security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpg: Unify AEAD parameter retrieval.

Browse source 
* g10/pkclist.c (select_aead_from_pklist): Return the AEAD_algo.
* g10/encrypt.c (use_aead): Return the AEAD algo.
(encrypt_simple): Adjust for this change.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.

* g10/misc.c (MY_GCRY_CIPHER_MODE_EAX): New.
(openpgp_aead_algo_info): New.
* g10/cipher-aead.c (MY_GCRY_CIPHER_MODE_EAX): Remove.
(write_header): Use new fucntion.
* g10/decrypt-data.c (MY_GCRY_CIPHER_MODE_EAX): Remove.
(decrypt_data): Use new function.  Also allow for chunkbytes other
than 10.
--

Note that other chunk bytes than 10 and in particular 0 (64 byte
chunks) have not yet been tested.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2018-01-22 16:23:02 +01:00
parent 0131d4369a
commit da3015e3c0
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
8 changed files with 63 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

29
g10/decrypt-data.c
View file

@ -31,10 +31,6 @@
#include "../common/status.h"
#include "../common/compliance.h"
/* FIXME: Libgcrypt 1.9 will support EAX. Until we kame this a
* requirement we hardwire the enum used for EAX. */
#define MY_GCRY_CIPHER_MODE_EAX 14
static int aead_decode_filter (void *opaque, int control, iobuf_t a,
byte *buf, size_t *ret_len);
@ -274,28 +270,15 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek)
goto leave;
}
switch (ed->aead_algo)
{
case AEAD_ALGO_OCB:
startivlen = 15;
ciphermode = GCRY_CIPHER_MODE_OCB;
break;
case AEAD_ALGO_EAX:
startivlen = 16;
ciphermode = MY_GCRY_CIPHER_MODE_EAX;
break;
default:
log_error ("unknown AEAD algo %d\n", ed->aead_algo);
rc = gpg_error (GPG_ERR_INV_CIPHER_MODE);
goto leave;
}
rc = openpgp_aead_algo_info (ed->aead_algo, &ciphermode, &startivlen);
if (rc)
goto leave;
log_assert (startivlen <= sizeof dfx->startiv);
if (ed->chunkbyte != 10)
if (ed->chunkbyte > 56)
{
/* FIXME */
log_error ("unsupported chunkbyte %u\n", ed->chunkbyte);
rc = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
log_error ("invalid AEAD chunkbyte %u\n", ed->chunkbyte);
rc = gpg_error (GPG_ERR_INV_PACKET);
goto leave;
}