diff options
author | Christian Brabandt <cb@256bit.org> | 2023-04-23 17:50:22 +0100 |
---|---|---|
committer | Bram Moolenaar <Bram@vim.org> | 2023-04-23 17:50:22 +0100 |
commit | aae583441bcdbb0bfef3b8a1d193e04ae09ca95d (patch) | |
tree | e3cf7c27fc02e1232fe5ab8f8da32581e9782718 /src/memline.c | |
parent | dcd40cfca0fe0e65d405ce9711745a8ec846c30c (diff) |
patch 9.0.1481: decrypting with libsodium may fail if the library changesv9.0.1481
Problem: Decrypting with libsodium may fail if the library changes.
Solution: Add parameters used to the encrypted file header. (Christian
Brabandt, closes #12279)
Diffstat (limited to 'src/memline.c')
-rw-r--r-- | src/memline.c | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/src/memline.c b/src/memline.c index ea08d324ce..8a3bd16293 100644 --- a/src/memline.c +++ b/src/memline.c @@ -436,7 +436,7 @@ ml_set_mfp_crypt(buf_T *buf) sha2_seed(buf->b_ml.ml_mfp->mf_seed, MF_SEED_LEN, NULL, 0); } #ifdef FEAT_SODIUM - else if (method_nr == CRYPT_M_SOD) + else if (crypt_method_is_sodium(method_nr)) crypt_sodium_randombytes_buf(buf->b_ml.ml_mfp->mf_seed, MF_SEED_LEN); #endif @@ -495,7 +495,7 @@ ml_set_crypt_key( old_method = crypt_method_nr_from_name(old_cm); // Swapfile encryption not supported by XChaCha20 - if (crypt_get_method_nr(buf) == CRYPT_M_SOD && *buf->b_p_key != NUL) + if (crypt_method_is_sodium(crypt_get_method_nr(buf)) && *buf->b_p_key != NUL) { // close the swapfile mf_close_file(buf, TRUE); @@ -5512,6 +5512,7 @@ ml_decrypt_data( /* * Prepare for encryption/decryption, using the key, seed and offset. * Return an allocated cryptstate_T *. + * Note: Encryption not supported for SODIUM */ static cryptstate_T * ml_crypt_prepare(memfile_T *mfp, off_T offset, int reading) @@ -5520,21 +5521,23 @@ ml_crypt_prepare(memfile_T *mfp, off_T offset, int reading) char_u salt[50]; int method_nr; char_u *key; - char_u *seed; + crypt_arg_T arg; + CLEAR_FIELD(arg); if (reading && mfp->mf_old_key != NULL) { // Reading back blocks with the previous key/method/seed. method_nr = mfp->mf_old_cm; key = mfp->mf_old_key; - seed = mfp->mf_old_seed; + arg.cat_seed = mfp->mf_old_seed; } else { method_nr = crypt_get_method_nr(buf); key = buf->b_p_key; - seed = mfp->mf_seed; + arg.cat_seed = mfp->mf_seed; } + if (*key == NUL) return NULL; @@ -5543,14 +5546,24 @@ ml_crypt_prepare(memfile_T *mfp, off_T offset, int reading) // For PKzip: Append the offset to the key, so that we use a different // key for every block. vim_snprintf((char *)salt, sizeof(salt), "%s%ld", key, (long)offset); - return crypt_create(method_nr, salt, NULL, 0, NULL, 0); + arg.cat_seed = NULL; + arg.cat_init_from_file = FALSE; + + return crypt_create(method_nr, salt, &arg); } // Using blowfish or better: add salt and seed. We use the byte offset // of the block for the salt. vim_snprintf((char *)salt, sizeof(salt), "%ld", (long)offset); - return crypt_create(method_nr, key, salt, (int)STRLEN(salt), - seed, MF_SEED_LEN); + + arg.cat_salt = salt; + arg.cat_salt_len = (int)STRLEN(salt); + arg.cat_seed_len = MF_SEED_LEN; + arg.cat_add_len = 0; + arg.cat_add = NULL; + arg.cat_init_from_file = FALSE; + + return crypt_create(method_nr, key, &arg); } #endif |