* mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check the S2K

hash algorithm before we try to generate a passphrase using it. This prevents hitting BUG() when generating a passphrase using a hash that we don't have.
2025-02-01 16:33:02 +01:00 · 2004-06-27 18:26:49 +00:00 · 2004-06-27 18:26:49 +00:00 · eb5045d972
commit eb5045d972
parent 7c90cacd33
3 changed files with 20 additions and 0 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,10 @@
+2004-06-27  David Shaw  <dshaw@jabberwocky.com>
+
+	* mainproc.c (proc_symkey_enc), seckey-cert.c (do_check): Check
+	the S2K hash algorithm before we try to generate a passphrase
+	using it.  This prevents hitting BUG() when generating a
+	passphrase using a hash that we don't have.
+
 2004-06-23  David Shaw  <dshaw@jabberwocky.com>

 	* keyedit.c (sign_uids): Properly handle remaking a self-sig on
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -304,6 +304,13 @@ proc_symkey_enc( CTX c, PACKET *pkt )
 	else
 	  log_error(_("encrypted with unknown algorithm %d\n"), algo );

+	if(check_digest_algo(enc->s2k.hash_algo))
+	  {
+	    log_error(_("passphrase generated with unknown digest"
+			" algorithm %d\n"),enc->s2k.hash_algo);
+	    s=NULL;
+	  }
+
 	c->last_was_session_key = 2;
 	if(!s || opt.list_only)
 	  goto leave;
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@ -65,6 +65,12 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int *canceled )
              }
 	    return G10ERR_CIPHER_ALGO;
 	}
+	if(check_digest_algo(sk->protect.s2k.hash_algo))
+	  {
+	    log_info(_("protection digest %d is not supported\n"),
+		     sk->protect.s2k.hash_algo);
+	    return G10ERR_DIGEST_ALGO;
+	  }
 	keyid_from_sk( sk, keyid );
 	keyid[2] = keyid[3] = 0;
 	if( !sk->is_primary ) {