diff options
| author | Werner Koch <[email protected]> | 2020-11-03 12:55:25 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2020-11-03 14:37:40 +0000 |
| commit | d1f2a6d9f71cf50318f4891c84aeedb975553896 (patch) | |
| tree | 4eb834d41464de4ad8288f7293d7f7ccb6af4dd0 /g10/encrypt.c | |
| parent | gpg: Allow setting notations with the empty string as value. (diff) | |
| download | gnupg-d1f2a6d9f71cf50318f4891c84aeedb975553896.tar.gz gnupg-d1f2a6d9f71cf50318f4891c84aeedb975553896.zip | |
gpg: Switch to AES256 for symmetric encryption in de-vs mode.
* g10/gpg.c (set_compliance_option): For AES256 and SHA256 in de-vs
mode.
* g10/encrypt.c (setup_symkey): Add extra compliance check.
(encrypt_simple): Avoid printing a second error oncplinace failure.
--
Because we used the RFC4880 mode as base for the de-vs mode we got
3DES as symmetric encryption algorithm. With the default gnupg mode
that was already used. The new extra compliance checks are added to
detect whether a --personal-cipher-preference or --cipher-algo option
tried to override the algorithms. They are still possible but now
non-compliant algorithms will throw an error.
Manual testing can be done with commands like this:
gpg --no-options --compliance=de-vs \
--personal-cipher-preferences "S1 S7" \
--pinentry-mode loopback -v --passphrase abc -ac </etc/motd
Here the command fails due to IDEA (S1) being the preferred cipher
algorithm. Using "--s2k-digest-algo SHA1" instead of
--personal-cipher-preferences will also fail.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'g10/encrypt.c')
| -rw-r--r-- | g10/encrypt.c | 31 |
1 files changed, 28 insertions, 3 deletions
diff --git a/g10/encrypt.c b/g10/encrypt.c index 40169e1e5..a021c0e07 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -325,7 +325,11 @@ encrypt_simple (const char *filename, int mode, int use_seskey) if (rc) { iobuf_close (inp); - log_error (_("error creating passphrase: %s\n"), gpg_strerror (rc)); + if (gpg_err_code (rc) == GPG_ERR_CIPHER_ALGO + || gpg_err_code (rc) == GPG_ERR_DIGEST_ALGO) + ; /* Error has already been printed. */ + else + log_error (_("error creating passphrase: %s\n"), gpg_strerror (rc)); release_progress_context (pfx); return rc; } @@ -530,12 +534,33 @@ gpg_error_t setup_symkey (STRING2KEY **symkey_s2k, DEK **symkey_dek) { int canceled; + int defcipher; + int s2kdigest; + + defcipher = default_cipher_algo (); + if (!gnupg_cipher_is_allowed (opt.compliance, 1, defcipher, + GCRY_CIPHER_MODE_CFB)) + { + log_error (_("cipher algorithm '%s' may not be used in %s mode\n"), + openpgp_cipher_algo_name (defcipher), + gnupg_compliance_option_string (opt.compliance)); + return gpg_error (GPG_ERR_CIPHER_ALGO); + } + + s2kdigest = S2K_DIGEST_ALGO; + if (!gnupg_digest_is_allowed (opt.compliance, 1, s2kdigest)) + { + log_error (_("digest algorithm '%s' may not be used in %s mode\n"), + gcry_md_algo_name (s2kdigest), + gnupg_compliance_option_string (opt.compliance)); + return gpg_error (GPG_ERR_DIGEST_ALGO); + } *symkey_s2k = xmalloc_clear (sizeof **symkey_s2k); (*symkey_s2k)->mode = opt.s2k_mode; - (*symkey_s2k)->hash_algo = S2K_DIGEST_ALGO; + (*symkey_s2k)->hash_algo = s2kdigest; - *symkey_dek = passphrase_to_dek (default_cipher_algo (), + *symkey_dek = passphrase_to_dek (defcipher, *symkey_s2k, 1, 0, NULL, &canceled); if (!*symkey_dek || !(*symkey_dek)->keylen) { |