diff options
Diffstat (limited to '')
| -rw-r--r-- | g10/encr-data.c | 90 |
1 files changed, 53 insertions, 37 deletions
diff --git a/g10/encr-data.c b/g10/encr-data.c index 23ab0a662..cf2e43da7 100644 --- a/g10/encr-data.c +++ b/g10/encr-data.c @@ -1,5 +1,6 @@ /* encr-data.c - process an encrypted data packet - * Copyright (C) 1998, 1999, 2000, 2001, 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -24,10 +25,10 @@ #include <stdlib.h> #include <string.h> #include <assert.h> + +#include "gpg.h" #include "util.h" -#include "memory.h" #include "packet.h" -#include "mpi.h" #include "cipher.h" #include "options.h" #include "i18n.h" @@ -38,12 +39,13 @@ static int mdc_decode_filter( void *opaque, int control, IOBUF a, static int decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len); -typedef struct { - CIPHER_HANDLE cipher_hd; - MD_HANDLE mdc_hash; - char defer[20]; - int defer_filled; - int eof_seen; +typedef struct +{ + gcry_cipher_hd_t cipher_hd; + gcry_md_hd_t mdc_hash; + char defer[20]; + int defer_filled; + int eof_seen; } decode_filter_ctx_t; @@ -62,16 +64,17 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek ) memset( &dfx, 0, sizeof dfx ); if( opt.verbose && !dek->algo_info_printed ) { - const char *s = cipher_algo_to_string( dek->algo ); - if( s ) + const char *s = gcry_cipher_algo_name (dek->algo); + if (s && *s) log_info(_("%s encrypted data\n"), s ); else log_info(_("encrypted with unknown algorithm %d\n"), dek->algo ); dek->algo_info_printed = 1; } - if( (rc=check_cipher_algo(dek->algo)) ) + rc = openpgp_cipher_test_algo (dek->algo); + if (rc) goto leave; - blocksize = cipher_get_blocksize(dek->algo); + blocksize = gcry_cipher_get_algo_blklen (dek->algo); if( !blocksize || blocksize > 16 ) log_fatal("unsupported blocksize %u\n", blocksize ); nprefix = blocksize; @@ -79,16 +82,28 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek ) BUG(); if( ed->mdc_method ) { - dfx.mdc_hash = md_open( ed->mdc_method, 0 ); + if (gcry_md_open (&dfx.mdc_hash, ed->mdc_method, 0 )) + BUG (); if ( DBG_HASHING ) - md_start_debug(dfx.mdc_hash, "checkmdc"); + gcry_md_start_debug (dfx.mdc_hash, "checkmdc"); } - dfx.cipher_hd = cipher_open( dek->algo, - ed->mdc_method? CIPHER_MODE_CFB - : CIPHER_MODE_AUTO_CFB, 1 ); + + rc = gcry_cipher_open (&dfx.cipher_hd, dek->algo, + GCRY_CIPHER_MODE_CFB, + (GCRY_CIPHER_SECURE + | ((ed->mdc_method || dek->algo >= 100)? + 0 : GCRY_CIPHER_ENABLE_SYNC))); + if (rc) + { + /* We should never get an error here cause we already checked + * that the algorithm is available. */ + BUG(); + } + + /* log_hexdump( "thekey", dek->key, dek->keylen );*/ - rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen ); - if( rc == G10ERR_WEAK_KEY ) + rc = gcry_cipher_setkey (dfx.cipher_hd, dek->key, dek->keylen); + if ( gpg_err_code (rc) == GPG_ERR_WEAK_KEY ) { log_info(_("WARNING: message was encrypted with" " a weak key in the symmetric cipher.\n")); @@ -105,7 +120,7 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek ) goto leave; } - cipher_setiv( dfx.cipher_hd, NULL, 0 ); + gcry_cipher_setiv (dfx.cipher_hd, NULL, 0); if( ed->len ) { for(i=0; i < (nprefix+2) && ed->len; i++, ed->len-- ) { @@ -122,19 +137,20 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek ) else temp[i] = c; } - cipher_decrypt( dfx.cipher_hd, temp, temp, nprefix+2); - cipher_sync( dfx.cipher_hd ); + + gcry_cipher_decrypt (dfx.cipher_hd, temp, nprefix+2, NULL, 0); + gcry_cipher_sync (dfx.cipher_hd); p = temp; /* log_hexdump( "prefix", temp, nprefix+2 ); */ if(dek->symmetric && (p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1]) ) { - rc = G10ERR_BAD_KEY; + rc = GPG_ERR_BAD_KEY; goto leave; } if( dfx.mdc_hash ) - md_write( dfx.mdc_hash, temp, nprefix+2 ); + gcry_md_write (dfx.mdc_hash, temp, nprefix+2); if( ed->mdc_method ) iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx ); @@ -144,23 +160,23 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek ) proc_packets( procctx, ed->buf ); ed->buf = NULL; if( ed->mdc_method && dfx.eof_seen == 2 ) - rc = G10ERR_INVALID_PACKET; + rc = gpg_error (GPG_ERR_INV_PACKET); else if( ed->mdc_method ) { /* check the mdc */ - int datalen = md_digest_length( ed->mdc_method ); + int datalen = gcry_md_get_algo_dlen (ed->mdc_method); - cipher_decrypt( dfx.cipher_hd, dfx.defer, dfx.defer, 20); - md_final( dfx.mdc_hash ); - if( datalen != 20 - || memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) ) - rc = G10ERR_BAD_SIGN; + gcry_cipher_decrypt (dfx.cipher_hd, dfx.defer, 20, NULL, 0); + gcry_md_final (dfx.mdc_hash); + if (datalen != 20 + || memcmp (gcry_md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) ) + rc = gpg_error (GPG_ERR_BAD_SIGNATURE); /*log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);*/ /*log_hexdump("MDC message :", dfx.defer, 20);*/ } leave: - cipher_close(dfx.cipher_hd); - md_close( dfx.mdc_hash ); + gcry_cipher_close (dfx.cipher_hd); + gcry_md_close (dfx.mdc_hash); return rc; } @@ -226,8 +242,8 @@ mdc_decode_filter( void *opaque, int control, IOBUF a, } if( n ) { - cipher_decrypt( dfx->cipher_hd, buf, buf, n); - md_write( dfx->mdc_hash, buf, n ); + gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0); + gcry_md_write (dfx->mdc_hash, buf, n); } else { assert( dfx->eof_seen ); @@ -253,7 +269,7 @@ decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len) n = iobuf_read( a, buf, size ); if( n == -1 ) n = 0; if( n ) - cipher_decrypt( fc->cipher_hd, buf, buf, n); + gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0); else rc = -1; /* eof */ *ret_len = n; |