From da3015e3c05030fe709c8f922486e73d06d1d16a Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 22 Jan 2018 16:23:02 +0100
Subject: gpg: Unify AEAD parameter retrieval.

* g10/pkclist.c (select_aead_from_pklist): Return the AEAD_algo.
* g10/encrypt.c (use_aead): Return the AEAD algo.
(encrypt_simple): Adjust for this change.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.

* g10/misc.c (MY_GCRY_CIPHER_MODE_EAX): New.
(openpgp_aead_algo_info): New.
* g10/cipher-aead.c (MY_GCRY_CIPHER_MODE_EAX): Remove.
(write_header): Use new fucntion.
* g10/decrypt-data.c (MY_GCRY_CIPHER_MODE_EAX): Remove.
(decrypt_data): Use new function.  Also allow for chunkbytes other
than 10.
--

Note that other chunk bytes than 10 and in particular 0 (64 byte
chunks) have not yet been tested.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 g10/decrypt-data.c | 29 ++++++-----------------------
 1 file changed, 6 insertions(+), 23 deletions(-)

(limited to 'g10/decrypt-data.c')

diff --git a/g10/decrypt-data.c b/g10/decrypt-data.c
index 79e255480..7ed0bf006 100644
--- a/g10/decrypt-data.c
+++ b/g10/decrypt-data.c
@@ -31,10 +31,6 @@
 #include "../common/status.h"
 #include "../common/compliance.h"
 
-/* FIXME: Libgcrypt 1.9 will support EAX.  Until we kame this a
- * requirement we hardwire the enum used for EAX.  */
-#define MY_GCRY_CIPHER_MODE_EAX 14
-
 
 static int aead_decode_filter (void *opaque, int control, iobuf_t a,
                                byte *buf, size_t *ret_len);
@@ -274,28 +270,15 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek)
           goto leave;
         }
 
-      switch (ed->aead_algo)
-        {
-        case AEAD_ALGO_OCB:
-          startivlen = 15;
-          ciphermode = GCRY_CIPHER_MODE_OCB;
-          break;
-        case AEAD_ALGO_EAX:
-          startivlen = 16;
-          ciphermode = MY_GCRY_CIPHER_MODE_EAX;
-          break;
-        default:
-          log_error ("unknown AEAD algo %d\n", ed->aead_algo);
-          rc = gpg_error (GPG_ERR_INV_CIPHER_MODE);
-          goto leave;
-        }
+      rc = openpgp_aead_algo_info (ed->aead_algo, &ciphermode, &startivlen);
+      if (rc)
+        goto leave;
       log_assert (startivlen <= sizeof dfx->startiv);
 
-      if (ed->chunkbyte != 10)
+      if (ed->chunkbyte > 56)
         {
-          /* FIXME */
-          log_error ("unsupported chunkbyte %u\n", ed->chunkbyte);
-          rc = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+          log_error ("invalid AEAD chunkbyte %u\n", ed->chunkbyte);
+          rc = gpg_error (GPG_ERR_INV_PACKET);
           goto leave;
         }
 
-- 
cgit v1.2.3