security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-17 14:07:03 +01:00
Code Activity

accept Argon2 as S2K specifier.

Browse Source 
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2022-02-21 11:37:38 +09:00
parent df967c228f
commit fe1e64f2dc
1 changed files with 30 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
g10/parse-packet.c
View File

@ -1241,8 +1241,13 @@ parse_symkeyenc (IOBUF inp, int pkttype, unsigned long pktlen,
goto too_short;
s2kmode = iobuf_get_noeof (inp);
pktlen--;
hash_algo = iobuf_get_noeof (inp);
pktlen--;
if (s2kmode <= 3)
{
hash_algo = iobuf_get_noeof (inp);
pktlen--;
}
else
hash_algo = 0;
switch (s2kmode)
{
case 0: /* Simple S2K. */
@ -1254,6 +1259,9 @@ parse_symkeyenc (IOBUF inp, int pkttype, unsigned long pktlen,
case 3: /* Iterated+salted S2K. */
minlen = 9;
break;
case 4: /* Argon2. */
minlen = 19;
break;
default:
log_error ("unknown S2K mode %d\n", s2kmode);
if (list_mode)
@ -1275,7 +1283,17 @@ parse_symkeyenc (IOBUF inp, int pkttype, unsigned long pktlen,
k->cipher_algo = cipher_algo;
k->aead_algo = aead_algo;
k->s2k.mode = s2kmode;
k->s2k.u.s.hash_algo = hash_algo;
if (s2kmode == 4)
{
for (i = 0; i < 16 && pktlen; i++, pktlen--)
k->s2k.u.a.salt[i] = iobuf_get_noeof (inp);
k->s2k.u.a.t = iobuf_get_noeof (inp);;
k->s2k.u.a.m = iobuf_get_noeof (inp);;
k->s2k.u.a.p = iobuf_get_noeof (inp);;
pktlen -=3;
}
else
k->s2k.u.s.hash_algo = hash_algo;
if (s2kmode == 1 || s2kmode == 3)
{
for (i = 0; i < 8 && pktlen; i++, pktlen--)
@ -1295,7 +1313,7 @@ parse_symkeyenc (IOBUF inp, int pkttype, unsigned long pktlen,
/* What we're watching out for here is a session key decryptor
with no salt. The RFC says that using salt for this is a
MUST. */
if (s2kmode != 1 && s2kmode != 3)
if (s2kmode == 0)
log_info (_("WARNING: potentially insecure symmetrically"
" encrypted session key\n"));
}
@ -1329,6 +1347,14 @@ parse_symkeyenc (IOBUF inp, int pkttype, unsigned long pktlen,
(ulong) k->s2k.u.s.count);
es_fprintf (listfp, "\n");
}
else if (s2kmode == 4)
{
es_fprintf (listfp, "\tsalt ");
es_write_hexstring (listfp, k->s2k.u.a.salt, 16, 0, NULL);
es_fprintf (listfp, ", t=%02x, m=%02x, p=%02x",
k->s2k.u.a.t, k->s2k.u.a.m, k->s2k.u.a.p);
es_fprintf (listfp, "\n");
}
}
leave: