1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-24 15:17:02 +01:00

* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a

passphrase as if it was used (move from next_pw to last_pw).

* pubkey-enc.c (get_session_key): Use it here to handle the case where a
passphrase happens to be correct for a secret key, but yet that key isn't
the anonymous recipient (i.e. the secret key could be decrypted, but not
the session key).  This also handles the case where a secret key is
located on a card and a secret key with no passphrase.  Note this does not
fix bug 594 (anonymous recipients on smartcard do not work) - it just
prevents the anonymous search from stopping when the card is encountered.
This commit is contained in:
David Shaw 2006-01-17 20:55:53 +00:00
parent 10d917a885
commit dbe415ea61
4 changed files with 43 additions and 20 deletions

View File

@ -1,3 +1,17 @@
2006-01-17 David Shaw <dshaw@jabberwocky.com>
* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a
passphrase as if it was used (move from next_pw to last_pw).
* pubkey-enc.c (get_session_key): Use it here to handle the case
where a passphrase happens to be correct for a secret key, but yet
that key isn't the anonymous recipient (i.e. the secret key could
be decrypted, but not the session key). This also handles the
case where a secret key is located on a card and a secret key with
no passphrase. Note this does not fix bug 594 (anonymous
recipients on smartcard do not work) - it just prevents the
anonymous search from stopping when the card is encountered.
2006-01-07 David Shaw <dshaw@jabberwocky.com> 2006-01-07 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (keyserver_refresh): Fix problem when more than one * keyserver.c (keyserver_refresh): Fix problem when more than one

View File

@ -211,6 +211,7 @@ DEK *passphrase_to_dek( u32 *keyid, int pubkey_algo,
const char *tryagain_text, int *canceled); const char *tryagain_text, int *canceled);
void set_next_passphrase( const char *s ); void set_next_passphrase( const char *s );
char *get_last_passphrase(void); char *get_last_passphrase(void);
void next_to_last_passphrase(void);
/*-- getkey.c --*/ /*-- getkey.c --*/
int classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc); int classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc);

View File

@ -55,24 +55,6 @@
#include "assuan.h" #include "assuan.h"
#endif /*ENABLE_AGENT_SUPPORT*/ #endif /*ENABLE_AGENT_SUPPORT*/
#define buftou32( p ) ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \
(*((byte*)(p)+2) << 8) | (*((byte*)(p)+3)))
#define u32tobuf( p, a ) do { \
((byte*)p)[0] = (byte)((a) >> 24); \
((byte*)p)[1] = (byte)((a) >> 16); \
((byte*)p)[2] = (byte)((a) >> 8); \
((byte*)p)[3] = (byte)((a) ); \
} while(0)
#define digitp(p) (*(p) >= '0' && *(p) <= '9')
#define hexdigitp(a) (digitp (a) \
|| (*(a) >= 'A' && *(a) <= 'F') \
|| (*(a) >= 'a' && *(a) <= 'f'))
#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \
*(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1))
static char *fd_passwd = NULL; static char *fd_passwd = NULL;
static char *next_pw = NULL; static char *next_pw = NULL;
static char *last_pw = NULL; static char *last_pw = NULL;
@ -115,6 +97,17 @@ get_last_passphrase()
return p; return p;
} }
/* As if we had used the passphrase - make it the last_pw. */
void
next_to_last_passphrase(void)
{
if(next_pw)
{
last_pw=next_pw;
next_pw=NULL;
}
}
/* Here's an interesting question: since this passphrase was passed in /* Here's an interesting question: since this passphrase was passed in
on the command line, is there really any point in using secure on the command line, is there really any point in using secure
memory for it? I'm going with 'yes', since it doesn't hurt, and memory for it? I'm going with 'yes', since it doesn't hurt, and

View File

@ -115,11 +115,26 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
only only
once */ once */
if( !rc ) if( !rc )
{
rc = get_it( k, dek, sk, keyid ); rc = get_it( k, dek, sk, keyid );
if( !rc ) { /* Successfully checked the secret key (either it was
a card, had no passphrase, or had the right
passphrase) but couldn't decrypt the session key,
so thus that key is not the anonymous recipient.
Move the next passphrase into last for the next
round. We only do this if the secret key was
successfully checked as in the normal case,
check_secret_key handles this for us via
passphrase_to_dek */
if(rc)
next_to_last_passphrase();
}
if( !rc )
{
log_info(_("okay, we are the anonymous recipient.\n") ); log_info(_("okay, we are the anonymous recipient.\n") );
break; break;
} }
} }
enum_secret_keys( &enum_context, NULL, 0, 0 ); /* free context */ enum_secret_keys( &enum_context, NULL, 0, 0 ); /* free context */
} }