diff options
| -rw-r--r-- | g10/encrypt.c | 17 | ||||
| -rw-r--r-- | g10/free-packet.c | 5 | ||||
| -rw-r--r-- | g10/packet.h | 8 | ||||
| -rw-r--r-- | g10/parse-packet.c | 4 | ||||
| -rw-r--r-- | g10/sign.c | 13 |
5 files changed, 35 insertions, 12 deletions
diff --git a/g10/encrypt.c b/g10/encrypt.c index b67d8039d..b305ce938 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -572,7 +572,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey) if ( s2k ) { /* Fixme: This is quite similar to write_symkey_enc. */ - PKT_symkey_enc *enc = xmalloc_clear (sizeof *enc + enckeylen); + PKT_symkey_enc *enc = xmalloc_clear (sizeof *enc); enc->version = cfx.dek->use_aead ? 5 : 4; enc->cipher_algo = cfx.dek->algo; enc->aead_algo = cfx.dek->use_aead; @@ -580,13 +580,14 @@ encrypt_simple (const char *filename, int mode, int use_seskey) if (enckeylen) { enc->seskeylen = enckeylen; + enc->seskey = xmalloc (enckeylen); memcpy (enc->seskey, enckey, enckeylen); } pkt.pkttype = PKT_SYMKEY_ENC; pkt.pkt.symkey_enc = enc; if ((rc = build_packet( out, &pkt ))) log_error("build symkey packet failed: %s\n", gpg_strerror (rc) ); - xfree (enc); + free_symkey_enc (enc); xfree (enckey); enckey = NULL; } @@ -777,7 +778,7 @@ write_symkey_enc (STRING2KEY *symkey_s2k, aead_algo_t aead_algo, rc = encrypt_seskey (symkey_dek, aead_algo, &dek, &enckey, &enckeylen); if (rc) return rc; - enc = xtrycalloc (1, sizeof (PKT_symkey_enc) + enckeylen); + enc = xtrycalloc (1, sizeof (PKT_symkey_enc)); if (!enc) { rc = gpg_error_from_syserror (); @@ -790,6 +791,14 @@ write_symkey_enc (STRING2KEY *symkey_s2k, aead_algo_t aead_algo, enc->aead_algo = aead_algo; enc->s2k = *symkey_s2k; enc->seskeylen = enckeylen; + enc->seskey = xtrymalloc (enckeylen); + if (!enc->seskey) + { + rc = gpg_error_from_syserror (); + xfree (enc); + xfree (enckey); + return rc; + } memcpy (enc->seskey, enckey, enckeylen); xfree (enckey); @@ -799,7 +808,7 @@ write_symkey_enc (STRING2KEY *symkey_s2k, aead_algo_t aead_algo, if ((rc=build_packet(out,&pkt))) log_error("build symkey_enc packet failed: %s\n",gpg_strerror (rc)); - xfree (enc); + free_symkey_enc (enc); return rc; } diff --git a/g10/free-packet.c b/g10/free-packet.c index f742022f5..fc4e9d26b 100644 --- a/g10/free-packet.c +++ b/g10/free-packet.c @@ -49,9 +49,12 @@ my_mpi_copy (gcry_mpi_t a) void free_symkey_enc( PKT_symkey_enc *enc ) { - xfree(enc); + if (enc) + xfree (enc->seskey); + xfree(enc); } + /* This is the core of free_pubkey_enc but does only release the * allocated members of ENC. */ void diff --git a/g10/packet.h b/g10/packet.h index 8b4c3d9c2..60446a417 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -147,9 +147,9 @@ typedef struct { S2K function on the password is the session key. See RFC 4880, Section 5.3.) */ byte seskeylen; - /* The session key as encrypted by the S2K specifier. For AEAD this - * includes the nonce and the authentication tag. */ - byte seskey[1]; + /* The malloced session key as encrypted by the S2K specifier. For + * AEAD this includes the nonce and the authentication tag. */ + byte *seskey; } PKT_symkey_enc; /* A public-key encrypted session key packet as defined in RFC 4880, @@ -177,7 +177,7 @@ typedef struct { struct seskey_enc_list { struct seskey_enc_list *next; - int result; + int result; /* The error code decrypting the session key. */ int u_sym; /* Use the sym member. */ union { PKT_pubkey_enc pub; diff --git a/g10/parse-packet.c b/g10/parse-packet.c index ac784b7fb..32ec46b6f 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -1376,8 +1376,7 @@ parse_symkeyenc (IOBUF inp, int pkttype, unsigned long pktlen, goto leave; } seskeylen = pktlen - minlen; - k = packet->pkt.symkey_enc = xmalloc_clear (sizeof *packet->pkt.symkey_enc - + seskeylen - 1); + k = packet->pkt.symkey_enc = xmalloc_clear (sizeof *packet->pkt.symkey_enc); k->version = version; k->cipher_algo = cipher_algo; k->aead_algo = aead_algo; @@ -1396,6 +1395,7 @@ parse_symkeyenc (IOBUF inp, int pkttype, unsigned long pktlen, k->seskeylen = seskeylen; if (k->seskeylen) { + k->seskey = xcalloc (1, seskeylen); for (i = 0; i < seskeylen && pktlen; i++, pktlen--) k->seskey[i] = iobuf_get_noeof (inp); diff --git a/g10/sign.c b/g10/sign.c index f0bf9b671..9ef032e74 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -1728,7 +1728,18 @@ sign_symencrypt_file (ctrl_t ctrl, const char *fname, strlist_t locusr) /* Write the symmetric key packet */ /* (current filters: armor)*/ { - PKT_symkey_enc *enc = xmalloc_clear( sizeof *enc ); + PKT_symkey_enc *enc = xmalloc_clear (sizeof *enc); + + /* FIXME: seskeylen is 0, thus we directly encrypt the session key: + * + * ...then the S2K algorithm applied to the passphrase produces + * the session key for decrypting the file, using the symmetric + * cipher algorithm from the Symmetric-Key Encrypted Session Key + * packet. + * + * The problem is that this does not allow us to add additional + * encrypted session keys. + */ enc->version = cfx.dek->use_aead ? 5 : 4; enc->cipher_algo = cfx.dek->algo; |