openpgp: Support encrypted keys protected by two octet sum.

- Encrypted key material can be protected by either SHA1 or a two octet sum over the key material. The latter is not used anymore, but GnuPG 2.1 emits this S2K usage octet when emitting TSKs with detached keys. - Fixes #569.
author: Justus Winter <justus@sequoia-pgp.org> 2020-10-06 14:50:45 +0200
committer: Justus Winter <justus@sequoia-pgp.org> 2020-10-06 14:56:16 +0200
commit: e980facce477e7bbe5de5d5e970124a9203c0004 (patch)
tree: 03d96d095939570b6e4788a39e711842b3dc1fdc /openpgp/src/serialize.rs
parent: ad127e721f512d3c77733db309cbe74956729069 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/openpgp/src/serialize.rs b/openpgp/src/serialize.rs
index 032cc70b..0ebecf42 100644
--- a/openpgp/src/serialize.rs
+++ b/openpgp/src/serialize.rs
@@ -1831,7 +1831,13 @@ impl<P, R> Key4<P, R>
                 })?,
                 SecretKeyMaterial::Encrypted(ref e) => {
                     // S2K usage.
-                    write_byte(o, 254)?;
+                    write_byte(o, match e.checksum() {
+                        Some(SecretKeyChecksum::SHA1) => 254,
+                        Some(SecretKeyChecksum::Sum16) => 255,
+                        None => return Err(Error::InvalidOperation(
+                            "In Key4 packets, encrypted secret keys must be \
+                             checksummed".into()).into()),
+                    })?;
                     write_byte(o, e.algo().into())?;
                     e.s2k().serialize(o)?;
                     o.write_all(e.raw_ciphertext())?;
author	Justus Winter <justus@sequoia-pgp.org>	2020-10-06 14:50:45 +0200
committer	Justus Winter <justus@sequoia-pgp.org>	2020-10-06 14:56:16 +0200
commit	e980facce477e7bbe5de5d5e970124a9203c0004 (patch)
tree	03d96d095939570b6e4788a39e711842b3dc1fdc /openpgp/src/serialize.rs
parent	ad127e721f512d3c77733db309cbe74956729069 (diff)