mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
See ChangeLog: Tue Oct 26 14:10:21 CEST 1999 Werner Koch
This commit is contained in:
Werner Koch
parent
df4ecbb8d9
commit
cf70ca8d68
71 changed files with 4032 additions and 2869 deletions
|
|
@ -56,7 +56,6 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
|
|||
decode_filter_ctx_t dfx;
|
||||
byte *p;
|
||||
int rc=0, c, i;
|
||||
int algo_okay;
|
||||
byte temp[32];
|
||||
int blocksize;
|
||||
unsigned nprefix;
|
||||
|
|
@ -71,27 +70,45 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
|
|||
if( opt.verbose )
|
||||
log_info(_("%s encrypted data\n"), gcry_cipher_algo_name( dek->algo ) );
|
||||
|
||||
blocksize = gcry_cipher_get_blklen( dek->algo );
|
||||
blocksize = gcry_cipher_get_algo_blklen( dek->algo );
|
||||
if( blocksize < 1 || blocksize > 16 )
|
||||
log_fatal("unsupported blocksize %u\n", blocksize );
|
||||
nprefix = blocksize;
|
||||
if( ed->len && ed->len < (nprefix+2) )
|
||||
BUG();
|
||||
--> We are currently working HERE!!!!
|
||||
if( ed->mdc_method )
|
||||
dfx.mdc_hash = md_open( ed->mdc_method, 0 );
|
||||
dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
|
||||
|
||||
if( ed->mdc_method ) {
|
||||
dfx.mdc_hash = gcry_md_open( ed->mdc_method, 0 );
|
||||
if( !dfx.mdc_hash )
|
||||
BUG();
|
||||
}
|
||||
if( !(dfx.cipher_hd = gcry_cipher_open( dek->algo,
|
||||
GCRY_CIPHER_MODE_CFB,
|
||||
GCRY_CIPHER_SECURE
|
||||
| (dek->algo >= 100 ?
|
||||
0 : GCRY_CIPHER_ENABLE_SYNC) ))
|
||||
) {
|
||||
/* we should never get an error here cause we already checked, that
|
||||
* the algorithm is available. What about a flag to let the function
|
||||
* die in this case? */
|
||||
BUG();
|
||||
}
|
||||
|
||||
|
||||
/* log_hexdump( "thekey", dek->key, dek->keylen );*/
|
||||
rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
|
||||
if( rc == G10ERR_WEAK_KEY )
|
||||
rc = gcry_cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
|
||||
if( rc == GCRYERR_WEAK_KEY ) {
|
||||
log_info(_("WARNING: message was encrypted with "
|
||||
"a weak key in the symmetric cipher.\n"));
|
||||
rc = 0;
|
||||
}
|
||||
else if( rc ) {
|
||||
log_error("key setup failed: %s\n", g10_errstr(rc) );
|
||||
log_error("key setup failed: %s\n", gcry_strerror(rc) );
|
||||
rc = map_gcry_rc(rc);
|
||||
goto leave;
|
||||
}
|
||||
|
||||
cipher_setiv( dfx.cipher_hd, NULL, 0 );
|
||||
gcry_cipher_setiv( dfx.cipher_hd, NULL, 0 );
|
||||
|
||||
if( ed->len ) {
|
||||
for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) {
|
||||
|
|
@ -108,10 +125,10 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
|
|||
else
|
||||
temp[i] = c;
|
||||
}
|
||||
cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2);
|
||||
gcry_cipher_decrypt( dfx.cipher_hd, temp, nprefix+2, NULL, 0 );
|
||||
if( dfx.mdc_hash )
|
||||
md_write( dfx.mdc_hash, temp, nprefix+2 );
|
||||
cipher_sync( dfx.cipher_hd );
|
||||
gcry_md_write( dfx.mdc_hash, temp, nprefix+2 );
|
||||
gcry_cipher_sync( dfx.cipher_hd );
|
||||
p = temp;
|
||||
/* log_hexdump( "prefix", temp, nprefix+2 ); */
|
||||
if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
|
||||
|
|
@ -127,20 +144,20 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
|
|||
if( ed->mdc_method && dfx.eof_seen == 2 )
|
||||
rc = G10ERR_INVALID_PACKET;
|
||||
else if( ed->mdc_method ) { /* check the mdc */
|
||||
int datalen = md_digest_length( ed->mdc_method );
|
||||
md_final( dfx.mdc_hash );
|
||||
int datalen = gcry_md_get_algo_dlen( ed->mdc_method );
|
||||
if( datalen != 20
|
||||
|| memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
|
||||
|| memcmp(gcry_md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
|
||||
rc = G10ERR_BAD_SIGN;
|
||||
log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);
|
||||
log_hexdump("MDC calculated:", gcry_md_read( dfx.mdc_hash, 0), datalen);
|
||||
log_hexdump("MDC message :", dfx.defer, 20);
|
||||
}
|
||||
leave:
|
||||
cipher_close(dfx.cipher_hd);
|
||||
md_close( dfx.mdc_hash );
|
||||
gcry_cipher_close(dfx.cipher_hd);
|
||||
gcry_md_close( dfx.mdc_hash );
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
/* I think we should merge this with cipher_filter */
|
||||
static int
|
||||
mdc_decode_filter( void *opaque, int control, IOBUF a,
|
||||
|
|
@ -198,8 +215,8 @@ mdc_decode_filter( void *opaque, int control, IOBUF a,
|
|||
}
|
||||
|
||||
if( n ) {
|
||||
cipher_decrypt( dfx->cipher_hd, buf, buf, n);
|
||||
md_write( dfx->mdc_hash, buf, n );
|
||||
gcry_cipher_decrypt( dfx->cipher_hd, buf, n, NULL, 0);
|
||||
gcry_md_write( dfx->mdc_hash, buf, n );
|
||||
}
|
||||
else {
|
||||
assert( dfx->eof_seen );
|
||||
|
|
@ -225,7 +242,7 @@ decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len)
|
|||
n = iobuf_read( a, buf, size );
|
||||
if( n == -1 ) n = 0;
|
||||
if( n )
|
||||
cipher_decrypt( fc->cipher_hd, buf, buf, n);
|
||||
gcry_cipher_decrypt( fc->cipher_hd, buf, n, NULL, 0);
|
||||
else
|
||||
rc = -1; /* eof */
|
||||
*ret_len = n;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue