security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity
gnupg/g10
History
Werner Koch e542c4af18
gpg: Make symmetric + pubkey encryption de-vs compliant. 
* g10/mainproc.c (proc_encrypted): Make symmetric + pubkey encryption
de-vs compliant.

* g10/mainproc.c (struct symlist_item): New.
(struct mainproc_context): Add field symenc_list.
(release_list): Free that list.
(proc_symkey_enc): Record infos from symmetric session packet.
(proc_encrypted): Check symkey packet algos
--

The original check was too strong because it is in fact compliant to
encrypt with a symmetric key and and public key.  Thus decryption
should issue a compliance status.

In addition we now check that the cipher algorithms used to
symmetrically encrypt the session key are all compliant.  This is
similar to our check for all public key encrypted session key packets.

GnuPG-bug-id: 6119
Fixes-commit: b03fab09e188f7bb10237d4f20455e4026737e4e

Backported from 2.2

Signed-off-by: Werner Koch <wk@gnupg.org>
2022-08-02 18:41:23 +02:00
..
all-tests.scm
tests: Make it possible to run all tests using our infrastructure.
2017-05-11 18:12:37 +02:00
armor.c
gpg: Allow --dearmor to decode all kinds of armor files.
2022-01-28 12:09:34 +01:00
build-packet.c
gpg: Replace an assert by a log_fatal.
2022-04-14 13:56:10 +02:00
call-agent.c
gpg: Print Yubikey version correctly.
2022-01-18 08:03:27 +01:00
call-agent.h
gpg: Print Yubikey version correctly.
2022-01-18 08:03:27 +01:00
call-dirmngr.c
gpg,sm: Simplify keyserver spec parsing.
2021-06-16 12:03:13 +02:00
call-dirmngr.h
gpg: Lookup a missing public key of the current card via LDAP.
2021-04-16 20:21:23 +02:00
call-keyboxd.c
keyboxd: Fix searching for exact mail addresses.
2021-04-21 14:40:08 +02:00
card-util.c
gpg: Print Yubikey version correctly.
2022-01-18 08:03:27 +01:00
ChangeLog-2011
Spelling: correct spelling of "passphrase".
2016-11-02 12:53:58 +01:00
cipher-aead.c
g10/cipher-aead: add fast path for avoid memcpy when AEAD encrypting
2022-03-08 20:00:31 +02:00
cipher-cfb.c
gpg: Remove MDC options
2018-05-29 12:42:52 +02:00
compress-bz2.c
gpg: fix --enarmor with zero length source file
2022-03-08 20:03:08 +02:00
compress.c
gpg,tools: Remove use of repo only zlib-riscos.h.
2022-03-29 12:07:18 +09:00
cpr.c
g10: Fix garbled status messages in NOTATION_DATA
2022-06-14 11:34:17 +02:00
dearmor.c
g10/dearmor: use iobuf_copy
2022-03-02 21:12:28 +02:00
decrypt-data.c
gpg: Print info about the used AEAD algorithm in the compliance msg.
2022-03-18 14:19:24 +01:00
decrypt.c
Remove remaining support for WindowsCE
2022-06-03 10:08:21 +02:00
dek.h
gpg: More check for symmetric key encryption.
2019-07-18 11:02:34 +09:00
delkey.c
gpg: Fix the previous commit.
2020-11-11 09:13:13 +09:00
distsigkey.gpg
Update release signing keys
2021-11-13 21:03:02 +01:00
ecdh.c
gpg: Don't use malloc for kek_params.
2021-11-12 15:39:30 +09:00
encrypt.c
gpg: New option --require-compliance.
2022-03-08 19:26:01 +01:00
exec.c
Remove remaining support for WindowsCE
2022-06-03 10:08:21 +02:00
exec.h
gpg: photoid: Move functions from exec.c.
2019-07-25 11:21:58 +09:00
expand-group.c
gpg: Fix expand GPG groups when resolving a key
2019-09-30 14:08:13 +02:00
export.c
gpg: Setup the 'usage' filter property for export.
2022-05-28 17:38:13 +02:00
filter.h
gpg: Allow --dearmor to decode all kinds of armor files.
2022-01-28 12:09:34 +01:00
free-packet.c
gpg: Skip the packet when not used for AEAD.
2021-09-28 14:49:21 +09:00
getkey.c
gpg: Handle backsig for v5 signature.
2021-09-29 11:30:00 +09:00
gpg-w32info.rc
w32: Add manifest to gpg.
2015-02-04 09:15:34 +01:00
gpg.c
agent: Do not consider --min-passphrase-len for the magic wand.
2022-06-27 18:06:40 +02:00
gpg.h
gpg: Improve speed of secret key listing.
2021-05-19 02:42:35 +02:00
gpg.w32-manifest.in
w32: Add manifest to gpg.
2015-02-04 09:15:34 +01:00
gpgsql.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
gpgsql.h
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00
gpgv.c
gpg: Allow decryption of symencr even for non-compliant cipher.
2022-03-18 11:14:54 +01:00
helptext.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
import.c
gpg: Print a warning when importing a bad cv25519 secret key.
2021-09-14 13:00:40 +02:00
kbnode.c
gpg: Avoid importing secret keys if the keyblock is not valid.
2019-03-15 20:41:38 +01:00
key-check.c
gpg: Fix debug output for key_check_all_keysigs with opaque MPI.
2020-11-02 11:32:27 +09:00
key-check.h
gpg: Avoid output to the tty during import.
2017-07-27 11:38:57 +02:00
key-clean.c
gpg: Sort the signatures in standard key listings.
2020-10-27 17:21:19 +01:00
key-clean.h
headers: fix spelling
2018-10-25 16:53:05 -04:00
keydb-private.h
gpg: Set the found-by flags in the keyblock in keyboxd mode.
2020-09-22 16:20:41 +02:00
keydb.c
w32: Replace some fopen by es_fopen.
2020-11-11 15:23:22 +01:00
keydb.h
gpg: Allow passing a keygrip as description to pinentry.
2021-12-20 19:34:34 +01:00
keyedit.c
gpg: Look up user ID to revoke by UID hash
2022-04-26 11:48:47 +02:00
keyedit.h
gpg: New command --quick-revoke-sig
2020-10-28 17:06:27 +01:00
keygen.c
keygen: Fix reading AEAD preference
2022-06-14 15:37:15 +09:00
keyid.c
gpg: Fix format_keyid.
2021-11-24 10:43:38 +09:00
keylist.c
gpg: Fix printing of binary notations.
2021-10-22 15:42:09 +02:00
keyring.c
gpg: Support KEYGRIP search with traditional keyring.
2021-06-03 13:32:25 +09:00
keyring.h
gpg: Pass CTRL to many more functions.
2017-03-31 20:07:20 +02:00
keyserver-internal.h
gpg,sm: Simplify keyserver spec parsing.
2021-06-16 12:03:13 +02:00
keyserver.c
gpg,build: Fix message for newer gettext.
2022-07-05 13:27:41 +09:00
main.h
gpg: Print info about the used AEAD algorithm in the compliance msg.
2022-03-18 14:19:24 +01:00
mainproc.c
gpg: Make symmetric + pubkey encryption de-vs compliant.
2022-08-02 18:41:23 +02:00
Makefile.am
gpg: Remove more or less useless tool gpgcompose.
2021-02-02 13:06:33 +01:00
mdfilter.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
migrate.c
Replace most of the remaining stdio calls by estream calls.
2020-10-20 12:15:56 +02:00
misc.c
gpg: Print info about the used AEAD algorithm in the compliance msg.
2022-03-18 14:19:24 +01:00
objcache.c
Spelling cleanup.
2020-02-18 18:07:46 -05:00
objcache.h
gpg: Fix getting User ID.
2019-07-11 12:32:44 +09:00
openfile.c
gpg: Partial fix for Unicode problem in output files.
2021-05-25 13:39:59 +02:00
options.h
gpg: New option --require-compliance.
2022-03-08 19:26:01 +01:00
packet.h
gpg: Allow decryption of symencr even for non-compliant cipher.
2022-03-18 11:14:54 +01:00
parse-packet.c
gpg: Avoid NULL ptr access due to corrupted packets.
2022-04-25 15:21:05 +02:00
passphrase.c
gpg: Allow passing a keygrip as description to pinentry.
2021-12-20 19:34:34 +01:00
photoid.c
gpg: Keep temp files when opening images via xdg-open
2021-03-01 09:43:26 +01:00
photoid.h
gpg: A little clean up.
2019-07-23 12:04:21 +09:00
pkclist.c
gpg: For de-vs use SHA-256 instead of SHA-1 as implicit preference.
2022-07-28 10:41:02 +02:00
pkglue.c
gpg: Emit compatible Ed25519 signature.
2021-12-10 15:43:28 +09:00
pkglue.h
gpg: Emit compatible Ed25519 signature.
2021-12-10 15:43:28 +09:00
plaintext.c
g10/plaintext: disable estream buffering in binary mode
2022-03-08 20:00:31 +02:00
progress.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
pubkey-enc.c
gpg: Support ECDH with v5 key.
2021-03-24 14:51:42 +09:00
pubring.asc
Update copyright notices for 2017.
2017-01-23 19:16:55 +01:00
revoke.c
g10: Fix memory leaks
2021-05-20 13:38:39 +02:00
rmd160.c
Clean up word replication.
2017-02-21 13:11:46 -05:00
rmd160.h
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00
seckey-cert.c
More change for common.
2017-03-07 20:32:09 +09:00
server.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
seskey.c
gpg,ecc: Handle external representation as SOS with opaque MPI.
2020-06-09 10:32:47 +09:00
sig-check.c
gpg: New option --override-compliance-check
2021-10-13 17:25:28 +02:00
sign.c
gpg: Always use version >= 4 to generate signature.
2022-03-19 13:38:37 +09:00
skclist.c
gpg: Allow decryption w/o public key but with correct card inserted.
2021-04-23 08:50:39 +02:00
t-keydb-get-keyblock.c
gpg: New option --use-keyboxd.
2019-09-09 15:01:47 +02:00
t-keydb-get-keyblock.gpg
gpg: Correctly handle keyblocks followed by legacy keys.
2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx
g10: Add test for keydb as well as new testing infrastructure.
2015-09-02 15:08:57 +02:00
t-keydb.c
gpg: New option --use-keyboxd.
2019-09-09 15:01:47 +02:00
t-rmd160.c
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00
t-stutter-data.asc
gpg: Add a new test.
2016-03-08 14:08:49 +01:00
t-stutter.c
g10: Stop compiler warning for t-stutter.
2017-05-10 11:13:03 +09:00
tdbdump.c
gpg: Remove stale ultimately trusted keys from the trustdb.
2021-11-13 20:34:06 +01:00
tdbio.c
Remove remaining support for WindowsCE
2022-06-03 10:08:21 +02:00
tdbio.h
gpg: Remove stale ultimately trusted keys from the trustdb.
2021-11-13 20:34:06 +01:00
test-stubs.c
gpg: Allow decryption of symencr even for non-compliant cipher.
2022-03-18 11:14:54 +01:00
test.c
build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.
2020-02-10 16:50:47 +01:00
textfilter.c
gpg: Initialize a parameter to silence valgrind.
2020-09-04 11:32:47 +02:00
tofu.c
g10: Fix memory leaks
2021-05-20 13:38:39 +02:00
tofu.h
g10: Remove dead code.
2016-12-06 12:16:56 +01:00
trust.c
gpg: Fix adding the list of ultimate trusted keys.
2022-01-12 13:34:31 +09:00
trustdb.c
gpg: Fix adding the list of ultimate trusted keys.
2022-01-12 13:34:31 +09:00
trustdb.h
gpg: Fix adding the list of ultimate trusted keys.
2022-01-12 13:34:31 +09:00
verify.c
gpg: Make really sure that --verify-files always returns an error.
2020-02-10 15:32:55 +01:00
zlib-riscos.h
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00