lysann/passforios-gopenpgp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add session key size check (#62)

Browse source 
* Add session key size check

Co-authored-by: Daniel Huigens <d.huigens@protonmail.com>
This commit is contained in:
wussler 2020-07-20 11:43:36 +02:00 committed by GitHub
parent 3b2e53c586
commit 8c04ff64a5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 50 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

14
crypto/password.go
View file

@ -62,10 +62,16 @@ func DecryptSessionKeyWithPassword(keyPacket, password []byte) (*SessionKey, err
for _, s := range symKeys {
key, cipherFunc, err := s.Decrypt(password)
if err == nil {
return &SessionKey{
sk := &SessionKey{
Key: key,
Algo: getAlgo(cipherFunc),
}, nil
}
if err = sk.checkSize(); err != nil {
return nil, errors.Wrap(err, "gopenpgp: unable to decrypt session key with password")
}
return sk, nil
}
}
}
@ -87,6 +93,10 @@ func EncryptSessionKeyWithPassword(sk *SessionKey, password []byte) ([]byte, err
return nil, errors.New("gopenpgp: password can't be empty")
}
if err = sk.checkSize(); err != nil {
return nil, errors.Wrap(err, "gopenpgp: unable to encrypt session key with password")
}
config := &packet.Config{
DefaultCipher: cf,
}