* seckey-cert.c: Workaround to allow decryption of v3 keys created
authorWerner Koch <wk@gnupg.org>
Fri, 16 Aug 2002 07:13:13 +0000 (07:13 +0000)
committerWerner Koch <wk@gnupg.org>
Fri, 16 Aug 2002 07:13:13 +0000 (07:13 +0000)
with a bug in the mpi_get_secure_buffer.

g10/ChangeLog
g10/seckey-cert.c

index d083685..7d73643 100644 (file)
@@ -1,3 +1,8 @@
+2002-08-16  Werner Koch  <wk@gnupg.org>
+
+       * seckey-cert.c: Workaround to allow decryption of v3 keys created
+       with a bug in the mpi_get_secure_buffer.
+
 2002-08-14  David Shaw  <dshaw@jabberwocky.com>
 
        * hkp.c (parse_hkp_index): Properly handle really large keys
index 01f4c7b..2eadc9d 100644 (file)
@@ -158,6 +158,32 @@ do_check( PKT_secret_key *sk, const char *tryagain_text )
                csum += checksum_mpi( sk->skey[i] );
                m_free( buffer );
            }
+            if( csum != sk->csum ) {
+              /* Due to a fix of a bug in mpi_get_secure_buffer we
+                 might encounter seceret keys which are not correctly
+                 encrypted.  We fix this by a second try, this time
+                 with a reversed bug fix (the memmove below). */
+                byte *p;
+              
+                copy_secret_key( sk, save_sk );
+                cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
+                csum = 0;
+                for(i=pubkey_get_npkey (sk->pubkey_algo);
+                   i < pubkey_get_nskey (sk->pubkey_algo); i++ ) {
+                    buffer = mpi_get_secure_buffer (sk->skey[i], &nbytes,NULL);
+                    for (p=buffer; !*p && nbytes; p++, --nbytes )
+                      ;
+                    if (p != buffer)
+                      memmove (buffer, p, nbytes);
+                    cipher_sync (cipher_hd);
+                    assert (mpi_is_protected(sk->skey[i]));
+                    cipher_decrypt (cipher_hd, buffer, buffer, nbytes);
+                    mpi_set_buffer (sk->skey[i], buffer, nbytes, 0);
+                    mpi_clear_protect_flag (sk->skey[i]);
+                    csum += checksum_mpi (sk->skey[i]);
+                    m_free (buffer);
+                }
+            }
            if( opt.emulate_bugs & EMUBUG_GPGCHKSUM ) {
               csum = sk->csum;
            }