From 52c4b0908043993e266b7d0e3fbf567076f8262d Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 9 Apr 2024 11:00:35 +0200 Subject: gpg: Some support to allow Kyber decryption. * g10/call-agent.c (agent_pkdecrypt): Support dual keygrips and switch to KEM mode. * g10/ecdh.c (pk_ecdh_decrypt): Add an extra length check. * g10/keyid.c (do_hash_public_key): Fix Kyber fingerprint computation. * g10/mainproc.c (release_list): Free all 4 data elements. (proc_pubkey_enc): Copy all 4 data elements. * g10/misc.c (openpgp_pk_test_algo2): Map Kyber to KEM. * g10/parse-packet.c (parse_pubkeyenc): Fix Kyber parser. * g10/pubkey-enc.c (get_session_key): Allow Kyber. (get_it): Support Kyber. -- GnuPG-bug-id: 6815 --- g10/parse-packet.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'g10/parse-packet.c') diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 2163787cb..c55bb1b71 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -1444,6 +1444,7 @@ parse_symkeyenc (IOBUF inp, int pkttype, unsigned long pktlen, } +/* Parse a public key encrypted packet (Tag 1). */ static int parse_pubkeyenc (IOBUF inp, int pkttype, unsigned long pktlen, PACKET * packet) @@ -1514,9 +1515,14 @@ parse_pubkeyenc (IOBUF inp, int pkttype, unsigned long pktlen, { log_assert (ndata == 4); /* Get the ephemeral public key. */ - rc = read_octet_string (inp, &pktlen, 4, 0, 0, k->data + 0); - if (rc) - goto leave; + n = pktlen; + k->data[0] = sos_read (inp, &n, 0); + pktlen -= n; + if (!k->data[0]) + { + rc = gpg_error (GPG_ERR_INV_PACKET); + goto leave; + } /* Get the Kyber ciphertext. */ rc = read_octet_string (inp, &pktlen, 4, 0, 0, k->data + 1); if (rc) -- cgit v1.2.3