diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2019-08-20 14:12:44 +0200 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2019-08-20 14:18:06 +0200 |
| commit | c59bb02c794294e62da3259561e439ab78e04560 (patch) | |
| tree | edb06817e9bdea49456c1aeaf7edef1a7cf0e546 /openpgp-ffi | |
| parent | f39af0ed274f85fab408000d68a9395f40b392c2 (diff) | |
openpgp: Make choice of AEAD algorithm explicit.
- Automatically using AEAD if all recipients claim support is a
policy decision, which we'd rather avoid in the openpgp crate.
- Fixes #293.
Diffstat (limited to 'openpgp-ffi')
| -rw-r--r-- | openpgp-ffi/examples/encrypt-for.c | 3 | ||||
| -rw-r--r-- | openpgp-ffi/include/sequoia/openpgp.h | 3 | ||||
| -rw-r--r-- | openpgp-ffi/src/serialize.rs | 12 |
3 files changed, 14 insertions, 4 deletions
diff --git a/openpgp-ffi/examples/encrypt-for.c b/openpgp-ffi/examples/encrypt-for.c index e3125dc3..31b643e3 100644 --- a/openpgp-ffi/examples/encrypt-for.c +++ b/openpgp-ffi/examples/encrypt-for.c @@ -48,7 +48,8 @@ main (int argc, char **argv) NULL, 0, /* no passwords */ &tpk, 1, PGP_ENCRYPTION_MODE_FOR_TRANSPORT, - 9 /* AES256 */); + 9 /* AES256 */, + 0 /* No AEAD */); if (writer == NULL) error (1, 0, "pgp_encryptor_new: %s", pgp_error_to_string (err)); diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h index 34611acb..1a7dc98d 100644 --- a/openpgp-ffi/include/sequoia/openpgp.h +++ b/openpgp-ffi/include/sequoia/openpgp.h @@ -1599,7 +1599,8 @@ pgp_writer_stack_t pgp_encryptor_new (pgp_error_t *errp, pgp_tpk_t *recipients, size_t recipients_len, pgp_encryption_mode_t mode, - uint8_t cipher_algo); + uint8_t cipher_algo, + uint8_t aead_algo); /*/ /// Frees this object. diff --git a/openpgp-ffi/src/serialize.rs b/openpgp-ffi/src/serialize.rs index 7c463fc4..1f0a7639 100644 --- a/openpgp-ffi/src/serialize.rs +++ b/openpgp-ffi/src/serialize.rs @@ -17,6 +17,7 @@ use self::openpgp::{ crypto::Password, }; use self::openpgp::constants::{ + AEADAlgorithm, DataFormat, HashAlgorithm, SymmetricAlgorithm, @@ -240,7 +241,8 @@ pub extern "C" fn pgp_encryptor_new passwords: Option<&*const c_char>, passwords_len: size_t, recipients: Option<&*const TPK>, recipients_len: size_t, encryption_mode: u8, - cipher_algo: u8) + cipher_algo: u8, + aead_algo: u8) -> *mut writer::Stack<'static, Cookie> { ffi_make_fry_from_errp!(errp); @@ -276,9 +278,15 @@ pub extern "C" fn pgp_encryptor_new } else { Some(cipher_algo.into()) }; + let aead_algo : Option<AEADAlgorithm> = if aead_algo == 0 { + None + } else { + Some(aead_algo.into()) + }; ffi_try_box!(Encryptor::new(*inner, &passwords_.iter().collect::<Vec<&Password>>(), &recipients[..], encryption_mode, - cipher_algo)) + cipher_algo, + aead_algo)) } |