diff options
| author | Timo Schulz <[email protected]> | 2002-06-05 13:48:41 +0000 |
|---|---|---|
| committer | Timo Schulz <[email protected]> | 2002-06-05 13:48:41 +0000 |
| commit | fa73dd20525374538fa1e923e7fbc5642afbe137 (patch) | |
| tree | 42bc78afc7b7180e62656a38fe58442b68b48700 | |
| parent | 2002-06-05 Timo Schulz <[email protected]> (diff) | |
| download | gnupg-fa73dd20525374538fa1e923e7fbc5642afbe137.tar.gz gnupg-fa73dd20525374538fa1e923e7fbc5642afbe137.zip | |
2002-06-05 Timo Schulz <[email protected]>
* encode.c (encode_simple): Ignore the new mode for RFC1991.
* mainproc.c (symkey_sesskey_decrypt): Better check for weird
keysizes.
| -rw-r--r-- | g10/ChangeLog | 6 | ||||
| -rw-r--r-- | g10/encode.c | 6 | ||||
| -rw-r--r-- | g10/mainproc.c | 2 |
3 files changed, 13 insertions, 1 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index cedaa9f94..0837050be 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,11 @@ 2002-06-05 Timo Schulz <[email protected]> + * encode.c (encode_simple): Ignore the new mode for RFC1991. + * mainproc.c (symkey_decrypt_sesskey): Better check for weird + keysizes. + +2002-06-05 Timo Schulz <[email protected]> + * encode.c (encode_sesskey): New. (encode_simple): Use it here. But by default we use the compat mode which supress to generate encrypted session keys. diff --git a/g10/encode.c b/g10/encode.c index a9c016f31..ffb67de32 100644 --- a/g10/encode.c +++ b/g10/encode.c @@ -135,6 +135,12 @@ encode_simple( const char *filename, int mode, int compat ) if( opt.textmode ) iobuf_push_filter( inp, text_filter, &tfx ); + /* Due the the fact that we use don't use an IV to encrypt the + session key we can't use the new mode with RFC1991 because + it has no S2K salt. RFC1991 always uses simple S2K. */ + if ( opt.rfc1991 && !compat ) + compat = 1; + cfx.dek = NULL; if( mode ) { s2k = m_alloc_clear( sizeof *s2k ); diff --git a/g10/mainproc.c b/g10/mainproc.c index c79e4b6b1..40ea26ffb 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -242,7 +242,7 @@ symkey_decrypt_sesskey( DEK *dek, byte *sesskey, size_t slen ) { CIPHER_HANDLE hd; - if ( slen > 33 ) { + if ( slen < 17 || slen > 33 ) { log_error( "weird size for an encrypted session key (%d)\n", slen ); return; } |