[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
lib/opencdk/read-packet.c: read_s2k() implementation
|
From: |
Daniel Kahn Gillmor |
|
Subject: |
lib/opencdk/read-packet.c: read_s2k() implementation |
|
Date: |
Fri, 27 Jun 2008 01:50:36 -0400 |
|
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux) |
Hey folks--
After wrapping my head around the relevant section of RFC 4880 and
bits of opencdk, i've fleshed out the previously unimplemented opencdk
internal function intended to interpret OpenPGP String-To-Key
transformations, read_s2k() in read-packet.c.
Attached, please find the patch for this function. Inspection with a
debugger shows that the values being stored are congruent with what is
expected in other uses of the cdk_s2k_t construct.
After my first draft of this patch, i noticed that similar code
already existed in the read_symkey_enc() function (also in
lib/opencdk/read-packet.c). So instead of publishing my first draft,
i've collapsed the code for these two so that there's a canonical
implementation of reading s2k values present in the opencdk codebase.
The attached patch reflects this approach.
This change should not affect the API or ABI at all, and it allows
GnuTLS to recognize encrypted secret keys (though it cannot yet use
them, afaict).
This patch was done against Andreas Metzler's 2.4.0-2 package of
gnutls that is currently in debian/unstable.
As always, feedback is welcome.
Regards,
--dkg
diff -Nur -x '*.orig' -x '*~' gnutls26-2.4.0/lib/opencdk/read-packet.c
gnutls26-2.4.0.new/lib/opencdk/read-packet.c
--- gnutls26-2.4.0/lib/opencdk/read-packet.c 2008-06-27 01:37:53.000000000
-0400
+++ gnutls26-2.4.0.new/lib/opencdk/read-packet.c 2008-06-27
01:40:31.256996360 -0400
@@ -78,10 +78,30 @@
}
-static int
+/* read about S2K at http://tools.ietf.org/html/rfc4880#section-3.7.1 */
+static cdk_error_t
read_s2k (cdk_stream_t inp, cdk_s2k_t s2k)
{
- return CDK_Not_Implemented;
+ size_t nread;
+
+ s2k->mode = cdk_stream_getc (inp);
+ s2k->hash_algo = cdk_stream_getc (inp);
+ if (s2k->mode == CDK_S2K_SIMPLE)
+ return 0;
+ else if (s2k->mode == CDK_S2K_SALTED || s2k->mode == CDK_S2K_ITERSALTED)
+ {
+ if (stream_read (inp, s2k->salt, DIM (s2k->salt), &nread))
+ return CDK_Inv_Packet;
+ if (nread != DIM (s2k->salt))
+ return CDK_Inv_Packet;
+
+ if (s2k->mode == CDK_S2K_ITERSALTED)
+ s2k->count = cdk_stream_getc (inp);
+ }
+ else
+ return CDK_Not_Implemented;
+
+ return 0;
}
@@ -194,6 +214,7 @@
static cdk_error_t
read_symkey_enc (cdk_stream_t inp, size_t pktlen, cdk_pkt_symkey_enc_t ske)
{
+ cdk_error_t ret;
cdk_s2k_t s2k;
size_t minlen;
size_t nread, nleft;
@@ -213,7 +234,9 @@
return CDK_Out_Of_Core;
ske->cipher_algo = cdk_stream_getc (inp);
- s2k->mode = cdk_stream_getc (inp);
+ ret = read_s2k(inp, s2k);
+ if (ret != 0)
+ return ret;
switch (s2k->mode)
{
case CDK_S2K_SIMPLE : minlen = 0; break;
@@ -225,18 +248,6 @@
return CDK_Inv_Packet;
}
- s2k->hash_algo = cdk_stream_getc (inp);
- if (s2k->mode == CDK_S2K_SALTED || s2k->mode == CDK_S2K_ITERSALTED)
- {
- if (stream_read (inp, s2k->salt, DIM (s2k->salt), &nread))
- return CDK_Inv_Packet;
- if (nread != DIM (s2k->salt))
- return CDK_Inv_Packet;
-
- if (s2k->mode == CDK_S2K_ITERSALTED)
- s2k->count = cdk_stream_getc (inp);
- }
-
ske->seskeylen = pktlen - 4 - minlen;
/* We check if there is an encrypted session key and if it fits into
the buffer. The maximal key length is 256-bit. */
pgpdYkOsD8q8w.pgp
Description: PGP signature
- lib/opencdk/read-packet.c: read_s2k() implementation,
Daniel Kahn Gillmor <=