| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/call-agent.h (struct key_attr): New.
* g10/keygen.c (ask_curve): Return const char *. No allocation.
(quick_generate_keypair): Follow the change.
(generate_keypair, generate_subkeypair): Likewise.
(parse_algo_usage_expire): Return const char *.
--
This change is intended for using ask_curve from card-util.c.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| | |
* g10/tdbio.c (get_trusthashrec): Create hashtable on error.
GnuPG-bug-id: 3839
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* g10/tdbio.c (get_trusthashrec): Add arg CTRL.
(tdbio_search_trust_byfpr): Ditto.
(tdbio_search_trust_bypk): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/tdbio.c (tdbio_read_record): Return GPG_ERR_EOF.
(tdbio_new_recnum): Never return on error.
(lookup_hashtable): Print a more descriptive error in case of !TABLE.
--
Also: tdbio_new_recnum had a bug in that it returned an error code and
not a record number in the error case. The function is expected to
always return a valid new record number.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/tdbio.c (is_locked): Turn into a counter.
(take_write_lock, release_write_lock): Implement recursive locks.
--
On trustdb creation we have this call sequence:
init_trustdb -> takes lock
tdbio_set_dbname
create_version_record
tdbio_write_record
put_record_into_cache -> takes lock
put_record_into_cache -> releases lock
init_trustdb -> releases lock
The second take lock does noting but the first release lock has
already released the lock and the second release lock is a thus a NOP.
This is likely the cause for the corrupted trustdb as reported in
GnuPG-bug-id: 3839
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* g10/tdbio.c (in_transaction): Comment this var.
(put_record_into_cache): Comment the transaction code.
(tdbio_sync): Ditto
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/gpg.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* g10/options.h (struct opt): Add field request_origin.
* g10/call-agent.c (start_agent): Send option to the agent.
* sm/gpgsm.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* sm/gpgsm.h (struct opt): Add field request_origin.
* sm/call-agent.c (start_agent): Send option to the agent.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| | |
* g10/keyedit.c (change_passphrase): Take care of --dry-run.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/call-agent.c (learn_status_cb): Parse the capability for KDF.
* g10/card-util.c (gen_kdf_data, kdf_setup): New.
(card_edit): New admin command cmdKDFSETUP to call kdf_setup.
* scd/app-openpgp.c (do_getattr): Emit KDF capability.
--
GnuPG-bug-id: 3823
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/parse-packet.c (enum_sig_subpkt): Check buflen before reading
the type octet. Print diagnostic.
--
If the final subpacket has only a length header evaluating to zero and
missing the type octet, a read could happen right behind the buffer.
Valgrind detected this. Fix is obvious. Note that the further
parsing of the subpacket is still okay because it always checks the
length. Note further that --list-packets uses a different code path
and already reported an error.
Reported-by: Philippe Antoine
He provided a test file copied below. Running "gpg -v --verify" on it
triggered the bug.
-----BEGIN PGP ARMORED FILE-----
Comment: Use "gpg --dearmor" for unpacking
kA0DAAoBov87N383R0QBrQJhYgZsb2wucHlaqTVWYnl0ZXMgPSBbMHg1LCAweDY0
LCAweDRjLCAweGM0LCAweDMsIDB4MCwgMHg0LCAweDAsIDB4YWMsIDB4YSwgMHhj
MSwgMHhjMSwgMHgyLCAweDEsIDB4MiwgMHg3LCAweDQwLCAweDIsIDB4MiwgMHgy
LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDJkLCAweGRkLCAweDIs
IDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4
MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4NzcsIDB4ODcsIDB4MiwgMHgy
LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAw
eDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHg3NywgMHg4NywgMHgyLCAweDIsIDB4
MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4Miwg
MHgyLCAweDIsIDB4MiwgMHgyLCAweDc3LCAweDg3LCAweDIsIDB4MiwgMHgyLCAw
eDIsIDB4MiwgMHgyLCAweDIsIDB4MCwgMHhhZF0KCmZvciBpIGluIHJhbmdlKGxl
bihieXRlcykpOgogICAgaWYgaSUxNiA9PSAwOgogICAgICAgIHByaW50CiAgICAg
ICAgcHJpbnQgIiUwNngiICUgaSwKICAgIHByaW50ICIlMDJ4ICIgJSBieXRlc1tp
XSwKiQJNBAABCgAeFiEEU+Y3aLjDLA3x+9Epov87N383R0QFAlqpNVYAAAoJEKL/
Ozd/N0dElccP/jBAcFHyeMl7kop71Q7/5NPu3DNULmdUzOZPle8PVjNURT4PSELF
qpJ8bd9PAsO4ZkUGwssY4Kfb1iG5cR/a8ADknNd0Cj9/QA2KMVNmgYtReuttAjvn
hQRm2VY0tvDCVAPI/z8OnV/NpOcbk8kSwE+shLsP7EwqL5MJNMXKqzm1uRxGNYxr
8TNuECo3DO64O2NZLkMDXqq6lg+lSxvDtXKxzKXgVC+GMtOE56lDwxWLqr39f9Ae
Pn0q2fVBKhJfpUODeEbYSYUp2hhmMUIJL/ths9MvyRZ9Z/bHCseFPT58Pgx6g+MP
q+iHnVZEIVb38XG+rTYW9hvctkRZP/azhpa7eO8JAZuFNeBGr4IGapwzFPvQSF4B
wBXBu0+PPrV9VJVe98P4nw2xcuJmkn6mgZhRVYSqDIhY64bSTgQxb/pdtGwrTjtL
WoUKVI+joLRPnDmwexH9+QJCB+uA6RsN/LqsQfDseyr40Z6dHJRqWGgP3ll6iZgw
WF768uiIDJD8d4fegVnkpcH98Hm0I/dKsMR1MGV/sBxYC8mAOcOWwSPNGDqPlwwR
eWPdr1O6CoYEWwiZMicSe0b5TsjB5nkAWMy7c9RyhtMJzCQ/hFpycpj0A0Zs+OGa
eJQMZZV0s8AQZ04JzoX0zRpe0RcTyJn3Tr6QGbVi9tr+QdKHFuDMUqoX
=qYZP
-----END PGP ARMORED FILE-----
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/card-util.c (factory_reset): Dummy PIN size is now 32-byte.
Connect the card again at the last step.
--
Before the change, a user has to quit the session to continue. Now,
it is possible to type RET in the session and see if it's really done.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
--
WIN32_LEAN_AND_MEAN is required to avoid definitions of grp1, grp2,
and grp3 in dlgs.h, which is included by windows.h.
Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
--
Sorry, I accidentally pushed the last commit without having amended it
with this fix.
Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/call-agent.h (agent_card_info_s): Add fields grp1, grp2 and
grp3.
* g10/call-agent.c (unhexify_fpr): Allow for space as delimiter.
(learn_status_cb): Parse KEYPARIINFO int the grpX fields.
* g10/card-util.c (print_keygrip): New.
(current_card_status): Print "grp:" records or with --with-keygrip a
human readable keygrip.
--
Suggested-by: Peter Lebbing <[email protected]>
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/cipher-aead.c (write_header): Do not call set_nonce_and_ad.
(write_final_chunk): Do not increase chunkindex.
(do_flush): Call set_nonce_and_ad immediately before the first
encryption of a chunk. Bump up the chunkindex after writing the tag.
(do_free): Do not insert a zero length last chunk.
* g10/decrypt-data.c (aead_underflow): Fix the corresponding bug.
--
This fixes a bug in writing a zero length last chunk right before the
final chunk (which has by design a zero length). We also need to
adjust the decryption part because that assumed this zero length last
chunk.
Note that we use the term "last chunk" for the chunk which directly
precedes the "final chunk" which ends the entire encryption.
GnuPG-bug-id: 3774
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/cipher-aead.c (set_nonce, set_additional_data): Merge into ...
(set_nonce_and_ad): new function.
(write_auth_tag): Print error message here.
(do_flush): Rename var newchunk to finalize.
--
There is no need to have separate functions here. We should also
print a error message for writing the final tag.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/decrypt-data.c (aead_set_nonce, aead_set_ad): Merge into ...
(aead_set_nonce_and_ad): new single function. Change callers.
(decrypt_data): Do not set the nonce and ad here.
(aead_underflow): Get rid of the LAST_CHUNK_DONE hack.
--
The main change here is that we now re-init the context only right
before we decrypt and not after a checktag.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/decrypt-data.c (aead_underflow): Factor reading and checking
code code out to ...
(fill_buffer, aead_checktag): new functions.
--
Here is a simple test script to check against a set of encrypted files
with naming convention like "symenc-aead-eax-c6-56.asc"
# ------------------------ >8 ------------------------
set -e
GPG=../g10/gpg
for file in "$@"; do
echo "${file##*/}" | ( IFS=- read dummy1 dummy2 mode cbyte len rest
len="${len%.*}"
cbyte="${cbyte#c}"
[ "$dummy1" != "symenc" -o "$dummy2" != "aead" ] && continue
echo "checking mode=$mode chunkbyte=$cbyte length=$len"
if ! $GPG --no-options --rfc4880bis --batch --passphrase "abc" \
-d < $file >tmp.plain 2>/dev/null; then
echo "Decryption failed for $file" >&2
exit 2
fi
plainlen=$(wc -c <tmp.plain)
if [ $plainlen -ne $len ]; then
echo "Plaintext length mismatch for $file (want=$len have=$plainlen)" >&2
exit 2
fi
)
done
echo "all files are okay" >&2
# ------------------------ 8< ------------------------
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* g10/cipher.c: Rename to ...
* g10/cipher-cfb.c: this.
--
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/cipher-aead.c (write_final_chunk): Do not bump up the chunk
index if the previous chunk was empty.
* g10/decrypt-data.c (aead_underflow): Likewise. Also handle a other
corner cases. Add more debug output.
--
GnuPG-bug-id: 3774
This fixes the reported case when the encrypted data is a multiple of
the chunk size. Then the chunk index for the final chunk was wrongly
incremented by 2. The actual fix makes use of the fact that the
current dfx->CHUNKLEN is 0 in this case. There is also some other
reorganizing to help with debugging. The thing seems to work now but
the code is not very clean - should be reworked. Creating test files
can be done with this script:
--8<---------------cut here---------------start------------->8---
csize=6
for len in 0 55 56 57; do
awk </dev/null -v i=$len 'BEGIN{while(i){i--;printf"~"}}' \
| gpg --no-options -v --rfc4880bis --batch --passphrase "abc" \
--s2k-count 1025 --s2k-digest-algo sha256 -z0 \
--force-aead --aead-algo eax --cipher aes -a \
--chunk-size $csize -c >symenc-aead-eax-c$csize-$len.asc
done
--8<---------------cut here---------------end--------------->8---
A LEN of 56 triggered the bug which can be seen by looking at the
"authdata:" line in the --debug=crypt,filter output.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* g10/mainproc.c (symkey_decrypt_seskey): Check for a valid algo.
--
GnuPG-bug-id: 3795
Signed-off-by: Werner Koch <[email protected]>
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/keydb.c (parse_keyblock_image): Use log_info instead of
log_error for skipped packets.
* g10/keyring.c (keyring_get_keyblock): Ditto.
--
log_info should be sufficient and makes this more robust. Some
tools (e.g. Enigmail) are too picky on return codes from gpg.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/getkey.c (finish_lookup): Add WANT_SECRET argument to confirm
by agent_probe_secret_key.
(get_pubkey_fromfile, lookup): Supply WANT_SECRET argument.
--
GnuPG-bug-id: 1967
Signed-off-by: NIIBE Yutaka <[email protected]>
(cherry picked from commit 0a76611294998ae34b9d9ebde484ef8ad3a9a3a6)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/keyedit.c (keyedit_menu): Fix messages.
--
GnuPG-bug-id: 3787
Fixes-commit: a74aeb5dae1f673fcd98b39a6a0496f3c622709a
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| | |
--
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/parse-packet.c (parse_symkeyenc): Move error printing to the
end. Add additional check to cope for the 0je extra bytes needed for
AEAD.
--
Fixes-commit: 9aab9167bca38323973e853845ca95ae8e9b6871
GnuPG-bug-id: 3780
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| | |
* g10/openfile.c (open_outfile): Rename inp_fd to out_fd.
Signed-off-by: Werner Koch <[email protected]>
|
| |\|
| |
| |
| | |
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/keygen.c (parse_key_parameter_part): Add arg clear_cert.
(parse_key_parameter_string): Add arg suggested_use and implement
fallback. Change callers to pass 0 for new arg.
(parse_algo_usage_expire): Pass the parsed USAGESTR to
parse_key_parameter_string so that it can use it in case a subkey is
to be created.
--
The problem here was that future-default gives the primary and subkey
algorithm. However, when using future-default for adding a key, the
second part was always used which is for encryption. If the caller
now wanted to create a signing subkey using the future-default
parameters this did not worked.
gpg --batch --passphrase "" --quick-add-key FPR future-default encr
aready worked as did
gpg --batch --passphrase "" --quick-add-key FPR ed25519 sign
but
gpg --batch --passphrase "" --quick-add-key FPR future-default sign
does only work with this fix.
GnuPG-bug-id: 3747
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/mainproc.c (proc_pubkey_enc): Use dedicated error code for
list-only and put the key into PKENC_LIST.
(print_pkenc_list): Take care of the new error code.
--
If the secret keys exist in --list-only mode it was not printed in
--list-only mode.
GnuPG-bug-id: 3718
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/keygen.c (parse_key_parameter_string): Allow "futuredefault" and
use case-insensitive matching
(quick_generate_keypair): Ditto.
(parse_algo_usage_expire): Ditto.
--
The man page is sometimes rendered in a way that the hyphen may be
not be considered as part of the string. And while at it we also
allow case-insensitivity.
GnuPG-bug-id: 3655
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/keygen.c (gen_ecc): Map curve names.
--
See
https://lists.gnupg.org/pipermail/gnupg-users/2017-December/059619.html
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/gpg.c (opts): Add new option.
(opt_set_iobuf_size): New var.
(set_debug): Set the option.
* tests/openpgp/armor.scm: Use this option to revert the buffer size
to the one which used to exhibit the tested bugs.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/cipher-aead.c (do_flush): Init ERR. Fix remaining chunklen
computation.
(do_free): Add dummy encryption. Close the cipher handle.
* g10/decrypt-data.c (aead_underflow): Rewrite.
--
Until we have integrated test into the test suite extensive tests can
also be done with a script like this:
--8<---------------cut here---------------start------------->8---
#!/bin/sh
set -e
GPG="../g10/gpg --rfc4880bis --pinentry-mode=loopback"
GPG="$GPG --passphrase abc --batch"
MKTDATA="$HOME/b/gnupg-2.0/tools/mk-tdata"
for chunksize in 6 7 12 13 14 30; do
for count in $(seq 1 200) $(seq 8100 8200) \
$(seq 16350 16400) $(seq 20000 20100); do
if [ ! -f "testfile-$count" ]; then
$MKTDATA $count >"testfile-$count"
fi
echo "testing chunk size 2^$chunksize with $count bytes"
$GPG --force-aead --aead-algo ocb --s2k-mode 0 --cipher AES -v -z 0 \
-c --chunk-size $chunksize \
<"testfile-$count" >"testfile-$count.gpg" 2>/dev/null
$GPG -vd <"testfile-$count.gpg" >"testfile-$count.out" 2>/dev/null
if ! cmp "testfile-$count" "testfile-$count.out"; then
echo "FAILED comparing count $count" >&2
exit 1
fi
done
done
echo All good
--8<---------------cut here---------------end--------------->8---
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* g10/decrypt-data.c (decode_filter_context_s): Rename field 'defer'
to 'holdback' and replace 'defer_filled' flag into 'holdbacklen'.
Change all users.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/gpg.c (opts): New option --chunk-size.
(oChunkSize): New const.
(build_list_aead_test_algo, build_list_aead_algo_name): New.
(my_strusage): List AEAD algos.
(main): Implement --chunk-size..
* g10/options.h (struct opt): Add field 'chunk_size'.
(DBG_IPC): Remove duplicated macro.
* g10/main.h (DEFAULT_AEAD_ALGO): Depend on Libgcrypt version.
* g10/misc.c (openpgp_aead_test_algo): Ditto.
* g10/cipher-aead.c: Silence if not in debug mode.
* g10/decrypt-data.c: Ditto.
--
And that new option immediatley revealed bugs in our chunking code :-(.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/getkey.c (fixup_uidnode): Copy the AEAD prefs.
--
With this patch AEAD preferences are now properly created and
displayed.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* g10/mainproc.c (proc_symkey_enc): Clear the symmetric key cache on
error.
(proc_encrypted): Need to take are of the checksum error.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/packet.h (PKT_symkey_enc): Add field aead_algo.
* g10/build-packet.c (do_symkey_enc): Support version 5 packets.
* g10/parse-packet.c (parse_symkeyenc): Ditto.
* g10/encrypt.c (encrypt_symmetric): Force using a random session
key in AEAD mode.
(encrypt_seskey): Add and support arg aead_algo.
(write_symkey_enc): Ditto.
(encrypt_simple): Adjust accordingly.
(encrypt_filter): Ditto.
* g10/gpgcompose.c (sk_esk): For now call encrypt_seskey without AEAD
support.
* g10/mainproc.c (symkey_decrypt_seskey): Support AEAD. Nver call BUG
but return an error.
(proc_symkey_enc): Call symkey_decrypt_seskey in a bug compatible way.
* g10/import.c (check_prefs): Check AEAD preferences.
* g10/keyedit.c (show_prefs): Print AEAD preferences.
--
For easier debugging this patch also changes some diagnostics to also
print the encryption mode with the cipher algorithm.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/pkclist.c (select_aead_from_pklist): Return the AEAD_algo.
* g10/encrypt.c (use_aead): Return the AEAD algo.
(encrypt_simple): Adjust for this change.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.
* g10/misc.c (MY_GCRY_CIPHER_MODE_EAX): New.
(openpgp_aead_algo_info): New.
* g10/cipher-aead.c (MY_GCRY_CIPHER_MODE_EAX): Remove.
(write_header): Use new fucntion.
* g10/decrypt-data.c (MY_GCRY_CIPHER_MODE_EAX): Remove.
(decrypt_data): Use new function. Also allow for chunkbytes other
than 10.
--
Note that other chunk bytes than 10 and in particular 0 (64 byte
chunks) have not yet been tested.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/encrypt.c (encrypt_seskey): Allocate the buffer for the
encrypted key and returns that buffer and its length.
(encrypt_simple): Adjust for above change.
(write_symkey_enc): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/cipher-aead.c (MY_GCRY_CIPHER_MODE_EAX): New.
(write_header): Use it.
* g10/decrypt-data.c (MY_GCRY_CIPHER_MODE_EAX): New.
(decrypt_data): Use it.
* g10/misc.c (openpgp_aead_test_algo): Allow EAX.
--
This allows the use of EAX when the latest Libgcrypt master is used.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* common/openpgpdefs.h (PKT_ENCRYPTED_AEAD): New const.
* g10/dek.h (DEK): Increase size of use_aead to 4 bits.
* g10/filter.h (cipher_filter_context_t): Add new fields for AEAD.
* g10/packet.h (PKT_encrypted): Add fields aead_algo, cipher_algo, and
chunkbyte.
* g10/build-packet.c (do_encrypted_aead): New.
(build_packet): Call it.
* g10/parse-packet.c (dump_sig_subpkt): Handle SIGSUBPKT_PREF_AEAD.
(parse_one_sig_subpkt, can_handle_critical): Ditto.
(parse_encrypted): Clear new PKT_ENCRYPTED fields.
(parse_encrypted_aead): New.
(parse): Call it.
* g10/gpg.c (main): Take care of --rfc4880bis option when checking
compliance.
* g10/cipher-aead.c: Replace the stub by real code.
* g10/decrypt-data.c (decode_filter_ctx_t): Add fields for use with
AEAD.
(aead_set_nonce): New.
(aead_set_ad): New.
(decrypt_data): Support AEAD.
(aead_underflow): New.
(aead_decode_filter): New.
* g10/encrypt.c (use_aead): Make that new fucntion work.
(encrypt_simple): Use default_aead_algo() instead of EAX.
* g10/mainproc.c (proc_encrypted): Support AEAD.
(do_proc_packets): Support PKT_ENCRYPTED_AEAD.
--
This code has seen only a very few manual tests. Encrypting always
uses a 64k chunks and decryption has not been tested with larger
chunks. Those small chunks make debugging much faster.
Tests can be done using:
gpg --rfc4880bis --pinentry-mode=loopback --passphrase abc \
--force-aead --aead-algo ocb --s2k-mode 0 --cipher AES \
-v -z 0 --status-fd 2 -c <INFILE >OUTFILE
and
gpg --rfc4880bis --pinentry-mode=loopback --passphrase=abc \
--status-fd 2 -v -d <INFILE >OUTFILE
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/cipher.c (cipher_filter): Rename to cipher_filter_cfb.
* g10/cipher-aead.c: New. Right now only with a stub function.
* g10/Makefile.am (gpg_sources): Add file.
* g10/encrypt.c (encrypt_simple): Push either cipher_filter_cfb or
cipher_filter_aead.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/dek.h (DEK): Turn fields use_mdc, algo_printed and symmetric
into single bit vars. Make sure they are always set to 1 or 0.
(DEK): New field use_aead.
* g10/options.h (struct opt): New field force_aead.
* g10/pkclist.c (select_aead_from_pklist): New.
* g10/gpg.c (oForceAEAD): New const.
(opts): New options "--force-aead".
(main): Set new option.
* g10/encrypt.c (use_aead): New.
(encrypt_simple): Implement new flags DEK.use_aead.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.
--
This patch should be enough to detect whether AEAD can be used.
Not tested.
Signed-off-by: Werner Koch <[email protected]>
|
