1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-23 15:07:03 +01:00

gpg: Use opaque MPI for ECDH.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2019-11-21 16:12:19 +09:00
parent c31fd44737
commit ac977526ac
2 changed files with 4 additions and 24 deletions

View File

@ -98,7 +98,7 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi,
gpg_error_t err; gpg_error_t err;
byte *secret_x; byte *secret_x;
int secret_x_size; int secret_x_size;
unsigned int nbits; unsigned int nbits, nbits1;
const unsigned char *kek_params; const unsigned char *kek_params;
size_t kek_params_size; size_t kek_params_size;
int kdf_hash_algo; int kdf_hash_algo;
@ -118,19 +118,7 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi,
/* Extract x component of the shared point: this is the actual /* Extract x component of the shared point: this is the actual
shared secret. */ shared secret. */
nbytes = (mpi_get_nbits (pkey[1] /* public point */)+7)/8; nbytes = (mpi_get_nbits (pkey[1] /* public point */)+7)/8;
secret_x = xtrymalloc_secure (nbytes); secret_x = gcry_mpi_get_opaque (shared_mpi, &nbits1);
if (!secret_x)
return gpg_error_from_syserror ();
err = gcry_mpi_print (GCRYMPI_FMT_USG, secret_x, nbytes,
&nbytes, shared_mpi);
if (err)
{
xfree (secret_x);
log_error ("ECDH ephemeral export of shared point failed: %s\n",
gpg_strerror (err));
return err;
}
/* Expected size of the x component */ /* Expected size of the x component */
secret_x_size = (nbits+7)/8; secret_x_size = (nbits+7)/8;
@ -184,7 +172,6 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi,
/* Expect 4 bytes 03 01 hash_alg symm_alg. */ /* Expect 4 bytes 03 01 hash_alg symm_alg. */
if (kek_params_size != 4 || kek_params[0] != 3 || kek_params[1] != 1) if (kek_params_size != 4 || kek_params[0] != 3 || kek_params[1] != 1)
{ {
xfree (secret_x);
return gpg_error (GPG_ERR_BAD_PUBKEY); return gpg_error (GPG_ERR_BAD_PUBKEY);
} }
@ -200,14 +187,12 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi,
&& kdf_hash_algo != GCRY_MD_SHA384 && kdf_hash_algo != GCRY_MD_SHA384
&& kdf_hash_algo != GCRY_MD_SHA512) && kdf_hash_algo != GCRY_MD_SHA512)
{ {
xfree (secret_x);
return gpg_error (GPG_ERR_BAD_PUBKEY); return gpg_error (GPG_ERR_BAD_PUBKEY);
} }
if (kdf_encr_algo != CIPHER_ALGO_AES if (kdf_encr_algo != CIPHER_ALGO_AES
&& kdf_encr_algo != CIPHER_ALGO_AES192 && kdf_encr_algo != CIPHER_ALGO_AES192
&& kdf_encr_algo != CIPHER_ALGO_AES256) && kdf_encr_algo != CIPHER_ALGO_AES256)
{ {
xfree (secret_x);
return gpg_error (GPG_ERR_BAD_PUBKEY); return gpg_error (GPG_ERR_BAD_PUBKEY);
} }
@ -231,7 +216,6 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi,
iobuf_close (obuf); iobuf_close (obuf);
if (err) if (err)
{ {
xfree (secret_x);
return err; return err;
} }
@ -249,7 +233,6 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi,
{ {
log_error ("gcry_md_open failed for kdf_hash_algo %d: %s", log_error ("gcry_md_open failed for kdf_hash_algo %d: %s",
kdf_hash_algo, gpg_strerror (err)); kdf_hash_algo, gpg_strerror (err));
xfree (secret_x);
return err; return err;
} }
gcry_md_write(h, "\x00\x00\x00\x01", 4); /* counter = 1 */ gcry_md_write(h, "\x00\x00\x00\x01", 4); /* counter = 1 */
@ -290,13 +273,10 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi,
{ {
log_error ("ecdh failed to initialize AESWRAP: %s\n", log_error ("ecdh failed to initialize AESWRAP: %s\n",
gpg_strerror (err)); gpg_strerror (err));
xfree (secret_x);
return err; return err;
} }
err = gcry_cipher_setkey (hd, secret_x, secret_x_size); err = gcry_cipher_setkey (hd, secret_x, secret_x_size);
xfree (secret_x);
secret_x = NULL;
if (err) if (err)
{ {
gcry_cipher_close (hd); gcry_cipher_close (hd);

View File

@ -314,8 +314,8 @@ pk_encrypt (pubkey_algo_t algo, gcry_mpi_t *resarr, gcry_mpi_t data,
size_t fpn; size_t fpn;
/* Get the shared point and the ephemeral public key. */ /* Get the shared point and the ephemeral public key. */
shared = get_mpi_from_sexp (s_ciph, "s", GCRYMPI_FMT_USG); shared = get_mpi_from_sexp (s_ciph, "s", GCRYMPI_FMT_OPAQUE);
public = get_mpi_from_sexp (s_ciph, "e", GCRYMPI_FMT_USG); public = get_mpi_from_sexp (s_ciph, "e", GCRYMPI_FMT_OPAQUE);
gcry_sexp_release (s_ciph); gcry_sexp_release (s_ciph);
s_ciph = NULL; s_ciph = NULL;
if (DBG_CRYPTO) if (DBG_CRYPTO)