diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2020-05-25 13:20:15 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2020-05-28 11:52:26 +0200 |
commit | 271280e62d1e0ee64a8f4cbb5766b17e3edf947d (patch) | |
tree | d30a6172c9626e6fb36db62f336bd7d80abce819 /sop | |
parent | 94dcb41c69c4e16f1f491a9b27148e90a0d713e7 (diff) |
openpgp: Change the `decrypt` proxy in the decryption helper.
- Returning rich errors from this function may compromise secret key
material due to Bleichenbacher-style attacks. Change the API to
prevent this.
- Hat tip to Hanno Böck.
- Fixes #507.
Diffstat (limited to 'sop')
-rw-r--r-- | sop/src/main.rs | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/sop/src/main.rs b/sop/src/main.rs index 5d707b8c..15eccf4c 100644 --- a/sop/src/main.rs +++ b/sop/src/main.rs @@ -672,12 +672,12 @@ impl<'a> Helper<'a> { -> Option<(SymmetricAlgorithm, SessionKey, Option<Fingerprint>)> - where D: FnMut(SymmetricAlgorithm, &SessionKey) -> openpgp::Result<()> + where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool { let keyid = keypair.public().fingerprint().into(); let (algo, sk) = pkesk.decrypt(keypair, algo) .and_then(|(algo, sk)| { - decrypt(algo, &sk).ok()?; Some((algo, sk)) + if decrypt(algo, &sk) { Some((algo, sk)) } else { None } })?; Some((algo, sk, self.identities.get(&keyid).map(|fp| fp.clone()))) @@ -705,7 +705,7 @@ impl<'a> DecryptionHelper for Helper<'a> { fn decrypt<D>(&mut self, pkesks: &[PKESK], skesks: &[SKESK], algo: Option<SymmetricAlgorithm>, mut decrypt: D) -> openpgp::Result<Option<Fingerprint>> - where D: FnMut(SymmetricAlgorithm, &SessionKey) -> openpgp::Result<()> + where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool { // First, try all supplied session keys. while let Some(sk) = self.session_keys.pop() { @@ -713,7 +713,7 @@ impl<'a> DecryptionHelper for Helper<'a> { .filter(|a| a.key_size().map(|size| size == sk.len()) .unwrap_or(false)) { - if decrypt(algo, &sk).is_ok() { + if decrypt(algo, &sk) { self.dump_session_key(algo, &sk)?; return Ok(None); } @@ -764,10 +764,13 @@ impl<'a> DecryptionHelper for Helper<'a> { // Finally, try to decrypt using the SKESKs. for password in self.passwords.iter() { for skesk in skesks { - if let Ok((algo, sk)) = skesk.decrypt(password) + if let Some((algo, sk)) = skesk.decrypt(password).ok() .and_then(|(algo, sk)| { - decrypt(algo, &sk)?; - Ok((algo, sk)) + if decrypt(algo, &sk) { + Some((algo, sk)) + } else { + None + } }) { self.dump_session_key(algo, &sk)?; |