gpg: Some support to allow Kyber decryption.

* g10/call-agent.c (agent_pkdecrypt): Support dual keygrips and switch to KEM mode. * g10/ecdh.c (pk_ecdh_decrypt): Add an extra length check. * g10/keyid.c (do_hash_public_key): Fix Kyber fingerprint computation. * g10/mainproc.c (release_list): Free all 4 data elements. (proc_pubkey_enc): Copy all 4 data elements. * g10/misc.c (openpgp_pk_test_algo2): Map Kyber to KEM. * g10/parse-packet.c (parse_pubkeyenc): Fix Kyber parser. * g10/pubkey-enc.c (get_session_key): Allow Kyber. (get_it): Support Kyber. -- GnuPG-bug-id: 6815
author: Werner Koch <[email protected]> 2024-04-09 09:00:35 +0000
committer: Werner Koch <[email protected]> 2024-04-09 09:01:56 +0000
commit: 52c4b0908043993e266b7d0e3fbf567076f8262d (patch)
tree: 0f1a1a8e423b55234884f878d04f86ce2208be0c /g10/ecdh.c
parent: kbx: Support kyber in the blob parser. (diff)
download: gnupg-52c4b0908043993e266b7d0e3fbf567076f8262d.tar.gz
gnupg-52c4b0908043993e266b7d0e3fbf567076f8262d.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/g10/ecdh.c b/g10/ecdh.c
index 4938e419d..279508bec 100644
--- a/g10/ecdh.c
+++ b/g10/ecdh.c
@@ -537,7 +537,7 @@ pk_ecdh_decrypt (gcry_mpi_t *r_result, const byte sk_fp[MAX_FINGERPRINT_LEN],
   nbytes = (nbits+7)/8;
 
   data_buf_size = nbytes;
-  if ((data_buf_size & 7) != 1)
+  if ((data_buf_size & 7) != 1 || data_buf_size <= 1 + 8)
     {
       log_error ("can't use a shared secret of %d bytes for ecdh\n",
                  data_buf_size);
author	Werner Koch <[email protected]>	2024-04-09 09:00:35 +0000
committer	Werner Koch <[email protected]>	2024-04-09 09:01:56 +0000
commit	52c4b0908043993e266b7d0e3fbf567076f8262d (patch)
tree	0f1a1a8e423b55234884f878d04f86ce2208be0c /g10/ecdh.c
parent	kbx: Support kyber in the blob parser. (diff)
download	gnupg-52c4b0908043993e266b7d0e3fbf567076f8262d.tar.gz gnupg-52c4b0908043993e266b7d0e3fbf567076f8262d.zip