From fa73dd20525374538fa1e923e7fbc5642afbe137 Mon Sep 17 00:00:00 2001
From: Timo Schulz <twoaday@freakmail.de>
Date: Wed, 5 Jun 2002 13:48:41 +0000
Subject: [PATCH] 2002-06-05  Timo Schulz  <ts@winpt.org>

        * encode.c (encode_simple): Ignore the new mode for RFC1991.
        * mainproc.c (symkey_sesskey_decrypt): Better check for weird
        keysizes.
---
 g10/ChangeLog  | 6 ++++++
 g10/encode.c   | 6 ++++++
 g10/mainproc.c | 2 +-
 3 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/g10/ChangeLog b/g10/ChangeLog
index cedaa9f94..0837050be 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,9 @@
+2002-06-05  Timo Schulz  <ts@winpt.org>
+
+	* encode.c (encode_simple): Ignore the new mode for RFC1991.
+	* mainproc.c (symkey_decrypt_sesskey): Better check for weird
+	keysizes.
+	
 2002-06-05  Timo Schulz  <ts@winpt.org>
 
 	* encode.c (encode_sesskey): New.
diff --git a/g10/encode.c b/g10/encode.c
index a9c016f31..ffb67de32 100644
--- a/g10/encode.c
+++ b/g10/encode.c
@@ -135,6 +135,12 @@ encode_simple( const char *filename, int mode, int compat )
     if( opt.textmode )
 	iobuf_push_filter( inp, text_filter, &tfx );
 
+    /* Due the the fact that we use don't use an IV to encrypt the
+       session key we can't use the new mode with RFC1991 because
+       it has no S2K salt. RFC1991 always uses simple S2K. */
+    if ( opt.rfc1991 && !compat )
+        compat = 1;
+    
     cfx.dek = NULL;
     if( mode ) {
 	s2k = m_alloc_clear( sizeof *s2k );
diff --git a/g10/mainproc.c b/g10/mainproc.c
index c79e4b6b1..40ea26ffb 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -242,7 +242,7 @@ symkey_decrypt_sesskey( DEK *dek, byte *sesskey, size_t slen )
 {
     CIPHER_HANDLE hd;
 
-    if ( slen > 33 ) {
+    if ( slen < 17 || slen > 33 ) {
         log_error( "weird size for an encrypted session key (%d)\n", slen );
         return;   
     }