ciph = NULL; if (DBG_CRYPTO)