gnupg (6 files)
cvs user wk
cvs at cvs.gnupg.org
Mon Dec 20 11:00:30 CET 2004
Date: Monday, December 20, 2004 @ 11:05:20
Author: wk
Path: /cvs/gnupg/gnupg
Modified: ChangeLog THANKS g10/ChangeLog g10/seckey-cert.c mpi/ChangeLog
mpi/mpicoder.c
* seckey-cert.c (do_check): Handle case when checksum was okay but
passphrase still wrong. Roman Pavlik found such a case.
* mpicoder.c (mpi_read_from_buffer): Don't abort in case of an
invalid MPI but print a message and return NULL. Use log_info and
not log_error.
-------------------+
ChangeLog | 5 +++++
THANKS | 1 +
g10/ChangeLog | 5 +++++
g10/seckey-cert.c | 19 +++++++++++++++++--
mpi/ChangeLog | 6 ++++++
mpi/mpicoder.c | 21 +++++++++++++++------
6 files changed, 49 insertions(+), 8 deletions(-)
Index: gnupg/ChangeLog
diff -u gnupg/ChangeLog:1.226 gnupg/ChangeLog:1.227
--- gnupg/ChangeLog:1.226 Sat Dec 18 23:39:31 2004
+++ gnupg/ChangeLog Mon Dec 20 11:05:20 2004
@@ -14,6 +14,11 @@
2004-12-16 Werner Koch <wk at g10code.com>
+ * THANKS: Added John Clizbe for help testing the 1.4.0a W32
+ binary.
+
+2004-12-16 Werner Koch <wk at g10code.com>
+
Released 1.4.0.
2004-12-14 Werner Koch <wk at g10code.com>
Index: gnupg/THANKS
diff -u gnupg/THANKS:1.78 gnupg/THANKS:1.79
--- gnupg/THANKS:1.78 Thu Dec 16 11:28:50 2004
+++ gnupg/THANKS Mon Dec 20 11:05:20 2004
@@ -101,6 +101,7 @@
Joachim Backes backes at rhrk.uni-kl.de
Joe Rhett jrhett at isite.net
John A. Martin jam at jamux.com
+John Clizbe JPClizbe at comcast.net
Johnny Teveßen j.tevessen at gmx.de
Jörg Schilling schilling at fokus.gmd.de
Jos Backus Jos.Backus at nl.origin-it.com
Index: gnupg/g10/ChangeLog
diff -u gnupg/g10/ChangeLog:1.665 gnupg/g10/ChangeLog:1.666
--- gnupg/g10/ChangeLog:1.665 Mon Dec 20 06:19:09 2004
+++ gnupg/g10/ChangeLog Mon Dec 20 11:05:20 2004
@@ -1,3 +1,8 @@
+2004-12-20 Werner Koch <wk at g10code.com>
+
+ * seckey-cert.c (do_check): Handle case when checksum was okay but
+ passphrase still wrong. Roman Pavlik found such a case.
+
2004-12-20 David Shaw <dshaw at jabberwocky.com>
* keyedit.c (keyedit_menu): Invisible alias "passwd" as
Index: gnupg/g10/seckey-cert.c
diff -u gnupg/g10/seckey-cert.c:1.74 gnupg/g10/seckey-cert.c:1.75
--- gnupg/g10/seckey-cert.c:1.74 Thu Jul 15 23:16:54 2004
+++ gnupg/g10/seckey-cert.c Mon Dec 20 11:05:20 2004
@@ -147,12 +147,20 @@
}
}
- /* must check it here otherwise the mpi_read_xx would fail
+ /* Must check it here otherwise the mpi_read_xx would fail
because the length may have an arbitrary value */
if( sk->csum == csum ) {
for( ; i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
nbytes = ndata;
sk->skey[i] = mpi_read_from_buffer(p, &nbytes, 1 );
+ if (!sk->skey[i])
+ {
+ /* Checksum was okay, but not correctly
+ decrypted. */
+ sk->csum = 0;
+ csum = 1;
+ break;
+ }
ndata -= nbytes;
p += nbytes;
}
@@ -179,8 +187,15 @@
csum += checksum (buffer, ndata);
mpi_free (sk->skey[i]);
sk->skey[i] = mpi_read_from_buffer (buffer, &ndata, 1);
- assert (sk->skey[i]);
m_free (buffer);
+ if (!sk->skey[i])
+ {
+ /* Checksum was okay, but not correctly
+ decrypted. */
+ sk->csum = 0;
+ csum = 1;
+ break;
+ }
/* csum += checksum_mpi (sk->skey[i]); */
}
}
Index: gnupg/mpi/ChangeLog
diff -u gnupg/mpi/ChangeLog:1.79 gnupg/mpi/ChangeLog:1.80
--- gnupg/mpi/ChangeLog:1.79 Tue Oct 26 21:33:41 2004
+++ gnupg/mpi/ChangeLog Mon Dec 20 11:05:20 2004
@@ -1,3 +1,9 @@
+2004-12-20 Werner Koch <wk at g10code.com>
+
+ * mpicoder.c (mpi_read_from_buffer): Don't abort in case of an
+ invalid MPI but print a message and return NULL. Use log_info and
+ not log_error.
+
2004-10-26 Werner Koch <wk at g10code.com>
* config.links: Use HOST instead of TARGET.
Index: gnupg/mpi/mpicoder.c
diff -u gnupg/mpi/mpicoder.c:1.32 gnupg/mpi/mpicoder.c:1.33
--- gnupg/mpi/mpicoder.c:1.32 Thu Sep 30 06:07:23 2004
+++ gnupg/mpi/mpicoder.c Mon Dec 20 11:05:20 2004
@@ -125,7 +125,7 @@
MPI
-mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure)
+mpi_read_from_buffer(byte *buffer, unsigned int *ret_nread, int secure)
{
int i, j;
unsigned nbits, nbytes, nlimbs, nread=0;
@@ -136,7 +136,7 @@
goto leave;
nbits = buffer[0] << 8 | buffer[1];
if( nbits > MAX_EXTERN_MPI_BITS ) {
- log_error("mpi too large (%u bits)\n", nbits);
+ log_info ("mpi too large (%u bits)\n", nbits);
goto leave;
}
buffer += 2;
@@ -154,10 +154,19 @@
for( ; j > 0; j-- ) {
a = 0;
for(; i < BYTES_PER_MPI_LIMB; i++ ) {
- if( ++nread > *ret_nread )
- log_bug("mpi larger than buffer\n");
- a <<= 8;
- a |= *buffer++;
+ if( ++nread > *ret_nread ) {
+ /* This (as well as the above error condition) may
+ happen if we use this function to parse a decrypted
+ MPI which didn't turn out to be a real MPI - possible
+ because the supplied key was wrong but the OpenPGP
+ checksum didn't caught it. */
+ log_info ("mpi larger than buffer\n");
+ mpi_free (val);
+ val = MPI_NULL;
+ goto leave;
+ }
+ a <<= 8;
+ a |= *buffer++;
}
i = 0;
val->d[j-1] = a;
More information about the Gnupg-commits
mailing list