diff options
| author | Werner Koch <[email protected]> | 2004-12-20 10:05:20 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2004-12-20 10:05:20 +0000 |
| commit | 9e3526f236a94423830b75e59db40d20ac69b856 (patch) | |
| tree | 5d8cd39ecce834747ea5fc7295eb2a8e1a21a48e /g10/seckey-cert.c | |
| parent | (handle_iconv_error): Turn diagnostics into warnings (diff) | |
| download | gnupg-9e3526f236a94423830b75e59db40d20ac69b856.tar.gz gnupg-9e3526f236a94423830b75e59db40d20ac69b856.zip | |
* seckey-cert.c (do_check): Handle case when checksum was okay but
passphrase still wrong. Roman Pavlik found such a case.
* mpicoder.c (mpi_read_from_buffer): Don't abort in case of an
invalid MPI but print a message and return NULL. Use log_info and
not log_error.
Diffstat (limited to '')
| -rw-r--r-- | g10/seckey-cert.c | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c index 84533bd3e..9153b9508 100644 --- a/g10/seckey-cert.c +++ b/g10/seckey-cert.c @@ -147,12 +147,20 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode, } } - /* must check it here otherwise the mpi_read_xx would fail + /* Must check it here otherwise the mpi_read_xx would fail because the length may have an arbitrary value */ if( sk->csum == csum ) { for( ; i < pubkey_get_nskey(sk->pubkey_algo); i++ ) { nbytes = ndata; sk->skey[i] = mpi_read_from_buffer(p, &nbytes, 1 ); + if (!sk->skey[i]) + { + /* Checksum was okay, but not correctly + decrypted. */ + sk->csum = 0; + csum = 1; + break; + } ndata -= nbytes; p += nbytes; } @@ -179,8 +187,15 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode, csum += checksum (buffer, ndata); mpi_free (sk->skey[i]); sk->skey[i] = mpi_read_from_buffer (buffer, &ndata, 1); - assert (sk->skey[i]); m_free (buffer); + if (!sk->skey[i]) + { + /* Checksum was okay, but not correctly + decrypted. */ + sk->csum = 0; + csum = 1; + break; + } /* csum += checksum_mpi (sk->skey[i]); */ } } |