[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.3-30-g416cf9e
by Werner Koch
cvs at cvs.gnupg.org
Wed Dec 13 13:11:44 CET 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 416cf9e9be5d2daf0ef629208031989699b3653f (commit)
via b5333e13cbc9db354ed90762190bf70605a02d1f (commit)
via 067e62fe55721cac47c931f01fdb7c1563a64e9c (commit)
from 9f641430dcdecbd7ee205d407cb19bb4262aa95d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 416cf9e9be5d2daf0ef629208031989699b3653f
Author: Werner Koch <wk at gnupg.org>
Date: Wed Dec 13 13:02:34 2017 +0100
gpg: Print a warning for too much data encrypted with 3DES et al.
* g10/filter.h (cipher_filter_context_t): Remove unused filed
'create_mdc'. Turn field 'header' into a bit field. Add new fields
'short_blklen_warn' and 'short_blklen_count'.
* g10/cipher.c (write_header): Print a warning if MDC is not used.
(cipher_filter): Print a warning for long messages encrypted with a
short block length algorithm.
--
Note that to test this warning in a reliable way compression needs to
be disabled.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/cipher.c b/g10/cipher.c
index 409d0ad..b950d0c 100644
--- a/g10/cipher.c
+++ b/g10/cipher.c
@@ -64,6 +64,11 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a)
if (DBG_HASHING)
gcry_md_debug (cfx->mdc_hash, "creatmdc");
}
+ else if (!opt.no_mdc_warn)
+ {
+ log_info ("WARNING: "
+ "encrypting without integrity protection is dangerous\n");
+ }
write_status_printf (STATUS_BEGIN_ENCRYPTION, "%d %d",
ed.mdc_method, cfx->dek->algo);
@@ -91,7 +96,6 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a)
BUG();
}
-
/* log_hexdump ("thekey", cfx->dek->key, cfx->dek->keylen); */
gcry_cipher_setkey (cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen);
gcry_cipher_setiv (cfx->cipher_hd, NULL, 0);
@@ -101,7 +105,11 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a)
gcry_cipher_encrypt (cfx->cipher_hd, temp, nprefix+2, NULL, 0);
gcry_cipher_sync (cfx->cipher_hd);
iobuf_write (a, temp, nprefix+2);
- cfx->header = 1;
+
+ cfx->short_blklen_warn = (blocksize < 16);
+ cfx->short_blklen_count = nprefix+2;
+
+ cfx->wrote_header = 1;
}
@@ -122,11 +130,23 @@ cipher_filter (void *opaque, int control, iobuf_t a, byte *buf, size_t *ret_len)
else if (control == IOBUFCTRL_FLUSH) /* encrypt */
{
log_assert (a);
- if (!cfx->header)
+ if (!cfx->wrote_header)
write_header (cfx, a);
if (cfx->mdc_hash)
gcry_md_write (cfx->mdc_hash, buf, size);
gcry_cipher_encrypt (cfx->cipher_hd, buf, size, NULL, 0);
+ if (cfx->short_blklen_warn)
+ {
+ cfx->short_blklen_count += size;
+ if (cfx->short_blklen_count > (150 * 1024 * 1024))
+ {
+ log_info ("WARNING: encrypting more than %d MiB with algorithm "
+ "%s should be avoided\n", 150,
+ openpgp_cipher_algo_name (cfx->dek->algo));
+ cfx->short_blklen_warn = 0; /* Don't show again. */
+ }
+ }
+
rc = iobuf_write (a, buf, size);
}
else if (control == IOBUFCTRL_FREE)
diff --git a/g10/filter.h b/g10/filter.h
index 275608d..9e4b1e5 100644
--- a/g10/filter.h
+++ b/g10/filter.h
@@ -92,10 +92,11 @@ typedef struct {
DEK *dek;
u32 datalen;
gcry_cipher_hd_t cipher_hd;
- int header;
+ unsigned int wrote_header : 1;
+ unsigned int short_blklen_warn : 1;
+ unsigned long short_blklen_count;
gcry_md_hd_t mdc_hash;
byte enchash[20];
- int create_mdc; /* flag will be set by the cipher filter */
} cipher_filter_context_t;
commit b5333e13cbc9db354ed90762190bf70605a02d1f
Author: Werner Koch <wk at gnupg.org>
Date: Wed Dec 13 11:58:51 2017 +0100
gpg: Simplify cipher:write_header.
* g10/cipher.c (write_header): Use write_status_printf.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/cipher.c b/g10/cipher.c
index 2677989..409d0ad 100644
--- a/g10/cipher.c
+++ b/g10/cipher.c
@@ -65,12 +65,8 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a)
gcry_md_debug (cfx->mdc_hash, "creatmdc");
}
- {
- char buf[20];
-
- snprintf (buf, sizeof buf, "%d %d", ed.mdc_method, cfx->dek->algo);
- write_status_text (STATUS_BEGIN_ENCRYPTION, buf);
- }
+ write_status_printf (STATUS_BEGIN_ENCRYPTION, "%d %d",
+ ed.mdc_method, cfx->dek->algo);
init_packet (&pkt);
pkt.pkttype = cfx->dek->use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
commit 067e62fe55721cac47c931f01fdb7c1563a64e9c
Author: Werner Koch <wk at gnupg.org>
Date: Wed Dec 13 11:56:28 2017 +0100
indent: Re-indent g10/cipher.c
--
diff --git a/g10/cipher.c b/g10/cipher.c
index 655937f..2677989 100644
--- a/g10/cipher.c
+++ b/g10/cipher.c
@@ -1,6 +1,6 @@
/* cipher.c - En-/De-ciphering filter
- * Copyright (C) 1998, 1999, 2000, 2001, 2003,
- * 2006, 2009 Free Software Foundation, Inc.
+ * Copyright (C) 1998-2003, 2006, 2009 Free Software Foundation, Inc.
+ * Copyright (C) 1998-2003, 2006, 2009, 2017 Werner koch
*
* This file is part of GnuPG.
*
@@ -16,6 +16,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <https://www.gnu.org/licenses/>.
+ * SPDX-License-Identifier: GPL-3.0+
*/
#include <config.h>
@@ -39,124 +40,129 @@
static void
-write_header( cipher_filter_context_t *cfx, IOBUF a )
+write_header (cipher_filter_context_t *cfx, iobuf_t a)
{
- gcry_error_t err;
- PACKET pkt;
- PKT_encrypted ed;
- byte temp[18];
- unsigned int blocksize;
- unsigned int nprefix;
-
- blocksize = openpgp_cipher_get_algo_blklen (cfx->dek->algo);
- if ( blocksize < 8 || blocksize > 16 )
- log_fatal("unsupported blocksize %u\n", blocksize );
-
- memset( &ed, 0, sizeof ed );
- ed.len = cfx->datalen;
- ed.extralen = blocksize+2;
- ed.new_ctb = !ed.len;
- if( cfx->dek->use_mdc ) {
- ed.mdc_method = DIGEST_ALGO_SHA1;
- gcry_md_open (&cfx->mdc_hash, DIGEST_ALGO_SHA1, 0);
- if ( DBG_HASHING )
- gcry_md_debug (cfx->mdc_hash, "creatmdc");
- }
-
+ gcry_error_t err;
+ PACKET pkt;
+ PKT_encrypted ed;
+ byte temp[18];
+ unsigned int blocksize;
+ unsigned int nprefix;
+
+ blocksize = openpgp_cipher_get_algo_blklen (cfx->dek->algo);
+ if ( blocksize < 8 || blocksize > 16 )
+ log_fatal ("unsupported blocksize %u\n", blocksize);
+
+ memset (&ed, 0, sizeof ed);
+ ed.len = cfx->datalen;
+ ed.extralen = blocksize + 2;
+ ed.new_ctb = !ed.len;
+ if (cfx->dek->use_mdc)
{
- char buf[20];
-
- sprintf (buf, "%d %d", ed.mdc_method, cfx->dek->algo);
- write_status_text (STATUS_BEGIN_ENCRYPTION, buf);
+ ed.mdc_method = DIGEST_ALGO_SHA1;
+ gcry_md_open (&cfx->mdc_hash, DIGEST_ALGO_SHA1, 0);
+ if (DBG_HASHING)
+ gcry_md_debug (cfx->mdc_hash, "creatmdc");
}
- init_packet( &pkt );
- pkt.pkttype = cfx->dek->use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
- pkt.pkt.encrypted = &ed;
- if( build_packet( a, &pkt ))
- log_bug("build_packet(ENCR_DATA) failed\n");
- nprefix = blocksize;
- gcry_randomize (temp, nprefix, GCRY_STRONG_RANDOM );
- temp[nprefix] = temp[nprefix-2];
- temp[nprefix+1] = temp[nprefix-1];
- print_cipher_algo_note( cfx->dek->algo );
- err = openpgp_cipher_open (&cfx->cipher_hd,
- cfx->dek->algo,
- GCRY_CIPHER_MODE_CFB,
- (GCRY_CIPHER_SECURE
- | ((cfx->dek->use_mdc || cfx->dek->algo >= 100)?
- 0 : GCRY_CIPHER_ENABLE_SYNC)));
- if (err) {
- /* We should never get an error here cause we already checked,
- * that the algorithm is available. */
- BUG();
+ {
+ char buf[20];
+
+ snprintf (buf, sizeof buf, "%d %d", ed.mdc_method, cfx->dek->algo);
+ write_status_text (STATUS_BEGIN_ENCRYPTION, buf);
+ }
+
+ init_packet (&pkt);
+ pkt.pkttype = cfx->dek->use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
+ pkt.pkt.encrypted = &ed;
+ if (build_packet( a, &pkt))
+ log_bug ("build_packet(ENCR_DATA) failed\n");
+ nprefix = blocksize;
+ gcry_randomize (temp, nprefix, GCRY_STRONG_RANDOM );
+ temp[nprefix] = temp[nprefix-2];
+ temp[nprefix+1] = temp[nprefix-1];
+ print_cipher_algo_note (cfx->dek->algo);
+ err = openpgp_cipher_open (&cfx->cipher_hd,
+ cfx->dek->algo,
+ GCRY_CIPHER_MODE_CFB,
+ (GCRY_CIPHER_SECURE
+ | ((cfx->dek->use_mdc || cfx->dek->algo >= 100)?
+ 0 : GCRY_CIPHER_ENABLE_SYNC)));
+ if (err)
+ {
+ /* We should never get an error here cause we already checked,
+ * that the algorithm is available. */
+ BUG();
}
-/* log_hexdump( "thekey", cfx->dek->key, cfx->dek->keylen );*/
- gcry_cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
- gcry_cipher_setiv( cfx->cipher_hd, NULL, 0 );
-/* log_hexdump( "prefix", temp, nprefix+2 ); */
- if (cfx->mdc_hash) /* Hash the "IV". */
- gcry_md_write (cfx->mdc_hash, temp, nprefix+2 );
- gcry_cipher_encrypt (cfx->cipher_hd, temp, nprefix+2, NULL, 0);
- gcry_cipher_sync (cfx->cipher_hd);
- iobuf_write(a, temp, nprefix+2);
- cfx->header=1;
+ /* log_hexdump ("thekey", cfx->dek->key, cfx->dek->keylen); */
+ gcry_cipher_setkey (cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen);
+ gcry_cipher_setiv (cfx->cipher_hd, NULL, 0);
+ /* log_hexdump ("prefix", temp, nprefix+2); */
+ if (cfx->mdc_hash) /* Hash the "IV". */
+ gcry_md_write (cfx->mdc_hash, temp, nprefix+2 );
+ gcry_cipher_encrypt (cfx->cipher_hd, temp, nprefix+2, NULL, 0);
+ gcry_cipher_sync (cfx->cipher_hd);
+ iobuf_write (a, temp, nprefix+2);
+ cfx->header = 1;
}
-
-/****************
- * This filter is used to en/de-cipher data with a conventional algorithm
+/*
+ * This filter is used to en/de-cipher data with a symmetric algorithm
*/
int
-cipher_filter( void *opaque, int control,
- IOBUF a, byte *buf, size_t *ret_len)
+cipher_filter (void *opaque, int control, iobuf_t a, byte *buf, size_t *ret_len)
{
- size_t size = *ret_len;
- cipher_filter_context_t *cfx = opaque;
- int rc=0;
+ cipher_filter_context_t *cfx = opaque;
+ size_t size = *ret_len;
+ int rc = 0;
- if( control == IOBUFCTRL_UNDERFLOW ) { /* decrypt */
- rc = -1; /* not yet used */
+ if (control == IOBUFCTRL_UNDERFLOW) /* decrypt */
+ {
+ rc = -1; /* not yet used */
}
- else if( control == IOBUFCTRL_FLUSH ) { /* encrypt */
- log_assert(a);
- if( !cfx->header ) {
- write_header( cfx, a );
- }
- if (cfx->mdc_hash)
- gcry_md_write (cfx->mdc_hash, buf, size);
- gcry_cipher_encrypt (cfx->cipher_hd, buf, size, NULL, 0);
- rc = iobuf_write( a, buf, size );
+ else if (control == IOBUFCTRL_FLUSH) /* encrypt */
+ {
+ log_assert (a);
+ if (!cfx->header)
+ write_header (cfx, a);
+ if (cfx->mdc_hash)
+ gcry_md_write (cfx->mdc_hash, buf, size);
+ gcry_cipher_encrypt (cfx->cipher_hd, buf, size, NULL, 0);
+ rc = iobuf_write (a, buf, size);
}
- else if( control == IOBUFCTRL_FREE ) {
- if( cfx->mdc_hash ) {
- byte *hash;
- int hashlen = gcry_md_get_algo_dlen (gcry_md_get_algo
- (cfx->mdc_hash));
- byte temp[22];
-
- log_assert( hashlen == 20 );
- /* We must hash the prefix of the MDC packet here. */
- temp[0] = 0xd3;
- temp[1] = 0x14;
- gcry_md_putc (cfx->mdc_hash, temp[0]);
- gcry_md_putc (cfx->mdc_hash, temp[1]);
-
- gcry_md_final (cfx->mdc_hash);
- hash = gcry_md_read (cfx->mdc_hash, 0);
- memcpy(temp+2, hash, 20);
- gcry_cipher_encrypt (cfx->cipher_hd, temp, 22, NULL, 0);
- gcry_md_close (cfx->mdc_hash); cfx->mdc_hash = NULL;
- if( iobuf_write( a, temp, 22 ) )
- log_error("writing MDC packet failed\n" );
+ else if (control == IOBUFCTRL_FREE)
+ {
+ if (cfx->mdc_hash)
+ {
+ byte *hash;
+ int hashlen = gcry_md_get_algo_dlen (gcry_md_get_algo(cfx->mdc_hash));
+ byte temp[22];
+
+ log_assert (hashlen == 20);
+ /* We must hash the prefix of the MDC packet here. */
+ temp[0] = 0xd3;
+ temp[1] = 0x14;
+ gcry_md_putc (cfx->mdc_hash, temp[0]);
+ gcry_md_putc (cfx->mdc_hash, temp[1]);
+
+ gcry_md_final (cfx->mdc_hash);
+ hash = gcry_md_read (cfx->mdc_hash, 0);
+ memcpy(temp+2, hash, 20);
+ gcry_cipher_encrypt (cfx->cipher_hd, temp, 22, NULL, 0);
+ gcry_md_close (cfx->mdc_hash); cfx->mdc_hash = NULL;
+ if (iobuf_write( a, temp, 22))
+ log_error ("writing MDC packet failed\n");
}
- gcry_cipher_close (cfx->cipher_hd);
+
+ gcry_cipher_close (cfx->cipher_hd);
}
- else if( control == IOBUFCTRL_DESC ) {
- mem2str (buf, "cipher_filter", *ret_len);
+ else if (control == IOBUFCTRL_DESC)
+ {
+ mem2str (buf, "cipher_filter", *ret_len);
}
- return rc;
+
+ return rc;
}
-----------------------------------------------------------------------
Summary of changes:
g10/cipher.c | 226 ++++++++++++++++++++++++++++++++---------------------------
g10/filter.h | 5 +-
2 files changed, 127 insertions(+), 104 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list