From a3ea9626797ecf9ce5dba230c9617db84c159e5a Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Thu, 10 Feb 2005 04:06:30 +0000
Subject: Disable the "quick check" bytes for PK decryptions.  This is in
 regards to the Mister and Zuccherato attack on OpenPGP CFB mode.

---
 g10/encr-data.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'g10/encr-data.c')

diff --git a/g10/encr-data.c b/g10/encr-data.c
index e05994535..f9fabc8f0 100644
--- a/g10/encr-data.c
+++ b/g10/encr-data.c
@@ -1,5 +1,5 @@
 /* encr-data.c -  process an encrypted data packet
- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2005 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -125,10 +125,12 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
     cipher_sync( dfx.cipher_hd );
     p = temp;
 /* log_hexdump( "prefix", temp, nprefix+2 ); */
-    if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
+    if(dek->symmetric
+       && (p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1]) )
+      {
 	rc = G10ERR_BAD_KEY;
 	goto leave;
-    }
+      }
 
     if( dfx.mdc_hash )
 	md_write( dfx.mdc_hash, temp, nprefix+2 );
-- 
cgit