diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2020-05-25 13:20:15 +0200 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2020-05-28 11:52:26 +0200 |
| commit | 271280e62d1e0ee64a8f4cbb5766b17e3edf947d (patch) | |
| tree | d30a6172c9626e6fb36db62f336bd7d80abce819 /openpgp-ffi | |
| parent | 94dcb41c69c4e16f1f491a9b27148e90a0d713e7 (diff) | |
openpgp: Change the `decrypt` proxy in the decryption helper.
- Returning rich errors from this function may compromise secret key
material due to Bleichenbacher-style attacks. Change the API to
prevent this.
- Hat tip to Hanno Böck.
- Fixes #507.
Diffstat (limited to 'openpgp-ffi')
| -rw-r--r-- | openpgp-ffi/include/sequoia/openpgp/types.h | 4 | ||||
| -rw-r--r-- | openpgp-ffi/src/parse/stream.rs | 26 |
2 files changed, 18 insertions, 12 deletions
diff --git a/openpgp-ffi/include/sequoia/openpgp/types.h b/openpgp-ffi/include/sequoia/openpgp/types.h index b77e4251..216c69cb 100644 --- a/openpgp-ffi/include/sequoia/openpgp/types.h +++ b/openpgp-ffi/include/sequoia/openpgp/types.h @@ -1,6 +1,8 @@ #ifndef SEQUOIA_OPENPGP_TYPES_H #define SEQUOIA_OPENPGP_TYPES_H +#include <stdbool.h> + /*/ /// Holds a session key. /// @@ -524,7 +526,7 @@ typedef pgp_status_t (*pgp_decryptor_get_certs_cb_t) (void *, pgp_cert_t **, size_t *, void (**free)(void *)); -typedef pgp_status_t (pgp_decryptor_do_decrypt_cb_t) ( +typedef bool (pgp_decryptor_do_decrypt_cb_t) ( void *, uint8_t, pgp_session_key_t); diff --git a/openpgp-ffi/src/parse/stream.rs b/openpgp-ffi/src/parse/stream.rs index 9c900a76..cce302ad 100644 --- a/openpgp-ffi/src/parse/stream.rs +++ b/openpgp-ffi/src/parse/stream.rs @@ -416,7 +416,7 @@ type DecryptCallback = fn(*mut HelperCookie, u8, // XXX SymmetricAlgorithm extern "C" fn (*mut c_void, u8, *const crypto::SessionKey) - -> Status, + -> bool, *mut c_void, *mut Maybe<super::super::fingerprint::Fingerprint>) -> Status; @@ -837,7 +837,7 @@ impl DecryptionHelper for DHelper { sym_algo: Option<SymmetricAlgorithm>, mut decrypt: D) -> openpgp::Result<Option<openpgp::Fingerprint>> - where D: FnMut(SymmetricAlgorithm, &SessionKey) -> openpgp::Result<()> + where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool { let mut identity: Maybe<super::super::fingerprint::Fingerprint> = None; @@ -860,12 +860,11 @@ impl DecryptionHelper for DHelper { extern "C" fn trampoline<D>(data: *mut c_void, algo: u8, sk: *const crypto::SessionKey) - -> Status - where D: FnMut(SymmetricAlgorithm, &SessionKey) - -> openpgp::Result<()> + -> bool + where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool { let closure: &mut D = unsafe { &mut *(data as *mut D) }; - (*closure)(algo.into(), sk.ref_raw()).into() + (*closure)(algo.into(), sk.ref_raw()) } let result = (self.decrypt_cb)( @@ -954,7 +953,6 @@ impl DecryptionHelper for DHelper { /// void *decrypt_cookie, /// pgp_fingerprint_t *identity_out) /// { -/// pgp_status_t rc; /// pgp_error_t err; /// struct decrypt_cookie *cookie = cookie_opaque; /// @@ -989,18 +987,24 @@ impl DecryptionHelper for DHelper { /// if (pgp_pkesk_decrypt (&err, /// pkesk, key, &algo, /// session_key, &session_key_len)) { -/// error (1, 0, "pgp_pkesk_decrypt: %s", pgp_error_to_string (err)); +/// error (0, 0, "pgp_pkesk_decrypt: %s", pgp_error_to_string (err)); +/// pgp_key_free (key); +/// pgp_key_amalgamation_free (ka); +/// continue; /// } /// pgp_key_free (key); /// pgp_key_amalgamation_free (ka); /// /// pgp_session_key_t sk = pgp_session_key_from_bytes (session_key, /// session_key_len); -/// rc = decrypt (decrypt_cookie, algo, sk); -/// pgp_session_key_free (sk); +/// if (! decrypt (decrypt_cookie, algo, sk)) { +/// pgp_session_key_free (sk); +/// continue; +/// } /// +/// pgp_session_key_free (sk); /// *identity_out = pgp_cert_fingerprint (cookie->key); -/// return rc; +/// return PGP_STATUS_SUCCESS; /// } /// /// return PGP_STATUS_UNKNOWN_ERROR; |