mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-24 15:17:02 +01:00
* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a
passphrase as if it was used (move from next_pw to last_pw). * pubkey-enc.c (get_session_key): Use it here to handle the case where a passphrase happens to be correct for a secret key, but yet that key isn't the anonymous recipient (i.e. the secret key could be decrypted, but not the session key). This also handles the case where a secret key is located on a card and a secret key with no passphrase. Note this does not fix bug 594 (anonymous recipients on smartcard do not work) - it just prevents the anonymous search from stopping when the card is encountered.
This commit is contained in:
parent
10d917a885
commit
dbe415ea61
@ -1,3 +1,17 @@
|
|||||||
|
2006-01-17 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* keydb.h, passphrase.c (next_to_last_passphrase): New. "Touch" a
|
||||||
|
passphrase as if it was used (move from next_pw to last_pw).
|
||||||
|
|
||||||
|
* pubkey-enc.c (get_session_key): Use it here to handle the case
|
||||||
|
where a passphrase happens to be correct for a secret key, but yet
|
||||||
|
that key isn't the anonymous recipient (i.e. the secret key could
|
||||||
|
be decrypted, but not the session key). This also handles the
|
||||||
|
case where a secret key is located on a card and a secret key with
|
||||||
|
no passphrase. Note this does not fix bug 594 (anonymous
|
||||||
|
recipients on smartcard do not work) - it just prevents the
|
||||||
|
anonymous search from stopping when the card is encountered.
|
||||||
|
|
||||||
2006-01-07 David Shaw <dshaw@jabberwocky.com>
|
2006-01-07 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* keyserver.c (keyserver_refresh): Fix problem when more than one
|
* keyserver.c (keyserver_refresh): Fix problem when more than one
|
||||||
|
@ -211,6 +211,7 @@ DEK *passphrase_to_dek( u32 *keyid, int pubkey_algo,
|
|||||||
const char *tryagain_text, int *canceled);
|
const char *tryagain_text, int *canceled);
|
||||||
void set_next_passphrase( const char *s );
|
void set_next_passphrase( const char *s );
|
||||||
char *get_last_passphrase(void);
|
char *get_last_passphrase(void);
|
||||||
|
void next_to_last_passphrase(void);
|
||||||
|
|
||||||
/*-- getkey.c --*/
|
/*-- getkey.c --*/
|
||||||
int classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc);
|
int classify_user_id( const char *name, KEYDB_SEARCH_DESC *desc);
|
||||||
|
@ -55,24 +55,6 @@
|
|||||||
#include "assuan.h"
|
#include "assuan.h"
|
||||||
#endif /*ENABLE_AGENT_SUPPORT*/
|
#endif /*ENABLE_AGENT_SUPPORT*/
|
||||||
|
|
||||||
|
|
||||||
#define buftou32( p ) ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \
|
|
||||||
(*((byte*)(p)+2) << 8) | (*((byte*)(p)+3)))
|
|
||||||
#define u32tobuf( p, a ) do { \
|
|
||||||
((byte*)p)[0] = (byte)((a) >> 24); \
|
|
||||||
((byte*)p)[1] = (byte)((a) >> 16); \
|
|
||||||
((byte*)p)[2] = (byte)((a) >> 8); \
|
|
||||||
((byte*)p)[3] = (byte)((a) ); \
|
|
||||||
} while(0)
|
|
||||||
|
|
||||||
#define digitp(p) (*(p) >= '0' && *(p) <= '9')
|
|
||||||
#define hexdigitp(a) (digitp (a) \
|
|
||||||
|| (*(a) >= 'A' && *(a) <= 'F') \
|
|
||||||
|| (*(a) >= 'a' && *(a) <= 'f'))
|
|
||||||
#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \
|
|
||||||
*(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
|
|
||||||
#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1))
|
|
||||||
|
|
||||||
static char *fd_passwd = NULL;
|
static char *fd_passwd = NULL;
|
||||||
static char *next_pw = NULL;
|
static char *next_pw = NULL;
|
||||||
static char *last_pw = NULL;
|
static char *last_pw = NULL;
|
||||||
@ -115,6 +97,17 @@ get_last_passphrase()
|
|||||||
return p;
|
return p;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* As if we had used the passphrase - make it the last_pw. */
|
||||||
|
void
|
||||||
|
next_to_last_passphrase(void)
|
||||||
|
{
|
||||||
|
if(next_pw)
|
||||||
|
{
|
||||||
|
last_pw=next_pw;
|
||||||
|
next_pw=NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* Here's an interesting question: since this passphrase was passed in
|
/* Here's an interesting question: since this passphrase was passed in
|
||||||
on the command line, is there really any point in using secure
|
on the command line, is there really any point in using secure
|
||||||
memory for it? I'm going with 'yes', since it doesn't hurt, and
|
memory for it? I'm going with 'yes', since it doesn't hurt, and
|
||||||
|
@ -115,11 +115,26 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
|
|||||||
only
|
only
|
||||||
once */
|
once */
|
||||||
if( !rc )
|
if( !rc )
|
||||||
|
{
|
||||||
rc = get_it( k, dek, sk, keyid );
|
rc = get_it( k, dek, sk, keyid );
|
||||||
if( !rc ) {
|
/* Successfully checked the secret key (either it was
|
||||||
|
a card, had no passphrase, or had the right
|
||||||
|
passphrase) but couldn't decrypt the session key,
|
||||||
|
so thus that key is not the anonymous recipient.
|
||||||
|
Move the next passphrase into last for the next
|
||||||
|
round. We only do this if the secret key was
|
||||||
|
successfully checked as in the normal case,
|
||||||
|
check_secret_key handles this for us via
|
||||||
|
passphrase_to_dek */
|
||||||
|
if(rc)
|
||||||
|
next_to_last_passphrase();
|
||||||
|
}
|
||||||
|
|
||||||
|
if( !rc )
|
||||||
|
{
|
||||||
log_info(_("okay, we are the anonymous recipient.\n") );
|
log_info(_("okay, we are the anonymous recipient.\n") );
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
enum_secret_keys( &enum_context, NULL, 0, 0 ); /* free context */
|
enum_secret_keys( &enum_context, NULL, 0, 0 ); /* free context */
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user