From 47362eed301a4954af94afe84df16ab6eddecf8d Mon Sep 17 00:00:00 2001
From: Justus Winter <justus@sequoia-pgp.org>
Date: Mon, 18 May 2020 13:06:12 +0200
Subject: openpgp: Change PKESK::decrypt to return an Option<_>.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

  - Returning rich errors from this function may compromise secret key
    material due to Bleichenbacher-style attacks.  Change the API to
    prevent this.

  - Hat tip to Hanno Böck.

  - See #507.
---
 guide/src/chapter_02.md | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

(limited to 'guide')

diff --git a/guide/src/chapter_02.md b/guide/src/chapter_02.md
index 64ba07cb..91b01513 100644
--- a/guide/src/chapter_02.md
+++ b/guide/src/chapter_02.md
@@ -137,10 +137,11 @@ fn main() {
 #         let mut pair = key.into_keypair().unwrap();
 #
 #         pkesks[0].decrypt(&mut pair, sym_algo)
-#             .and_then(|(algo, session_key)| decrypt(algo, &session_key))
-#             .map(|_| None)
+#             .and_then(|(algo, session_key)| decrypt(algo, &session_key).ok());
+#
 #         // XXX: In production code, return the Fingerprint of the
 #         // recipient's Cert here
+#         Ok(None)
 #     }
 # }
 ```
@@ -282,10 +283,11 @@ fn generate() -> openpgp::Result<openpgp::Cert> {
 #         let mut pair = key.into_keypair().unwrap();
 #
 #         pkesks[0].decrypt(&mut pair, sym_algo)
-#             .and_then(|(algo, session_key)| decrypt(algo, &session_key))
-#             .map(|_| None)
+#             .and_then(|(algo, session_key)| decrypt(algo, &session_key).ok());
+#
 #         // XXX: In production code, return the Fingerprint of the
 #         // recipient's Cert here
+#         Ok(None)
 #     }
 # }
 ```
@@ -427,10 +429,11 @@ fn encrypt(policy: &dyn Policy,
 #         let mut pair = key.into_keypair().unwrap();
 #
 #         pkesks[0].decrypt(&mut pair, sym_algo)
-#             .and_then(|(algo, session_key)| decrypt(algo, &session_key))
-#             .map(|_| None)
+#             .and_then(|(algo, session_key)| decrypt(algo, &session_key).ok());
+#
 #         // XXX: In production code, return the Fingerprint of the
 #         // recipient's Cert here
+#         Ok(None)
 #     }
 # }
 ```
@@ -586,10 +589,11 @@ impl<'a> DecryptionHelper for Helper<'a> {
         let mut pair = key.into_keypair().unwrap();
 
         pkesks[0].decrypt(&mut pair, sym_algo)
-            .and_then(|(algo, session_key)| decrypt(algo, &session_key))
-            .map(|_| None)
+            .and_then(|(algo, session_key)| decrypt(algo, &session_key).ok());
+
         // XXX: In production code, return the Fingerprint of the
         // recipient's Cert here
+		Ok(None)
     }
 }
 ```
-- 
cgit v1.2.3