diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2020-05-25 13:20:15 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2020-05-28 11:52:26 +0200 |
commit | 271280e62d1e0ee64a8f4cbb5766b17e3edf947d (patch) | |
tree | d30a6172c9626e6fb36db62f336bd7d80abce819 /tool/src | |
parent | 94dcb41c69c4e16f1f491a9b27148e90a0d713e7 (diff) |
openpgp: Change the `decrypt` proxy in the decryption helper.
- Returning rich errors from this function may compromise secret key
material due to Bleichenbacher-style attacks. Change the API to
prevent this.
- Hat tip to Hanno Böck.
- Fixes #507.
Diffstat (limited to 'tool/src')
-rw-r--r-- | tool/src/commands/decrypt.rs | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/tool/src/commands/decrypt.rs b/tool/src/commands/decrypt.rs index ea48eb0b..d7657cdb 100644 --- a/tool/src/commands/decrypt.rs +++ b/tool/src/commands/decrypt.rs @@ -90,12 +90,12 @@ impl<'a> Helper<'a> { keypair: &mut dyn crypto::Decryptor, decrypt: &mut D) -> Option<Option<Fingerprint>> - where D: FnMut(SymmetricAlgorithm, &SessionKey) -> openpgp::Result<()> + where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool { let keyid = keypair.public().fingerprint().into(); match pkesk.decrypt(keypair, sym_algo) .and_then(|(algo, sk)| { - decrypt(algo, &sk).ok()?; Some(sk) + if decrypt(algo, &sk) { Some(sk) } else { None } }) { Some(sk) => { @@ -132,7 +132,7 @@ impl<'a> DecryptionHelper for Helper<'a> { fn decrypt<D>(&mut self, pkesks: &[PKESK], skesks: &[SKESK], sym_algo: Option<SymmetricAlgorithm>, mut decrypt: D) -> openpgp::Result<Option<Fingerprint>> - where D: FnMut(SymmetricAlgorithm, &SessionKey) -> openpgp::Result<()> + where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool { // First, we try those keys that we can use without prompting // for a password. @@ -259,8 +259,8 @@ impl<'a> DecryptionHelper for Helper<'a> { "Enter password to decrypt message: "))?.into(); for skesk in skesks { - if let Ok(sk) = skesk.decrypt(&password) - .and_then(|(algo, sk)| { decrypt(algo, &sk)?; Ok(sk) }) + if let Some(sk) = skesk.decrypt(&password).ok() + .and_then(|(algo, sk)| { if decrypt(algo, &sk) { Some(sk) } else { None }}) { if self.dump_session_key { eprintln!("Session key: {}", hex::encode(&sk)); @@ -320,8 +320,9 @@ pub fn decrypt_unwrap(ctx: &Context, policy: &dyn Policy, match pp.packet { Packet::SEIP(_) | Packet::AED(_) => { { - let decrypt = - |algo, secret: &SessionKey| pp.decrypt(algo, secret); + let decrypt = |algo, secret: &SessionKey| { + pp.decrypt(algo, secret).is_ok() + }; helper.decrypt(&pkesks[..], &skesks[..], sym_algo_hint, decrypt)?; } |