GnuPG - The GNU Privacy Guard

	Commit message (Collapse)	Author	Age	Files	Lines
*	gpg: Support OCB encryption.	Werner Koch	2022-10-31	1	-1/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* g10/build-packet.c (do_encrypted_aead): New. (do_symkey_enc): Handle version 5. (build_packet): Support the ENCRYPTED_AEAD packet. * g10/cipher.c (MIN_PARTIAL_SIZE): Remove unused macro. (AEAD_ENC_BUFFER_SIZE): New macro. (my_iobuf_write): New. (write_header): Rename to write_cfb_header. Adjust caller. (set_ocb_nonce_and_ad): New. (write_ocb_header): New. (write_ocb_auth_tag): New. (write_ocb_final_chunk): New. (do_ocb_flush): New. (do_ocb_free): New. (cipher_filter_ocb): New. * g10/filter.h (cipher_filter_context_t): Add fields for AEAD. * g10/encrypt.c (encrypt_symmetric): For the use of a session key in OCB mode. (encrypt_seskey): Revamp to support OCB. (use_aead): New. (encrypt_simple): Support OCB. (write_symkey_enc): Ditto. (encrypt_crypt): Ditto. (encrypt_filter): Handle OCB. * g10/options.h (opt): Add field force_ocb. * g10/gpg.c (oForceOCB): New. (opts): New option "--force-ocb". (main): Set force_ocb option. * g10/gpgcompose.c (encrypt_seskey): New. * g10/keygen.c (aead_available): New global var. (keygen_set_std_prefs): Set AEAD feature by default in GNUPG mode. Add parings of aead feature flag. (keygen_get_std_prefs): Set aead flag. (add_feature_aead): New. (keygen_upd_std_prefs): Set OCB as preference if AEAD is enabled. * g10/pkclist.c (select_aead_from_pklist): New. (warn_missing_aead_from_pklist): New. (select_mdc_from_pklist): Remove this unused function. -- This extends the long available OCB and EAX decryption feature. Due to the meanwhile expired patent on OCB there is no more reason for using EAX. Thus we forcefully use OCB if the AEAD feature flag is set on a key. In GNUPG mode new keys are now created with the AEAD feature flag set. Option --rfc4880 is one way to disable this. GnuPG-bug-id: 6263
*	gpg: Support decryption of the new AEAD packet	Werner Koch	2020-04-16	1	-7/+17
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* common/openpgpdefs.h (aead_algo_t): New. (pkttype_t): Add PKT_ENCRYPTED_AEAD. * g10/decrypt-data.c (struct decode_filter_context_s): Add fields for AEAD. (aead_set_nonce_and_ad): New. (aead_checktag): New. (decrypt_data): Support AEAD. (aead_underflow): New. (aead_decode_filter): New. * g10/dek.h (DEK): Add field use_aead. Turn use_mdc, algo_info_printed, and symmetric into bit flags. * g10/mainproc.c (struct mainproc_context): Add field seen_pkt_encrypted_aead. (release_list): Clear it. (have_seen_pkt_encrypted_aead): New. (symkey_decrypt_seskey): Support AEAD. (proc_symkey_enc): Ditto. (proc_encrypted): Ditto. (proc_plaintext): Ditto. * g10/misc.c (MY_GCRY_CIPHER_MODE_EAX): New. (openpgp_aead_test_algo): New. (openpgp_aead_algo_name): New. (openpgp_aead_algo_info): New. * g10/packet.h (PKT_symkey_enc): Add field use_aead. (PKT_user_id): Add field flags.aead (PKT_public_key): Ditto. (PKT_encrypted): Add fields for AEAD. * g10/parse-packet.c (parse): Handle PKT_ENCRYPTED_AEAD. (parse_symkeyenc): Support AEAD. (parse_encrypted): Ditto. (dump_sig_subpkt): Dump AEAD preference packet. (parse_encrypted_aead): New. -- This patch allows to decrypt data encrypted using the new AEAD mechanism as specified in rfc4880bis. Although preferences are used to enable this new mode, it is useful to have at least a decryption option in case a user switches between GnuPG 2.2 and newer versions. The new AEAD mechanism is much faster than the current CFB+MDC and thus 2.2 will allow faster decryption of symmetric only decryption. This patch is based on the current master (2.3) code base and includes a few other patches. In particular commit 44be675b759d27bac310c2de8bae1b7882a26b65 (gpg: More check for symmetric key encryption.) is included. Signed-off-by: Werner Koch <[email protected]>
*	Change all http://www.gnu.org in license notices to https://	Werner Koch	2016-11-05	1	-1/+1
\| \| \| \|	--
*	gpg: Improve API documentation.	Neal H. Walfield	2016-02-14	1	-0/+6
\| \| \| \| \| \| \| \| \| \|	* g10/seskey.c (make_session_key): Improve documentation. (encode_session_key): Improve documentation. * g10/encrypt.c (encrypt_seskey): Remove gratuitous initialization. * g10/dek.h (DEK): Improve documenation. -- Signed-off-by: Neal H. Walfield <[email protected]>
*	gpg: Remove cipher.h and put algo ids into a common file.	Werner Koch	2014-01-29	1	-0/+35
	* common/openpgpdefs.h (cipher_algo_t, pubkey_algo_t, digest_algo_t) (compress_algo_t): New. * agent/gpg-agent.c: Remove ../g10/cipher.h. Add openpgpdefs.h. * g10/cipher.h (DEK): Move to ... * g10/dek.h: new file. * g10/cipher.h (is_RSA, is_ELGAMAL, is_DSA) (PUBKEY_MAX_NPKEY, PUBKEY_MAX_NSKEY, PUBKEY_MAX_NSIG, PUBKEY_MAX_NENC) (PUBKEY_USAGE_SIG, PUBKEY_USAGE_ENC, PUBKEY_USAGE_CERT) (PUBKEY_USAGE_AUTH, PUBKEY_USAGE_NONE): Move to * g10/packet.h: here. * g10/cipher.h: Remove. Remove from all files. * g10/filter.h, g10/packet.h: Include dek.h. * g10/Makefile.am (common_source): Remove cipher.h. Add dek.h. Signed-off-by: Werner Koch <[email protected]>