[Enigmail] Better EFFail protection for old gpg versions and 3DES

Thu, 17 May 2018 01:00:04 -0700 

Hi!

I just implemented a robust detection for a missing MDC in GPGME.  This
works with all GnuPG versions since 2.0.19 (March 2012) and is future
proof.  It is based on the DECRYPTION_INFO status which GPGME already
parses.  Code speaks more than words:

--8<---------------cut here---------------start------------->8---
/* Parse the ARGS of a
 *   DECRYPTION_INFO <mdc_method> <sym_algo> [<aead_algo>]
 * status.  Returns 0 on success and updates the OPD.
 */
static gpgme_error_t
parse_decryption_info (char *args, op_data_t opd, gpgme_protocol_t protocol)
{
  char *field[3];
  int nfields;
  char *args2;
  int mdc, aead_algo;
  const char *algostr, *modestr;

  if (!args)
    return trace_gpg_error (GPG_ERR_INV_ENGINE);

  args2 = strdup (args); /* Split modifies the input string. */
  nfields = _gpgme_split_fields (args2, field, DIM (field));
  if (nfields < 2)
    {
      free (args2);
      return trace_gpg_error (GPG_ERR_INV_ENGINE); /* Required arg missing.  */
    }

  mdc     = atoi (field[0]);
  algostr = _gpgme_cipher_algo_name (atoi (field[1]), protocol);
  aead_algo    = nfields < 3? 0 : atoi (field[2]);
  modestr = _gpgme_cipher_mode_name (aead_algo, protocol);

  free (args2);

  free (opd->result.symkey_algo);
  if (!aead_algo && mdc != 2)
    opd->result.symkey_algo = _gpgme_strconcat (algostr, ".PGPCFB", NULL);
  else
    opd->result.symkey_algo = _gpgme_strconcat (algostr, ".", modestr, NULL);
  if (!opd->result.symkey_algo)
    return gpg_error_from_syserror ();

  if (!mdc && !aead_algo)
    opd->not_integrity_protected = 1;

  return 0;
}
--8<---------------cut here---------------end--------------->8---

The only change to the existing parser code is the last test which sets
a new flag.  Note that this handles future versions of gpg which will
come with a new encryption mode and emit a new AEAD_ALGO but sets MDC to
0.  It does not fail with gpgsm because gpgsm does not emit that status
line.


Salam-Shalom,

   Werner

-- 
#  Please read:  Daniel Ellsberg - The Doomsday Machine  #
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

Attachment: pgp3SMwNKV4SP.pgp
Description: PGP signature

_______________________________________________
enigmail-users mailing list
enigmail-users@enigmail.net
To unsubscribe or make changes to your subscription click here:
https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net

Reply via email to