diff options
| author | Timo Schulz <[email protected]> | 2002-06-05 12:19:44 +0000 |
|---|---|---|
| committer | Timo Schulz <[email protected]> | 2002-06-05 12:19:44 +0000 |
| commit | 8bd4025defcf48dcf746ffad95d0c2d988e4a033 (patch) | |
| tree | 182d0d4cc0255508dd0148600fa3a19b585aa5af | |
| parent | *** empty log message *** (diff) | |
| download | gnupg-8bd4025defcf48dcf746ffad95d0c2d988e4a033.tar.gz gnupg-8bd4025defcf48dcf746ffad95d0c2d988e4a033.zip | |
2002-06-05 Timo Schulz <[email protected]>
* encode.c (encode_sesskey): New.
(encode_simple): Use it here. But by default we use the compat
mode which supress to generate encrypted session keys.
| -rw-r--r-- | g10/ChangeLog | 6 | ||||
| -rw-r--r-- | g10/encode.c | 51 | ||||
| -rw-r--r-- | g10/mainproc.c | 9 |
3 files changed, 57 insertions, 9 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 66d13ebe4..cedaa9f94 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,11 @@ 2002-06-05 Timo Schulz <[email protected]> + * encode.c (encode_sesskey): New. + (encode_simple): Use it here. But by default we use the compat + mode which supress to generate encrypted session keys. + +2002-06-05 Timo Schulz <[email protected]> + * mainproc.c (symkey_decrypt_sesskey): New. (proc_symkey_enc): Support for encrypted session keys. diff --git a/g10/encode.c b/g10/encode.c index 141e4363f..a9c016f31 100644 --- a/g10/encode.c +++ b/g10/encode.c @@ -38,7 +38,7 @@ #include "i18n.h" #include "status.h" -static int encode_simple( const char *filename, int mode ); +static int encode_simple( const char *filename, int mode, int compat ); static int write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, IOBUF out ); @@ -50,7 +50,7 @@ static int write_pubkey_enc_from_list( PK_LIST pk_list, DEK *dek, IOBUF out ); int encode_symmetric( const char *filename ) { - return encode_simple( filename, 1 ); + return encode_simple( filename, 1, 1 ); } /**************** @@ -60,19 +60,49 @@ encode_symmetric( const char *filename ) int encode_store( const char *filename ) { - return encode_simple( filename, 0 ); + return encode_simple( filename, 0, 1 ); } +static void +encode_sesskey( DEK *dek, DEK **ret_dek, byte *enckey ) +{ + CIPHER_HANDLE hd; + DEK *c; + byte buf[33]; + assert ( dek->keylen < 32 ); + + c = m_alloc_clear( sizeof *c ); + c->keylen = dek->keylen; + c->algo = dek->algo; + make_session_key( c ); + /*log_hexdump( "thekey", c->key, c->keylen );*/ + + buf[0] = c->algo; + memcpy( buf + 1, c->key, c->keylen ); + + hd = cipher_open( dek->algo, CIPHER_MODE_CFB, 1 ); + cipher_setkey( hd, dek->key, dek->keylen ); + cipher_setiv( hd, NULL, 0 ); + cipher_encrypt( hd, buf, buf, c->keylen + 1 ); + cipher_close( hd ); + + memcpy( enckey, buf, c->keylen + 1 ); + memset( buf, 0, sizeof buf ); /* burn key */ + *ret_dek = c; +} static int -encode_simple( const char *filename, int mode ) +encode_simple( const char *filename, int mode, int compat ) { IOBUF inp, out; PACKET pkt; + DEK *dek = NULL; PKT_plaintext *pt = NULL; STRING2KEY *s2k = NULL; + byte enckey[33]; int rc = 0; + int seskeylen = 0; u32 filesize; cipher_filter_context_t cfx; armor_filter_context_t afx; @@ -122,6 +152,13 @@ encode_simple( const char *filename, int mode ) log_error(_("error creating passphrase: %s\n"), g10_errstr(rc) ); return rc; } + if ( !compat ) { + seskeylen = cipher_get_keylen( opt.def_cipher_algo ? + opt.def_cipher_algo: + opt.s2k_cipher_algo ) / 8; + encode_sesskey( cfx.dek, &dek, enckey ); + m_free( cfx.dek ); cfx.dek = dek; + } } if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) ) { @@ -142,10 +179,14 @@ encode_simple( const char *filename, int mode ) } #endif if( s2k && !opt.rfc1991 ) { - PKT_symkey_enc *enc = m_alloc_clear( sizeof *enc ); + PKT_symkey_enc *enc = m_alloc_clear( sizeof *enc + seskeylen + 1 ); enc->version = 4; enc->cipher_algo = cfx.dek->algo; enc->s2k = *s2k; + if ( !compat && seskeylen ) { + enc->seskeylen = seskeylen + 1; /* algo id */ + memcpy( enc->seskey, enckey, seskeylen + 1 ); + } pkt.pkttype = PKT_SYMKEY_ENC; pkt.pkt.symkey_enc = enc; if( (rc = build_packet( out, &pkt )) ) diff --git a/g10/mainproc.c b/g10/mainproc.c index d3a6c9e46..c79e4b6b1 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -243,7 +243,7 @@ symkey_decrypt_sesskey( DEK *dek, byte *sesskey, size_t slen ) CIPHER_HANDLE hd; if ( slen > 33 ) { - log_error( "weird size for an encrypted session key" ); + log_error( "weird size for an encrypted session key (%d)\n", slen ); return; } hd = cipher_open( dek->algo, CIPHER_MODE_CFB, 1 ); @@ -253,14 +253,15 @@ symkey_decrypt_sesskey( DEK *dek, byte *sesskey, size_t slen ) cipher_close( hd ); /* check first byte (the cipher algo) */ if ( sesskey[0] > 10 ) { - log_error( "invalid symkey algorithm detected\n" ); + log_error( "invalid symkey algorithm detected (%d)\n", sesskey[0] ); return; } /* now we replace the dek components with the real session key to decrypt the contents of the sequencing packet. */ - dek->keylen = cipher_get_keylen( sesskey[0] ); + dek->keylen = cipher_get_keylen( sesskey[0] ) / 8; dek->algo = sesskey[0]; - memcpy( dek->key, sesskey + 1, dek->keylen ); + memcpy( dek->key, sesskey + 1, dek->keylen ); + /*log_hexdump( "thekey", dek->key, dek->keylen );*/ } static void |