From 813f8d1b8e4b6c4365f0bd2a5305bdbe1e049d05 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 11 Apr 2024 15:56:21 +0200 Subject: gpg: Changed internal data format for Kyber. * g10/packet.h (PKT_pubkey_enc): Add field seskey_algo. (struct pubkey_enc_list): Ditto. * g10/misc.c (pubkey_get_nenc): Change value for Kyber from 4 to 3. * g10/parse-packet.c (parse_pubkeyenc): Store the Kyber algo in the new field and adjust data. Do not store the length byte in data[2]. * g10/build-packet.c (do_pubkey_enc): Take the session algo for Kyber from the new field. * g10/encrypt.c (write_pubkey_enc): Ses the seskey_algo. * g10/mainproc.c (proc_pubkey_enc): Copy it. * g10/pubkey-enc.c (get_it): Support Kyber decryption. * g10/seskey.c (encode_session_key): Handle Kyber different from ECDH. -- Having always the single byte in the packet data than to store and retrieve it from an MPI is much easier. Thus this patch changes the original internal format. With this chnages decryption of the slighly modified test data works now. See the bug tracker for test data. GnuPG-bug-id: 6815 --- g10/parse-packet.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) (limited to 'g10/parse-packet.c') diff --git a/g10/parse-packet.c b/g10/parse-packet.c index c55bb1b71..8bd283b4b 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -1513,7 +1513,7 @@ parse_pubkeyenc (IOBUF inp, int pkttype, unsigned long pktlen, } else if (k->pubkey_algo == PUBKEY_ALGO_KYBER) { - log_assert (ndata == 4); + log_assert (ndata == 3); /* Get the ephemeral public key. */ n = pktlen; k->data[0] = sos_read (inp, &n, 0); @@ -1527,12 +1527,16 @@ parse_pubkeyenc (IOBUF inp, int pkttype, unsigned long pktlen, rc = read_octet_string (inp, &pktlen, 4, 0, 0, k->data + 1); if (rc) goto leave; - /* Get the algorithm id. */ - rc = read_octet_string (inp, &pktlen, 0, 1, 0, k->data + 2); - if (rc) - goto leave; - /* Get the wrapped symmetric key. */ - rc = read_sized_octet_string (inp, &pktlen, k->data + 3); + /* Get the algorithm id for the session key. */ + if (!pktlen) + { + rc = gpg_error (GPG_ERR_INV_PACKET); + goto leave; + } + k->seskey_algo = iobuf_get_noeof (inp); + pktlen--; + /* Get the encrypted symmetric key. */ + rc = read_octet_string (inp, &pktlen, 1, 0, 0, k->data + 2); if (rc) goto leave; } @@ -1551,6 +1555,8 @@ parse_pubkeyenc (IOBUF inp, int pkttype, unsigned long pktlen, } if (list_mode) { + if (k->seskey_algo) + es_fprintf (listfp, "\tsession key algo: %d\n", k->seskey_algo); for (i = 0; i < ndata; i++) { es_fprintf (listfp, "\tdata: "); -- cgit v1.2.3