From 3272cd7ba797dbd62275bec987082862e3409bf5 Mon Sep 17 00:00:00 2001 From: Lukas Burkhalter <10532077+lubux@users.noreply.github.com> Date: Tue, 2 Jul 2024 14:45:10 +0200 Subject: [PATCH] ECDH with a v6 key must use the full fingerprint (#211) * Fix ECDH fingeprint size for v6 keys Do not truncate the fingerprint to 20 bytes as for v5, but rather use the whole fingerprint for v6 * Fix linter issues --- openpgp/ecdh/ecdh.go | 3 +-- openpgp/packet/config.go | 2 +- openpgp/packet/encrypted_key.go | 7 ++++++- openpgp/packet/public_key.go | 5 ++--- openpgp/v2/read_test.go | 6 +----- 5 files changed, 11 insertions(+), 12 deletions(-) diff --git a/openpgp/ecdh/ecdh.go b/openpgp/ecdh/ecdh.go index c895bad6b..ae3403e9b 100644 --- a/openpgp/ecdh/ecdh.go +++ b/openpgp/ecdh/ecdh.go @@ -163,8 +163,7 @@ func buildKey(pub *PublicKey, zb []byte, curveOID, fingerprint []byte, stripLead if _, err := param.Write([]byte("Anonymous Sender ")); err != nil { return nil, err } - // For v5 keys, the 20 leftmost octets of the fingerprint are used. - if _, err := param.Write(fingerprint[:20]); err != nil { + if _, err := param.Write(fingerprint[:]); err != nil { return nil, err } if param.Len()-len(curveOID) != 45 { diff --git a/openpgp/packet/config.go b/openpgp/packet/config.go index 181d5d344..c92ca4943 100644 --- a/openpgp/packet/config.go +++ b/openpgp/packet/config.go @@ -233,7 +233,7 @@ func (c *Config) S2K() *s2k.Config { return nil } // for backwards compatibility - if c != nil && c.S2KCount > 0 && c.S2KConfig == nil { + if c.S2KCount > 0 && c.S2KConfig == nil { return &s2k.Config{ S2KCount: c.S2KCount, } diff --git a/openpgp/packet/encrypted_key.go b/openpgp/packet/encrypted_key.go index e70f9d941..583409456 100644 --- a/openpgp/packet/encrypted_key.go +++ b/openpgp/packet/encrypted_key.go @@ -181,7 +181,12 @@ func (e *EncryptedKey) Decrypt(priv *PrivateKey, config *Config) error { vsG := e.encryptedMPI1.Bytes() m := e.encryptedMPI2.Bytes() oid := priv.PublicKey.oid.EncodedBytes() - b, err = ecdh.Decrypt(priv.PrivateKey.(*ecdh.PrivateKey), vsG, m, oid, priv.PublicKey.Fingerprint[:]) + fp := priv.PublicKey.Fingerprint[:] + if priv.PublicKey.Version == 5 { + // For v5 the, the fingerprint must be restricted to 20 bytes + fp = fp[:20] + } + b, err = ecdh.Decrypt(priv.PrivateKey.(*ecdh.PrivateKey), vsG, m, oid, fp) case PubKeyAlgoX25519: b, err = x25519.Decrypt(priv.PrivateKey.(*x25519.PrivateKey), e.ephemeralPublicX25519, e.encryptedSession) case PubKeyAlgoX448: diff --git a/openpgp/packet/public_key.go b/openpgp/packet/public_key.go index 37e8f5561..e325d9bd2 100644 --- a/openpgp/packet/public_key.go +++ b/openpgp/packet/public_key.go @@ -910,8 +910,7 @@ func (pk *PublicKey) VerifyRevocationHashTag(sig *Signature) (err error) { if err != nil { return err } - err = keyRevocationHash(pk, preparedHash) - if err != nil { + if err = keyRevocationHash(pk, preparedHash); err != nil { return err } return VerifyHashTag(preparedHash, sig) @@ -924,7 +923,7 @@ func (pk *PublicKey) VerifyRevocationSignature(sig *Signature) (err error) { if err != nil { return err } - if keyRevocationHash(pk, preparedHash); err != nil { + if err = keyRevocationHash(pk, preparedHash); err != nil { return err } return pk.VerifySignature(preparedHash, sig) diff --git a/openpgp/v2/read_test.go b/openpgp/v2/read_test.go index 024ae608c..f5cf19114 100644 --- a/openpgp/v2/read_test.go +++ b/openpgp/v2/read_test.go @@ -775,11 +775,7 @@ func TestSymmetricAeadEaxOpenPGPJsMessage(t *testing.T) { } // Decrypt with key - var edp packet.EncryptedDataPacket - if err != nil { - t.Fatal(err) - } - edp = p.(*packet.AEADEncrypted) + edp := p.(*packet.AEADEncrypted) rc, err := edp.Decrypt(packet.CipherFunction(0), key) if err != nil { panic(err)