diff options
| author | Werner Koch <wk@gnupg.org> | 2020-07-07 12:58:29 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2020-07-07 12:58:29 +0200 |
| commit | 6864bba78e76a1ff72aec140ae9f4e752454c463 (patch) | |
| tree | 237ee31079d3ce0fee59ae6bc3bce1b67738dda0 /g10/encrypt.c | |
| parent | sm: Exclude rsaPSS from de-vs compliance mode. (diff) | |
| download | gnupg2-6864bba78e76a1ff72aec140ae9f4e752454c463.tar.xz gnupg2-6864bba78e76a1ff72aec140ae9f4e752454c463.zip | |
gpg: Fix flaw in symmetric algorithm selection in mixed mode.
* g10/encrypt.c (setup_symkey): Use default_cipher_algo function
instead of the fallback s2k_cipher_algo. Fix error code.
(encrypt_simple): Use setup_symkey.
--
Aside of removing code duplication this patch fixes the flaw that the
S2K cipher algorithm was used when mixing public key and symmetric
encryption or signatures with symmetric encrypion. The
default_algorithm function should be used here so that the command
line option --cipher-algo and --personal-cipher-preferences have an
effect.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'g10/encrypt.c')
| -rw-r--r-- | g10/encrypt.c | 24 |
1 files changed, 8 insertions, 16 deletions
diff --git a/g10/encrypt.c b/g10/encrypt.c index 39626f1e2..40169e1e5 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -319,19 +319,11 @@ encrypt_simple (const char *filename, int mode, int use_seskey) cfx.dek = NULL; if ( mode ) { - int canceled; aead_algo_t aead_algo; - s2k = xmalloc_clear( sizeof *s2k ); - s2k->mode = opt.s2k_mode; - s2k->hash_algo = S2K_DIGEST_ALGO; - cfx.dek = passphrase_to_dek (default_cipher_algo (), s2k, 1, 0, - NULL, &canceled); - if ( !cfx.dek || !cfx.dek->keylen ) + rc = setup_symkey (&s2k, &cfx.dek); + if (rc) { - rc = gpg_error (canceled? GPG_ERR_CANCELED:GPG_ERR_INV_PASSPHRASE); - xfree (cfx.dek); - xfree (s2k); iobuf_close (inp); log_error (_("error creating passphrase: %s\n"), gpg_strerror (rc)); release_progress_context (pfx); @@ -534,22 +526,22 @@ encrypt_simple (const char *filename, int mode, int use_seskey) } -int -setup_symkey (STRING2KEY **symkey_s2k,DEK **symkey_dek) +gpg_error_t +setup_symkey (STRING2KEY **symkey_s2k, DEK **symkey_dek) { int canceled; - *symkey_s2k=xmalloc_clear(sizeof(STRING2KEY)); + *symkey_s2k = xmalloc_clear (sizeof **symkey_s2k); (*symkey_s2k)->mode = opt.s2k_mode; (*symkey_s2k)->hash_algo = S2K_DIGEST_ALGO; - *symkey_dek = passphrase_to_dek (opt.s2k_cipher_algo, + *symkey_dek = passphrase_to_dek (default_cipher_algo (), *symkey_s2k, 1, 0, NULL, &canceled); - if(!*symkey_dek || !(*symkey_dek)->keylen) + if (!*symkey_dek || !(*symkey_dek)->keylen) { xfree(*symkey_dek); xfree(*symkey_s2k); - return gpg_error (canceled?GPG_ERR_CANCELED:GPG_ERR_BAD_PASSPHRASE); + return gpg_error (canceled?GPG_ERR_CANCELED:GPG_ERR_INV_PASSPHRASE); } return 0; |