diff options
Diffstat (limited to 'g10/encr-data.c')
| -rw-r--r-- | g10/encr-data.c | 269 |
1 files changed, 0 insertions, 269 deletions
diff --git a/g10/encr-data.c b/g10/encr-data.c deleted file mode 100644 index 074408404..000000000 --- a/g10/encr-data.c +++ /dev/null @@ -1,269 +0,0 @@ -/* encr-data.c - process an encrypted data packet - * Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#include <config.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <assert.h> - -#include "gpg.h" -#include "util.h" -#include "memory.h" -#include "packet.h" -#include "mpi.h" -#include "cipher.h" -#include "options.h" -#include "i18n.h" - - -static int mdc_decode_filter( void *opaque, int control, iobuf_t a, - byte *buf, size_t *ret_len); -static int decode_filter( void *opaque, int control, iobuf_t a, - byte *buf, size_t *ret_len); - -typedef struct { - CIPHER_HANDLE cipher_hd; - MD_HANDLE mdc_hash; - char defer[20]; - int defer_filled; - int eof_seen; -} decode_filter_ctx_t; - - -/**************** - * Decrypt the data, specified by ED with the key DEK. - */ -int -decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek ) -{ - decode_filter_ctx_t dfx; - byte *p; - int rc=0, c, i; - byte temp[32]; - unsigned blocksize; - unsigned nprefix; - - memset( &dfx, 0, sizeof dfx ); - if( opt.verbose && !dek->algo_info_printed ) { - const char *s = gcry_cipher_algo_name (dek->algo); - if (s && *s) - log_info(_("%s encrypted data\n"), s ); - else - log_info(_("encrypted with unknown algorithm %d\n"), dek->algo ); - dek->algo_info_printed = 1; - } - if( (rc=openpgp_cipher_test_algo(dek->algo)) ) - goto leave; - blocksize = gcry_cipher_get_algo_blklen (dek->algo); - if( !blocksize || blocksize > 16 ) - log_fatal("unsupported blocksize %u\n", blocksize ); - nprefix = blocksize; - if( ed->len && ed->len < (nprefix+2) ) - BUG(); - - if( ed->mdc_method ) { - gcry_md_open (&dfx.mdc_hash, ed->mdc_method, 0 ); - if ( DBG_HASHING ) - gcry_md_start_debug (dfx.mdc_hash, "checkmdc"); - } - rc = gcry_cipher_open (&dfx.cipher_hd, dek->algo, - GCRY_CIPHER_MODE_CFB, - GCRY_CIPHER_SECURE - | ((ed->mdc_method || dek->algo >= 100)? - 0 : GCRY_CIPHER_ENABLE_SYNC) ); - if (rc) - { - /* we should never get an error here cause we already - * checked, that the algorithm is available. What about a - * flag to let the function die in this case? */ - BUG(); - } - /* log_hexdump( "thekey", dek->key, dek->keylen );*/ - rc = gcry_cipher_setkey (dfx.cipher_hd, dek->key, dek->keylen); - if( gpg_err_code (rc) == GPG_ERR_WEAK_KEY ) - log_info(_("WARNING: message was encrypted with " - "a weak key in the symmetric cipher.\n")); - else if( rc ) { - log_error("key setup failed: %s\n", gpg_strerror (rc) ); - goto leave; - } - if (!ed->buf) { - log_error(_("problem handling encrypted packet\n")); - goto leave; - } - - gcry_cipher_setiv (dfx.cipher_hd, NULL, 0); - - if (ed->len) { - for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) { - if( (c=iobuf_get(ed->buf)) == -1 ) - break; - else - temp[i] = c; - } - } - else { - for(i=0; i < (nprefix+2); i++ ) - if( (c=iobuf_get(ed->buf)) == -1 ) - break; - else - temp[i] = c; - } - gcry_cipher_decrypt( dfx.cipher_hd, temp, nprefix+2, NULL, 0); - gcry_cipher_sync( dfx.cipher_hd ); - p = temp; -/* log_hexdump( "prefix", temp, nprefix+2 ); */ - if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) { - rc = GPG_ERR_BAD_KEY; - goto leave; - } - - if( dfx.mdc_hash ) - gcry_md_write( dfx.mdc_hash, temp, nprefix+2 ); - - if( ed->mdc_method ) - iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx ); - else - iobuf_push_filter( ed->buf, decode_filter, &dfx ); - - proc_packets( procctx, ed->buf ); - ed->buf = NULL; - if( ed->mdc_method && dfx.eof_seen == 2 ) - rc = gpg_error (GPG_ERR_INV_PACKET); - else if( ed->mdc_method ) { /* check the mdc */ - int datalen = gcry_md_get_algo_dlen (ed->mdc_method); - - gcry_cipher_decrypt (dfx.cipher_hd, dfx.defer, 20, NULL, 0); - gcry_md_final ( dfx.mdc_hash ); - if( datalen != 20 - || memcmp(gcry_md_read ( dfx.mdc_hash, 0 ), dfx.defer, datalen) ) - rc = gpg_error (GPG_ERR_BAD_SIGNATURE); - /*log_hexdump("MDC calculated:", gcry_md_read ( dfx.mdc_hash, 0), datalen);*/ - /*log_hexdump("MDC message :", dfx.defer, 20);*/ - } - - - leave: - gcry_cipher_close(dfx.cipher_hd); - gcry_md_close ( dfx.mdc_hash ); - return rc; -} - - - -/* I think we should merge this with cipher_filter */ -static int -mdc_decode_filter( void *opaque, int control, iobuf_t a, - byte *buf, size_t *ret_len) -{ - decode_filter_ctx_t *dfx = opaque; - size_t n, size = *ret_len; - int rc = 0; - int c; - - if( control == IOBUFCTRL_UNDERFLOW && dfx->eof_seen ) { - *ret_len = 0; - rc = -1; - } - else if( control == IOBUFCTRL_UNDERFLOW ) { - assert(a); - assert( size > 40 ); - - /* get at least 20 bytes and put it somewhere ahead in the buffer */ - for(n=20; n < 40 ; n++ ) { - if( (c = iobuf_get(a)) == -1 ) - break; - buf[n] = c; - } - if( n == 40 ) { - /* we have enough stuff - flush the deferred stuff */ - /* (we have asserted that the buffer is large enough) */ - if( !dfx->defer_filled ) { /* the first time */ - memcpy(buf, buf+20, 20 ); - n = 20; - } - else { - memcpy(buf, dfx->defer, 20 ); - } - /* now fill up */ - for(; n < size; n++ ) { - if( (c = iobuf_get(a)) == -1 ) - break; - buf[n] = c; - } - /* move the last 20 bytes back to the defer buffer */ - /* (okay, we are wasting 20 bytes of supplied buffer) */ - n -= 20; - memcpy( dfx->defer, buf+n, 20 ); - dfx->defer_filled = 1; - } - else if( !dfx->defer_filled ) { /* eof seen buf empty defer */ - /* this is bad because there is an incomplete hash */ - n -= 20; - memcpy(buf, buf+20, n ); - dfx->eof_seen = 2; /* eof with incomplete hash */ - } - else { /* eof seen */ - memcpy(buf, dfx->defer, 20 ); - n -= 20; - memcpy( dfx->defer, buf+n, 20 ); - dfx->eof_seen = 1; /* normal eof */ - } - - if( n ) { - gcry_cipher_decrypt( dfx->cipher_hd, buf, n, NULL, 0); - gcry_md_write( dfx->mdc_hash, buf, n ); - } - else { - assert( dfx->eof_seen ); - rc = -1; /* eof */ - } - *ret_len = n; - } - else if( control == IOBUFCTRL_DESC ) { - *(char**)buf = "mdc_decode_filter"; - } - return rc; -} - -static int -decode_filter( void *opaque, int control, iobuf_t a, byte *buf, size_t *ret_len) -{ - decode_filter_ctx_t *fc = opaque; - size_t n, size = *ret_len; - int rc = 0; - - if( control == IOBUFCTRL_UNDERFLOW ) { - assert(a); - n = iobuf_read( a, buf, size ); - if( n == -1 ) n = 0; - if( n ) - gcry_cipher_decrypt( fc->cipher_hd, buf, n, NULL, 0); - else - rc = -1; /* eof */ - *ret_len = n; - } - else if( control == IOBUFCTRL_DESC ) { - *(char**)buf = "decode_filter"; - } - return rc; -} - |