security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-07-01 02:42:44 +02:00
Code Activity
a545e14e8a
gnupg/g10
History
Werner Koch a545e14e8a
gpg: Support OCB encryption. 
* g10/build-packet.c (do_encrypted_aead): New.
(do_symkey_enc): Handle version 5.
(build_packet): Support the ENCRYPTED_AEAD packet.
* g10/cipher.c (MIN_PARTIAL_SIZE): Remove unused macro.
(AEAD_ENC_BUFFER_SIZE): New macro.
(my_iobuf_write): New.
(write_header): Rename to write_cfb_header.  Adjust caller.
(set_ocb_nonce_and_ad): New.
(write_ocb_header): New.
(write_ocb_auth_tag): New.
(write_ocb_final_chunk): New.
(do_ocb_flush): New.
(do_ocb_free): New.
(cipher_filter_ocb): New.
* g10/filter.h (cipher_filter_context_t): Add fields for AEAD.
* g10/encrypt.c (encrypt_symmetric): For the use of a session key in
OCB mode.
(encrypt_seskey): Revamp to support OCB.
(use_aead): New.
(encrypt_simple): Support OCB.
(write_symkey_enc): Ditto.
(encrypt_crypt): Ditto.
(encrypt_filter): Handle OCB.
* g10/options.h (opt): Add field force_ocb.
* g10/gpg.c (oForceOCB): New.
(opts): New option "--force-ocb".
(main): Set force_ocb option.
* g10/gpgcompose.c (encrypt_seskey): New.
* g10/keygen.c (aead_available): New global var.
(keygen_set_std_prefs): Set AEAD feature by default in GNUPG mode. Add
parings of aead feature flag.
(keygen_get_std_prefs): Set aead flag.
(add_feature_aead): New.
(keygen_upd_std_prefs): Set OCB as preference if AEAD is enabled.
* g10/pkclist.c (select_aead_from_pklist): New.
(warn_missing_aead_from_pklist): New.
(select_mdc_from_pklist): Remove this unused function.
--

This extends the long available OCB and EAX decryption feature.  Due
to the meanwhile expired patent on OCB there is no more reason for
using EAX.  Thus we forcefully use OCB if the AEAD feature flag is set
on a key.

In GNUPG mode new keys are now created with the AEAD feature flag set.
Option --rfc4880 is one way to disable this.

GnuPG-bug-id: 6263
2022-10-31 14:33:10 +01:00
..
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10: Fix possible null dereference. 2019-05-14 11:24:35 +09:00
build-packet.c gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
call-agent.c gpg: Fix "generate" command in --card-edit. 2022-08-16 14:07:38 +02:00
call-agent.h gpg: Update shadow-keys with --card-status also for non-openpgp cards. 2022-08-16 13:02:25 +02:00
call-dirmngr.c gpg: Show just keyserver and port with --send-keys. 2022-10-07 13:37:09 +02:00
call-dirmngr.h gpg: Lookup a missing public key of the current card via LDAP. 2021-05-03 20:28:33 +02:00
card-util.c gpg: Fix "generate" command in --card-edit. 2022-08-16 14:07:38 +02:00
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
cipher.c gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c g10: Fix garbled status messages in NOTATION_DATA 2022-06-14 11:39:31 +02:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c gpg: Very minor cleanup in decrypt_data. 2022-08-29 13:07:43 +02:00
decrypt.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:42:42 +02:00
dek.h gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
delkey.c gpg: Print a hint for --batch mode and --delete-secret-key. 2020-03-18 15:26:43 +01:00
distsigkey.gpg Update release signing keys 2021-11-13 21:02:22 +01:00
ecdh.c gpg: Allow ECDH with a smartcard returning just the x-coordinate. 2021-05-04 11:51:34 +02:00
encrypt.c gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
exec.c w32: Change spawn functions to use Unicode version of CreateProcess. 2021-06-08 10:52:45 +02:00
exec.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
export.c gpg: Report an error for receiving key from agent. 2022-10-13 18:35:34 +02:00
filter.h gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
free-packet.c gpg: Skip the packet when not used for AEAD. 2021-10-06 20:03:34 +02:00
getkey.c gpg: Fix mailbox based search via AKL keyserver method. 2021-05-04 10:23:20 +02:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
gpg.h gpg: Fix build on Windows. 2018-03-08 14:08:51 +09:00
gpg.w32-manifest.in w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
gpgcompose.c gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv-w32info.rc w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
gpgv.c gpg: Allow decryption of symencr even for non-compliant cipher. 2022-03-18 11:55:17 +01:00
gpgv.w32-manifest.in w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg: Do not use self-sigs-only for LDAP keyserver imports. 2021-04-13 14:50:05 +02:00
kbnode.c gpg: Avoid importing secret keys if the keyblock is not valid. 2019-03-18 13:16:35 +01:00
key-check.c gpg: Fix segv importing certain keys. 2020-09-02 16:06:46 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Remove multiple subkey bindings during export-clean. 2018-07-09 12:07:24 +02:00
key-clean.h gpg: Let export-clean remove expired subkeys. 2018-07-09 10:25:06 +02:00
keydb.c w32: Support Unicode also for config files etc. 2020-11-10 12:09:11 +01:00
keydb.h gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
keyedit.c gpg: Look up user ID to revoke by UID hash 2022-07-27 16:35:59 +02:00
keyedit.h gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
keygen.c gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
keyid.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
keylist.c gpg: Fix printing of binary notations. 2021-10-22 16:33:40 +02:00
keyring.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg,sm: Simplify keyserver spec parsing. 2021-05-26 14:30:17 +02:00
keyserver.c gpg: Let --fetch-key return an exit code on failure. 2021-06-25 10:35:24 +02:00
main.h gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
mainproc.c gpg: Don't consider unknown keys as non-compliant while decrypting. 2022-09-22 10:25:36 +02:00
Makefile.am gpg: Move NETLIBS after GPG_ERROR_LIBS (another). 2022-10-18 10:24:54 +09:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Replace most of the remaining stdio calls by estream calls. 2020-10-21 21:09:38 +02:00
misc.c gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
openfile.c gpg: Partial fix for Unicode problem in output files. 2021-06-10 12:44:30 +02:00
options.h gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
packet.h gpg: Allow decryption of symencr even for non-compliant cipher. 2022-03-18 11:55:17 +01:00
parse-packet.c gpg: Minor robustness fix. 2022-05-05 14:02:02 +02:00
passphrase.c gpg: Use a more descriptive prompt for symmetric decryption. 2021-05-17 19:30:15 +02:00
photoid.c gpg: Keep temp files when opening images via xdg-open 2021-03-01 09:47:21 +01:00
photoid.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
pkclist.c gpg: Support OCB encryption. 2022-10-31 14:33:10 +01:00
pkglue.c gpg: Allow ECDH with a smartcard returning just the x-coordinate. 2021-05-04 11:51:34 +02:00
pkglue.h gpg: Allow ECDH with a smartcard returning just the x-coordinate. 2021-05-04 11:51:34 +02:00
plaintext.c w32: Support Unicode also for config files etc. 2020-11-10 12:09:11 +01:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c gpg: Allow ECDH with a smartcard returning just the x-coordinate. 2021-05-04 11:51:34 +02:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
sig-check.c gpg: New option --override-compliance-check 2021-10-13 17:34:12 +02:00
sign.c gpg: Rename a function. 2022-08-29 13:13:45 +02:00
skclist.c gpg: Allow decryption w/o public key but with correct card inserted. 2021-05-04 10:06:57 +02:00
t-keydb-get-keyblock.c gpg: Fix actual leak and possible leaks in the packet parser. 2017-03-30 16:01:52 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c gpg: Remove stale ultimately trusted keys from the trustdb. 2021-11-13 20:59:17 +01:00
tdbio.c gpg: Remove stale ultimately trusted keys from the trustdb. 2021-11-13 20:59:17 +01:00
tdbio.h gpg: Remove stale ultimately trusted keys from the trustdb. 2021-11-13 20:59:17 +01:00
test-stubs.c gpg: Allow decryption of symencr even for non-compliant cipher. 2022-03-18 11:55:17 +01:00
test.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:37:34 +01:00
textfilter.c gpg: Initialize a parameter to silence valgrind. 2020-09-04 11:24:34 +02:00
tofu.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Fix adding the list of ultimate trusted keys. 2022-01-17 13:58:58 +09:00
trustdb.c gpg: Fix adding the list of ultimate trusted keys. 2022-01-17 13:58:58 +09:00
trustdb.h gpg: Fix adding the list of ultimate trusted keys. 2022-01-17 13:58:58 +09:00
verify.c gpg: Make really sure that --verify-files always returns an error. 2020-02-10 15:33:53 +01:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00