Hi! I just implemented a robust detection for a missing MDC in GPGME. This works with all GnuPG versions since 2.0.19 (March 2012) and is future proof. It is based on the DECRYPTION_INFO status which GPGME already parses. Code speaks more than words:
--8<---------------cut here---------------start------------->8---
/* Parse the ARGS of a
* DECRYPTION_INFO <mdc_method> <sym_algo> [<aead_algo>]
* status. Returns 0 on success and updates the OPD.
*/
static gpgme_error_t
parse_decryption_info (char *args, op_data_t opd, gpgme_protocol_t protocol)
{
char *field[3];
int nfields;
char *args2;
int mdc, aead_algo;
const char *algostr, *modestr;
if (!args)
return trace_gpg_error (GPG_ERR_INV_ENGINE);
args2 = strdup (args); /* Split modifies the input string. */
nfields = _gpgme_split_fields (args2, field, DIM (field));
if (nfields < 2)
{
free (args2);
return trace_gpg_error (GPG_ERR_INV_ENGINE); /* Required arg missing. */
}
mdc = atoi (field[0]);
algostr = _gpgme_cipher_algo_name (atoi (field[1]), protocol);
aead_algo = nfields < 3? 0 : atoi (field[2]);
modestr = _gpgme_cipher_mode_name (aead_algo, protocol);
free (args2);
free (opd->result.symkey_algo);
if (!aead_algo && mdc != 2)
opd->result.symkey_algo = _gpgme_strconcat (algostr, ".PGPCFB", NULL);
else
opd->result.symkey_algo = _gpgme_strconcat (algostr, ".", modestr, NULL);
if (!opd->result.symkey_algo)
return gpg_error_from_syserror ();
if (!mdc && !aead_algo)
opd->not_integrity_protected = 1;
return 0;
}
--8<---------------cut here---------------end--------------->8---
The only change to the existing parser code is the last test which sets
a new flag. Note that this handles future versions of gpg which will
come with a new encryption mode and emit a new AEAD_ALGO but sets MDC to
0. It does not fail with gpgsm because gpgsm does not emit that status
line.
Salam-Shalom,
Werner
--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgp3SMwNKV4SP.pgp
Description: PGP signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
