1 files changed, 47 insertions, 36 deletions

diff --git a/g10/encr-data.c b/g10/encr-data.c
index c8a8c85db..074408404 100644
--- a/g10/encr-data.c
+++ b/g10/encr-data.c
@@ -1,5 +1,5 @@
 /* encr-data.c -  process an encrypted data packet
- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -23,6 +23,8 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
+
+#include "gpg.h"
 #include "util.h"
 #include "memory.h"
 #include "packet.h"
@@ -32,9 +34,9 @@
 #include "i18n.h"
 
 
-static int mdc_decode_filter( void *opaque, int control, IOBUF a,
+static int mdc_decode_filter( void *opaque, int control, iobuf_t a,
 					      byte *buf, size_t *ret_len);
-static int decode_filter( void *opaque, int control, IOBUF a,
+static int decode_filter( void *opaque, int control, iobuf_t a,
 					byte *buf, size_t *ret_len);
 
 typedef struct {
@@ -61,16 +63,16 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
 
     memset( &dfx, 0, sizeof dfx );
     if( opt.verbose && !dek->algo_info_printed ) {
-	const char *s = cipher_algo_to_string( dek->algo );
-	if( s )
+	const char *s = gcry_cipher_algo_name (dek->algo);
+	if (s && *s)
 	    log_info(_("%s encrypted data\n"), s );
 	else
 	    log_info(_("encrypted with unknown algorithm %d\n"), dek->algo );
         dek->algo_info_printed = 1;
     }
-    if( (rc=check_cipher_algo(dek->algo)) )
+    if( (rc=openpgp_cipher_test_algo(dek->algo)) )
 	goto leave;
-    blocksize = cipher_get_blocksize(dek->algo);
+    blocksize = gcry_cipher_get_algo_blklen (dek->algo);
     if( !blocksize || blocksize > 16 )
 	log_fatal("unsupported blocksize %u\n", blocksize );
     nprefix = blocksize;
@@ -78,20 +80,29 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
 	BUG();
 
     if( ed->mdc_method ) {
-	dfx.mdc_hash = md_open( ed->mdc_method, 0 );
+	gcry_md_open (&dfx.mdc_hash, ed->mdc_method, 0 );
 	if ( DBG_HASHING )
-	    md_start_debug(dfx.mdc_hash, "checkmdc");
+	    gcry_md_start_debug (dfx.mdc_hash, "checkmdc");
     }
-    dfx.cipher_hd = cipher_open( dek->algo,
-				 ed->mdc_method? CIPHER_MODE_CFB
-					       : CIPHER_MODE_AUTO_CFB, 1 );
-/* log_hexdump( "thekey", dek->key, dek->keylen );*/
-    rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
-    if( rc == G10ERR_WEAK_KEY )
+    rc = gcry_cipher_open (&dfx.cipher_hd, dek->algo,
+                           GCRY_CIPHER_MODE_CFB,
+                           GCRY_CIPHER_SECURE
+                           | ((ed->mdc_method || dek->algo >= 100)?
+                              0 : GCRY_CIPHER_ENABLE_SYNC) );
+     if (rc)
+       {
+         /* we should never get an error here cause we already
+          * checked, that the algorithm is available. What about a
+          * flag to let the function die in this case? */
+	BUG();
+       }
+    /* log_hexdump( "thekey", dek->key, dek->keylen );*/
+    rc = gcry_cipher_setkey (dfx.cipher_hd, dek->key, dek->keylen);
+    if( gpg_err_code (rc) == GPG_ERR_WEAK_KEY )
 	log_info(_("WARNING: message was encrypted with "
 		    "a weak key in the symmetric cipher.\n"));
     else if( rc ) {
-	log_error("key setup failed: %s\n", g10_errstr(rc) );
+	log_error("key setup failed: %s\n", gpg_strerror (rc) );
 	goto leave;
     }
     if (!ed->buf) {
@@ -99,9 +110,9 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
         goto leave;
     }
 
-    cipher_setiv( dfx.cipher_hd, NULL, 0 );
+    gcry_cipher_setiv (dfx.cipher_hd, NULL, 0);
 
-    if( ed->len ) {
+    if (ed->len) {
 	for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) {
 	    if( (c=iobuf_get(ed->buf)) == -1 )
 		break;
@@ -116,17 +127,17 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
 	    else
 		temp[i] = c;
     }
-    cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2);
-    cipher_sync( dfx.cipher_hd );
+    gcry_cipher_decrypt( dfx.cipher_hd, temp, nprefix+2, NULL, 0);
+    gcry_cipher_sync( dfx.cipher_hd );
     p = temp;
 /* log_hexdump( "prefix", temp, nprefix+2 ); */
     if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
-	rc = G10ERR_BAD_KEY;
+	rc = GPG_ERR_BAD_KEY;
 	goto leave;
     }
 
     if( dfx.mdc_hash )
-	md_write( dfx.mdc_hash, temp, nprefix+2 );
+	gcry_md_write( dfx.mdc_hash, temp, nprefix+2 );
 
     if( ed->mdc_method )
 	iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx );
@@ -136,23 +147,23 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
     proc_packets( procctx, ed->buf );
     ed->buf = NULL;
     if( ed->mdc_method && dfx.eof_seen == 2 )
-	rc = G10ERR_INVALID_PACKET;
+	rc = gpg_error (GPG_ERR_INV_PACKET);
     else if( ed->mdc_method ) { /* check the mdc */
-	int datalen = md_digest_length( ed->mdc_method );
+	int datalen = gcry_md_get_algo_dlen (ed->mdc_method);
 
-	cipher_decrypt( dfx.cipher_hd, dfx.defer, dfx.defer, 20);
-	md_final( dfx.mdc_hash );
+	gcry_cipher_decrypt (dfx.cipher_hd, dfx.defer, 20, NULL, 0);
+	gcry_md_final ( dfx.mdc_hash );
 	if( datalen != 20
-	    || memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
-	    rc = G10ERR_BAD_SIGN;
-	/*log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);*/
+	    || memcmp(gcry_md_read ( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
+	    rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
+	/*log_hexdump("MDC calculated:", gcry_md_read ( dfx.mdc_hash, 0), datalen);*/
 	/*log_hexdump("MDC message   :", dfx.defer, 20);*/
     }
     
 
   leave:
-    cipher_close(dfx.cipher_hd);
-    md_close( dfx.mdc_hash );
+    gcry_cipher_close(dfx.cipher_hd);
+    gcry_md_close ( dfx.mdc_hash );
     return rc;
 }
 
@@ -160,7 +171,7 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
 
 /* I think we should merge this with cipher_filter */
 static int
-mdc_decode_filter( void *opaque, int control, IOBUF a,
+mdc_decode_filter( void *opaque, int control, iobuf_t a,
 					      byte *buf, size_t *ret_len)
 {
     decode_filter_ctx_t *dfx = opaque;
@@ -218,8 +229,8 @@ mdc_decode_filter( void *opaque, int control, IOBUF a,
 	}
 
 	if( n ) {
-	    cipher_decrypt( dfx->cipher_hd, buf, buf, n);
-	    md_write( dfx->mdc_hash, buf, n );
+	    gcry_cipher_decrypt( dfx->cipher_hd, buf, n, NULL, 0);
+	    gcry_md_write( dfx->mdc_hash, buf, n );
 	}
 	else {
 	    assert( dfx->eof_seen );
@@ -234,7 +245,7 @@ mdc_decode_filter( void *opaque, int control, IOBUF a,
 }
 
 static int
-decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len)
+decode_filter( void *opaque, int control, iobuf_t a, byte *buf, size_t *ret_len)
 {
     decode_filter_ctx_t *fc = opaque;
     size_t n, size = *ret_len;
@@ -245,7 +256,7 @@ decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len)
 	n = iobuf_read( a, buf, size );
 	if( n == -1 ) n = 0;
 	if( n )
-	    cipher_decrypt( fc->cipher_hd, buf, buf, n);
+	    gcry_cipher_decrypt( fc->cipher_hd, buf, n, NULL, 0);
 	else
 	    rc = -1; /* eof */
 	*ret_len = n;