STABLE-BRANCH-1-2 gnupg (5 files)
cvs user dshaw
cvs at cvs.gnupg.org
Thu Feb 10 05:01:35 CET 2005
Date: Thursday, February 10, 2005 @ 05:11:35
Author: dshaw
Path: /cvs/gnupg/gnupg
Tag: STABLE-BRANCH-1-2
Modified: g10/ChangeLog g10/encr-data.c g10/mainproc.c include/ChangeLog
include/cipher.h
Disable the "quick check" bytes for PK decryptions. This is in
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.
-------------------+
g10/ChangeLog | 9 +++++++++
g10/encr-data.c | 8 +++++---
g10/mainproc.c | 6 ++++--
include/ChangeLog | 4 ++++
include/cipher.h | 4 +++-
5 files changed, 25 insertions(+), 6 deletions(-)
Index: gnupg/g10/ChangeLog
diff -u gnupg/g10/ChangeLog:1.249.2.233 gnupg/g10/ChangeLog:1.249.2.234
--- gnupg/g10/ChangeLog:1.249.2.233 Mon Nov 29 22:07:08 2004
+++ gnupg/g10/ChangeLog Thu Feb 10 05:11:35 2005
@@ -1,3 +1,12 @@
+2005-02-09 David Shaw <dshaw at jabberwocky.com>
+
+ * mainproc.c (proc_symkey_enc): Set a flag to indicate that a
+ particular session key came from a passphrase and not a PK.
+
+ * encr-data.c (decrypt_data): Use it here to turn off the "quick
+ check" bytes for PK decryptions. This is in regards to the Mister
+ and Zuccherato attack on OpenPGP CFB mode.
+
2004-11-29 David Shaw <dshaw at jabberwocky.com>
* getkey.c (parse_key_usage): New function to parse out key usage
Index: gnupg/g10/encr-data.c
diff -u gnupg/g10/encr-data.c:1.29 gnupg/g10/encr-data.c:1.29.2.1
--- gnupg/g10/encr-data.c:1.29 Sat Jun 29 15:46:33 2002
+++ gnupg/g10/encr-data.c Thu Feb 10 05:11:35 2005
@@ -1,5 +1,5 @@
/* encr-data.c - process an encrypted data packet
- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2005 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -120,10 +120,12 @@
cipher_sync( dfx.cipher_hd );
p = temp;
/* log_hexdump( "prefix", temp, nprefix+2 ); */
- if( p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1] ) {
+ if( dek->symmetric
+ && (p[nprefix-2] != p[nprefix] || p[nprefix-1] != p[nprefix+1]) )
+ {
rc = G10ERR_BAD_KEY;
goto leave;
- }
+ }
if( dfx.mdc_hash )
md_write( dfx.mdc_hash, temp, nprefix+2 );
Index: gnupg/g10/mainproc.c
diff -u gnupg/g10/mainproc.c:1.112.2.27 gnupg/g10/mainproc.c:1.112.2.28
--- gnupg/g10/mainproc.c:1.112.2.27 Sun Jun 27 20:26:49 2004
+++ gnupg/g10/mainproc.c Thu Feb 10 05:11:35 2005
@@ -1,6 +1,6 @@
/* mainproc.c - handle packets
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
- * 2004 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
+ * 2005 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -317,6 +317,8 @@
c->dek = passphrase_to_dek( NULL, 0, algo, &enc->s2k, 0, NULL, NULL );
if(c->dek)
{
+ c->dek->symmetric=1;
+
/* FIXME: This doesn't work perfectly if a symmetric key
comes before a public key in the message - if the user
doesn't know the passphrase, then there is a chance
Index: gnupg/include/ChangeLog
diff -u gnupg/include/ChangeLog:1.34.2.20 gnupg/include/ChangeLog:1.34.2.21
--- gnupg/include/ChangeLog:1.34.2.20 Mon Nov 29 22:07:43 2004
+++ gnupg/include/ChangeLog Thu Feb 10 05:11:35 2005
@@ -1,3 +1,7 @@
+2005-02-09 David Shaw <dshaw at jabberwocky.com>
+
+ * cipher.h: Add a flag for a symmetric DEK.
+
2004-11-29 David Shaw <dshaw at jabberwocky.com>
* cipher.h: Add PUBKEY_USAGE_UNKNOWN.
Index: gnupg/include/cipher.h
diff -u gnupg/include/cipher.h:1.53.2.6 gnupg/include/cipher.h:1.53.2.7
--- gnupg/include/cipher.h:1.53.2.6 Mon Nov 29 22:07:43 2004
+++ gnupg/include/cipher.h Thu Feb 10 05:11:35 2005
@@ -1,5 +1,6 @@
/* cipher.h
- * Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2003,
+ * 2005 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
@@ -76,6 +77,7 @@
int keylen;
int algo_info_printed;
int use_mdc;
+ int symmetric;
byte key[32]; /* this is the largest used keylen (256 bit) */
} DEK;
More information about the Gnupg-commits
mailing list