1 --- ./lib/opencdk/opencdk.h.orig 2008-06-30 16:45:51.000000000 -0400
2 +++ ./lib/opencdk/opencdk.h 2008-08-21 19:23:44.000000000 -0400
7 - CDK_S2K_ITERSALTED = 3
8 + CDK_S2K_ITERSALTED = 3,
9 + CDK_S2K_GNU_EXT = 101
10 + /* GNU S2K extensions: refer to DETAILS from GnuPG:
11 + http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/doc/DETAILS?root=GnuPG
16 --- ./lib/opencdk/read-packet.c.orig 2008-06-30 16:45:51.000000000 -0400
17 +++ ./lib/opencdk/read-packet.c 2008-08-21 19:30:09.000000000 -0400
23 +/* read about S2K at http://tools.ietf.org/html/rfc4880#section-3.7.1 */
25 read_s2k (cdk_stream_t inp, cdk_s2k_t s2k)
27 - return CDK_Not_Implemented;
30 + s2k->mode = cdk_stream_getc (inp);
31 + s2k->hash_algo = cdk_stream_getc (inp);
32 + if (s2k->mode == CDK_S2K_SIMPLE)
34 + else if (s2k->mode == CDK_S2K_SALTED || s2k->mode == CDK_S2K_ITERSALTED)
36 + if (stream_read (inp, s2k->salt, DIM (s2k->salt), &nread))
37 + return CDK_Inv_Packet;
38 + if (nread != DIM (s2k->salt))
39 + return CDK_Inv_Packet;
41 + if (s2k->mode == CDK_S2K_ITERSALTED)
42 + s2k->count = cdk_stream_getc (inp);
44 + else if (s2k->mode == CDK_S2K_GNU_EXT)
46 + /* GNU extensions to the S2K : read DETAILS from gnupg */
50 + return CDK_Not_Implemented;
58 read_symkey_enc (cdk_stream_t inp, size_t pktlen, cdk_pkt_symkey_enc_t ske)
65 return CDK_Out_Of_Core;
67 ske->cipher_algo = cdk_stream_getc (inp);
68 - s2k->mode = cdk_stream_getc (inp);
69 + ret = read_s2k(inp, s2k);
74 case CDK_S2K_SIMPLE : minlen = 0; break;
76 return CDK_Inv_Packet;
79 - s2k->hash_algo = cdk_stream_getc (inp);
80 - if (s2k->mode == CDK_S2K_SALTED || s2k->mode == CDK_S2K_ITERSALTED)
82 - if (stream_read (inp, s2k->salt, DIM (s2k->salt), &nread))
83 - return CDK_Inv_Packet;
84 - if (nread != DIM (s2k->salt))
85 - return CDK_Inv_Packet;
87 - if (s2k->mode == CDK_S2K_ITERSALTED)
88 - s2k->count = cdk_stream_getc (inp);
91 ske->seskeylen = pktlen - 4 - minlen;
92 /* We check if there is an encrypted session key and if it fits into
93 the buffer. The maximal key length is 256-bit. */
95 rc = read_s2k (inp, sk->protect.s2k);
98 - sk->protect.ivlen = gcry_cipher_get_algo_blklen (sk->protect.algo);
99 - if (!sk->protect.ivlen)
100 - return CDK_Inv_Packet;
101 - rc = stream_read (inp, sk->protect.iv, sk->protect.ivlen, &nread);
104 - if (nread != sk->protect.ivlen)
105 - return CDK_Inv_Packet;
106 + /* refer to --export-secret-subkeys in gpg(1) */
107 + if (sk->protect.s2k->mode == CDK_S2K_GNU_EXT)
108 + sk->protect.ivlen = 0;
110 + sk->protect.ivlen = gcry_cipher_get_algo_blklen (sk->protect.algo);
111 + if (!sk->protect.ivlen)
112 + return CDK_Inv_Packet;
113 + rc = stream_read (inp, sk->protect.iv, sk->protect.ivlen, &nread);
116 + if (nread != sk->protect.ivlen)
117 + return CDK_Inv_Packet;
121 sk->protect.algo = sk->s2k_usage;
123 return CDK_Out_Of_Core;
124 if (stream_read (inp, sk->encdata, sk->enclen, &nread))
125 return CDK_Inv_Packet;
126 + /* Handle the GNU S2K extensions we know (just gnu-dummy right now): */
127 + if (sk->protect.s2k->mode == CDK_S2K_GNU_EXT) {
128 + unsigned char gnumode;
129 + if ((sk->enclen < strlen("GNU") + 1) ||
130 + (0 != memcmp("GNU", sk->encdata, strlen("GNU"))))
131 + return CDK_Inv_Packet;
132 + gnumode = sk->encdata[strlen("GNU")];
133 + /* we only handle gnu-dummy (mode 1).
134 + mode 2 should refer to external smart cards.
137 + return CDK_Inv_Packet;
138 + /* gnu-dummy should have no more data */
139 + if (sk->enclen != strlen("GNU") + 1)
140 + return CDK_Inv_Packet;
142 nskey = cdk_pk_get_nskey (sk->pk->pubkey_algo);