security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

Finished the bulk of changes for gnupg 1.9. This included switching

Browse source 
to libgcrypt functions, using shared error codes from libgpg-error,
replacing the old functions we used to have in ../util by those in
../jnlib and ../common, renaming the malloc functions and a couple of
types.  Note, that not all changes are listed below becuause they are
too similar and done at far too many places.  As of today the code
builds using the current libgcrypt from CVS but it is very unlikely
that it actually works.
This commit is contained in:
Werner Koch 2003-06-18 19:56:13 +00:00
parent b7b07d36e8
commit c0c2c58054
90 changed files with 5078 additions and 2925 deletions
Download patch file Download diff file Expand all files Collapse all files

73
g10/cipher.c
View file

@ -1,5 +1,5 @@
/* cipher.c - En-/De-ciphering filter
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
* Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -25,6 +25,7 @@
#include <errno.h>
#include <assert.h>
#include "gpg.h"
#include "errors.h"
#include "iobuf.h"
#include "memory.h"
@ -40,15 +41,16 @@
static void
write_header( cipher_filter_context_t *cfx, IOBUF a )
write_header( cipher_filter_context_t *cfx, iobuf_t a )
{
PACKET pkt;
PKT_encrypted ed;
byte temp[18];
unsigned blocksize;
unsigned nprefix;
unsigned int blocksize;
unsigned int nprefix;
gpg_error_t rc;
blocksize = cipher_get_blocksize( cfx->dek->algo );
blocksize = gcry_cipher_get_algo_blklen ( cfx->dek->algo );
if( blocksize < 8 || blocksize > 16 )
log_fatal("unsupported blocksize %u\n", blocksize );
@ -58,9 +60,9 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
ed.new_ctb = !ed.len && !RFC1991;
if( cfx->dek->use_mdc ) {
ed.mdc_method = DIGEST_ALGO_SHA1;
cfx->mdc_hash = md_open( DIGEST_ALGO_SHA1, 0 );
gcry_md_open (&cfx->mdc_hash, GCRY_MD_SHA1, 0 );
if ( DBG_HASHING )
md_start_debug( cfx->mdc_hash, "creatmdc" );
gcry_md_start_debug ( cfx->mdc_hash, "creatmdc" );
}
{
@ -76,21 +78,28 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
if( build_packet( a, &pkt ))
log_bug("build_packet(ENCR_DATA) failed\n");
nprefix = blocksize;
randomize_buffer( temp, nprefix, 1 );
gcry_randomize ( temp, nprefix, GCRY_STRONG_RANDOM);
temp[nprefix] = temp[nprefix-2];
temp[nprefix+1] = temp[nprefix-1];
print_cipher_algo_note( cfx->dek->algo );
cfx->cipher_hd = cipher_open( cfx->dek->algo,
cfx->dek->use_mdc? CIPHER_MODE_CFB
: CIPHER_MODE_AUTO_CFB, 1 );
rc = gcry_cipher_open (&cfx->cipher_hd, cfx->dek->algo,
GCRY_CIPHER_MODE_CFB,
GCRY_CIPHER_SECURE
| ((cfx->dek->use_mdc || cfx->dek->algo >= 100) ?
0 : GCRY_CIPHER_ENABLE_SYNC));
if (rc) {
/* we should never get an error here cause we already checked, that
* the algorithm is available. */
BUG();
}
/* log_hexdump( "thekey", cfx->dek->key, cfx->dek->keylen );*/
cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
cipher_setiv( cfx->cipher_hd, NULL, 0 );
gcry_cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
gcry_cipher_setiv( cfx->cipher_hd, NULL, 0 );
/* log_hexdump( "prefix", temp, nprefix+2 ); */
if( cfx->mdc_hash ) /* hash the "IV" */
md_write( cfx->mdc_hash, temp, nprefix+2 );
cipher_encrypt( cfx->cipher_hd, temp, temp, nprefix+2);
cipher_sync( cfx->cipher_hd );
gcry_md_write( cfx->mdc_hash, temp, nprefix+2 );
gcry_cipher_encrypt( cfx->cipher_hd, temp, nprefix+2, NULL, 0);
gcry_cipher_sync( cfx->cipher_hd );
iobuf_write(a, temp, nprefix+2);
cfx->header=1;
}
@ -102,7 +111,7 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
*/
int
cipher_filter( void *opaque, int control,
IOBUF a, byte *buf, size_t *ret_len)
iobuf_t a, byte *buf, size_t *ret_len)
{
size_t size = *ret_len;
cipher_filter_context_t *cfx = opaque;
@ -117,36 +126,40 @@ cipher_filter( void *opaque, int control,
write_header( cfx, a );
}
if( cfx->mdc_hash )
md_write( cfx->mdc_hash, buf, size );
cipher_encrypt( cfx->cipher_hd, buf, buf, size);
if( iobuf_write( a, buf, size ) )
rc = G10ERR_WRITE_FILE;
gcry_md_write( cfx->mdc_hash, buf, size );
gcry_cipher_encrypt( cfx->cipher_hd, buf, size, NULL, 0);
rc = iobuf_write( a, buf, size );
}
else if( control == IOBUFCTRL_FREE ) {
if( cfx->mdc_hash ) {
byte *hash;
int hashlen = md_digest_length( md_get_algo( cfx->mdc_hash ) );
int hashlen = gcry_md_get_algo_dlen (gcry_md_get_algo (
cfx->mdc_hash));
byte temp[22];
assert( hashlen == 20 );
/* we must hash the prefix of the MDC packet here */
temp[0] = 0xd3;
temp[1] = 0x14;
md_putc( cfx->mdc_hash, temp[0] );
md_putc( cfx->mdc_hash, temp[1] );
gcry_md_putc ( cfx->mdc_hash, temp[0] );
gcry_md_putc ( cfx->mdc_hash, temp[1] );
md_final( cfx->mdc_hash );
hash = md_read( cfx->mdc_hash, 0 );
gcry_md_final ( cfx->mdc_hash );
hash = gcry_md_read ( cfx->mdc_hash, 0 );
memcpy(temp+2, hash, 20);
cipher_encrypt( cfx->cipher_hd, temp, temp, 22 );
md_close( cfx->mdc_hash ); cfx->mdc_hash = NULL;
if( iobuf_write( a, temp, 22 ) )
gcry_cipher_encrypt( cfx->cipher_hd, temp, 22, NULL, 0 );
gcry_md_close ( cfx->mdc_hash ); cfx->mdc_hash = NULL;
rc = iobuf_write( a, temp, 22 );
if (rc)
log_error("writing MDC packet failed\n" );
}
cipher_close(cfx->cipher_hd);
gcry_cipher_close (cfx->cipher_hd);
}
else if( control == IOBUFCTRL_DESC ) {
*(char**)buf = "cipher_filter";
}
return rc;
}