LCOV - code coverage report
Current view: top level - g10 - cipher.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 63 70 90.0 %
Date: 2016-09-12 12:29:17 Functions: 2 2 100.0 %

          Line data    Source code
       1             : /* cipher.c - En-/De-ciphering filter
       2             :  * Copyright (C) 1998, 1999, 2000, 2001, 2003,
       3             :  *               2006, 2009 Free Software Foundation, Inc.
       4             :  *
       5             :  * This file is part of GnuPG.
       6             :  *
       7             :  * GnuPG is free software; you can redistribute it and/or modify
       8             :  * it under the terms of the GNU General Public License as published by
       9             :  * the Free Software Foundation; either version 3 of the License, or
      10             :  * (at your option) any later version.
      11             :  *
      12             :  * GnuPG is distributed in the hope that it will be useful,
      13             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      15             :  * GNU General Public License for more details.
      16             :  *
      17             :  * You should have received a copy of the GNU General Public License
      18             :  * along with this program; if not, see <http://www.gnu.org/licenses/>.
      19             :  */
      20             : 
      21             : #include <config.h>
      22             : #include <stdio.h>
      23             : #include <stdlib.h>
      24             : #include <string.h>
      25             : #include <errno.h>
      26             : 
      27             : #include "gpg.h"
      28             : #include "status.h"
      29             : #include "iobuf.h"
      30             : #include "util.h"
      31             : #include "filter.h"
      32             : #include "packet.h"
      33             : #include "options.h"
      34             : #include "main.h"
      35             : #include "status.h"
      36             : 
      37             : 
      38             : #define MIN_PARTIAL_SIZE 512
      39             : 
      40             : 
      41             : static void
      42         467 : write_header( cipher_filter_context_t *cfx, IOBUF a )
      43             : {
      44             :     gcry_error_t err;
      45             :     PACKET pkt;
      46             :     PKT_encrypted ed;
      47             :     byte temp[18];
      48             :     unsigned int blocksize;
      49             :     unsigned int nprefix;
      50             : 
      51         467 :     blocksize = openpgp_cipher_get_algo_blklen (cfx->dek->algo);
      52         467 :     if ( blocksize < 8 || blocksize > 16 )
      53           0 :         log_fatal("unsupported blocksize %u\n", blocksize );
      54             : 
      55         467 :     memset( &ed, 0, sizeof ed );
      56         467 :     ed.len = cfx->datalen;
      57         467 :     ed.extralen = blocksize+2;
      58         467 :     ed.new_ctb = !ed.len;
      59         467 :     if( cfx->dek->use_mdc ) {
      60         409 :         ed.mdc_method = DIGEST_ALGO_SHA1;
      61         409 :         gcry_md_open (&cfx->mdc_hash, DIGEST_ALGO_SHA1, 0);
      62         409 :         if ( DBG_HASHING )
      63           0 :             gcry_md_debug (cfx->mdc_hash, "creatmdc");
      64             :     }
      65             : 
      66             :     {
      67             :         char buf[20];
      68             : 
      69         467 :         sprintf (buf, "%d %d", ed.mdc_method, cfx->dek->algo);
      70         467 :         write_status_text (STATUS_BEGIN_ENCRYPTION, buf);
      71             :     }
      72             : 
      73         467 :     init_packet( &pkt );
      74         467 :     pkt.pkttype = cfx->dek->use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
      75         467 :     pkt.pkt.encrypted = &ed;
      76         467 :     if( build_packet( a, &pkt ))
      77           0 :         log_bug("build_packet(ENCR_DATA) failed\n");
      78         467 :     nprefix = blocksize;
      79         467 :     gcry_randomize (temp, nprefix, GCRY_STRONG_RANDOM );
      80         467 :     temp[nprefix] = temp[nprefix-2];
      81         467 :     temp[nprefix+1] = temp[nprefix-1];
      82         467 :     print_cipher_algo_note( cfx->dek->algo );
      83         467 :     err = openpgp_cipher_open (&cfx->cipher_hd,
      84             :                                cfx->dek->algo,
      85             :                                GCRY_CIPHER_MODE_CFB,
      86             :                                (GCRY_CIPHER_SECURE
      87             :                                 | ((cfx->dek->use_mdc || cfx->dek->algo >= 100)?
      88             :                                    0 : GCRY_CIPHER_ENABLE_SYNC)));
      89         467 :     if (err) {
      90             :         /* We should never get an error here cause we already checked,
      91             :          * that the algorithm is available.  */
      92           0 :         BUG();
      93             :     }
      94             : 
      95             : 
      96             : /*   log_hexdump( "thekey", cfx->dek->key, cfx->dek->keylen );*/
      97         467 :     gcry_cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen );
      98         467 :     gcry_cipher_setiv( cfx->cipher_hd, NULL, 0 );
      99             : /*  log_hexdump( "prefix", temp, nprefix+2 ); */
     100         467 :     if (cfx->mdc_hash) /* Hash the "IV". */
     101         409 :         gcry_md_write (cfx->mdc_hash, temp, nprefix+2 );
     102         467 :     gcry_cipher_encrypt (cfx->cipher_hd, temp, nprefix+2, NULL, 0);
     103         467 :     gcry_cipher_sync (cfx->cipher_hd);
     104         467 :     iobuf_write(a, temp, nprefix+2);
     105         467 :     cfx->header=1;
     106         467 : }
     107             : 
     108             : 
     109             : 
     110             : /****************
     111             :  * This filter is used to en/de-cipher data with a conventional algorithm
     112             :  */
     113             : int
     114        2503 : cipher_filter( void *opaque, int control,
     115             :                IOBUF a, byte *buf, size_t *ret_len)
     116             : {
     117        2503 :     size_t size = *ret_len;
     118        2503 :     cipher_filter_context_t *cfx = opaque;
     119        2503 :     int rc=0;
     120             : 
     121        2503 :     if( control == IOBUFCTRL_UNDERFLOW ) { /* decrypt */
     122           0 :         rc = -1; /* not yet used */
     123             :     }
     124        2503 :     else if( control == IOBUFCTRL_FLUSH ) { /* encrypt */
     125        1569 :         log_assert(a);
     126        1569 :         if( !cfx->header ) {
     127         467 :             write_header( cfx, a );
     128             :         }
     129        1569 :         if (cfx->mdc_hash)
     130        1333 :             gcry_md_write (cfx->mdc_hash, buf, size);
     131        1569 :         gcry_cipher_encrypt (cfx->cipher_hd, buf, size, NULL, 0);
     132        1569 :         rc = iobuf_write( a, buf, size );
     133             :     }
     134         934 :     else if( control == IOBUFCTRL_FREE ) {
     135         467 :         if( cfx->mdc_hash ) {
     136             :             byte *hash;
     137         409 :             int hashlen = gcry_md_get_algo_dlen (gcry_md_get_algo
     138             :                                                  (cfx->mdc_hash));
     139             :             byte temp[22];
     140             : 
     141         409 :             log_assert( hashlen == 20 );
     142             :             /* We must hash the prefix of the MDC packet here. */
     143         409 :             temp[0] = 0xd3;
     144         409 :             temp[1] = 0x14;
     145         409 :             gcry_md_putc (cfx->mdc_hash, temp[0]);
     146         409 :             gcry_md_putc (cfx->mdc_hash, temp[1]);
     147             : 
     148         409 :             gcry_md_final (cfx->mdc_hash);
     149         409 :             hash = gcry_md_read (cfx->mdc_hash, 0);
     150         409 :             memcpy(temp+2, hash, 20);
     151         409 :             gcry_cipher_encrypt (cfx->cipher_hd, temp, 22, NULL, 0);
     152         409 :             gcry_md_close (cfx->mdc_hash); cfx->mdc_hash = NULL;
     153         409 :             if( iobuf_write( a, temp, 22 ) )
     154           0 :                 log_error("writing MDC packet failed\n" );
     155             :         }
     156         467 :         gcry_cipher_close (cfx->cipher_hd);
     157             :     }
     158         467 :     else if( control == IOBUFCTRL_DESC ) {
     159           0 :         mem2str (buf, "cipher_filter", *ret_len);
     160             :     }
     161        2503 :     return rc;
     162             : }

Generated by: LCOV version 1.11