mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
a545e14e8a
* g10/build-packet.c (do_encrypted_aead): New. (do_symkey_enc): Handle version 5. (build_packet): Support the ENCRYPTED_AEAD packet. * g10/cipher.c (MIN_PARTIAL_SIZE): Remove unused macro. (AEAD_ENC_BUFFER_SIZE): New macro. (my_iobuf_write): New. (write_header): Rename to write_cfb_header. Adjust caller. (set_ocb_nonce_and_ad): New. (write_ocb_header): New. (write_ocb_auth_tag): New. (write_ocb_final_chunk): New. (do_ocb_flush): New. (do_ocb_free): New. (cipher_filter_ocb): New. * g10/filter.h (cipher_filter_context_t): Add fields for AEAD. * g10/encrypt.c (encrypt_symmetric): For the use of a session key in OCB mode. (encrypt_seskey): Revamp to support OCB. (use_aead): New. (encrypt_simple): Support OCB. (write_symkey_enc): Ditto. (encrypt_crypt): Ditto. (encrypt_filter): Handle OCB. * g10/options.h (opt): Add field force_ocb. * g10/gpg.c (oForceOCB): New. (opts): New option "--force-ocb". (main): Set force_ocb option. * g10/gpgcompose.c (encrypt_seskey): New. * g10/keygen.c (aead_available): New global var. (keygen_set_std_prefs): Set AEAD feature by default in GNUPG mode. Add parings of aead feature flag. (keygen_get_std_prefs): Set aead flag. (add_feature_aead): New. (keygen_upd_std_prefs): Set OCB as preference if AEAD is enabled. * g10/pkclist.c (select_aead_from_pklist): New. (warn_missing_aead_from_pklist): New. (select_mdc_from_pklist): Remove this unused function. -- This extends the long available OCB and EAX decryption feature. Due to the meanwhile expired patent on OCB there is no more reason for using EAX. Thus we forcefully use OCB if the AEAD feature flag is set on a key. In GNUPG mode new keys are now created with the AEAD feature flag set. Option --rfc4880 is one way to disable this. GnuPG-bug-id: 6263
Common functionality used by all modules of GnuPG.