diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/ChangeLog | 9 | ||||
| -rw-r--r-- | g10/encr-data.c | 8 | ||||
| -rw-r--r-- | g10/mainproc.c | 6 |
3 files changed, 18 insertions, 5 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index e3ed14642..c3cf99e2c 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,12 @@ +2005-02-09 David Shaw <[email protected]> + + * encr-data.c (decrypt_data): Use it here to turn off the "quick + check" bytes for PK decryptions. This is in regards to the Mister + and Zuccherato attack on OpenPGP CFB mode. + + * mainproc.c (proc_symkey_enc): Set a flag to indicate that a + particular session key came from a passphrase and not a PK. + 2005-02-06 David Shaw <[email protected]> * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the diff --git a/g10/encr-data.c b/g10/encr-data.c index e05994535..f9fabc8f0 100644 --- a/g10/encr-data.c +++ b/g10/encr-data.c @@ -1,5 +1,5 @@ /* encr-data.c - process an encrypted data packet - * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -125,10 +125,12 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek ) cipher_sync( dfx.cipher_hd ); p = temp; /* log_hexdump( "prefix", temp, nprefix+2 ); */ - if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) { + if(dek->symmetric + && (p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1]) ) + { rc = G10ERR_BAD_KEY; goto leave; - } + } if( dfx.mdc_hash ) md_write( dfx.mdc_hash, temp, nprefix+2 ); diff --git a/g10/mainproc.c b/g10/mainproc.c index 8db7e45be..83bb5d811 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -1,6 +1,6 @@ /* mainproc.c - handle packets - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, - * 2004 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, + * 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -330,6 +330,8 @@ proc_symkey_enc( CTX c, PACKET *pkt ) if(c->dek) { + c->dek->symmetric=1; + /* FIXME: This doesn't work perfectly if a symmetric key comes before a public key in the message - if the user doesn't know the passphrase, then there is |