Home GnuPG
Diffusion GnuPG b08418d22cc8

gpg: Fix ugly error message for an unknown symkey algorithm.

Description

gpg: Fix ugly error message for an unknown symkey algorithm.

* g10/mainproc.c (proc_symkey_enc): Do not continue with an unknown
algorithm.

Trying to encrypt data created with

printf "\x8c\x49\x05\x0e\x0a\x03\x01"

fails in version 2.2.19 with

gpg: packet(3) with unknown version 5

but with later versions with

gpg: encrypted with unknown algorithm 14
gpg: Ohhhh jeeee: ... this is a bug \
     ([...]/passphrase.c:433:passphrase_to_dek)

so we better catch this case earlier.

  • Reported-by: Tavis Ormandy
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance
wernerAuthored on Jan 27 2021, 11:45 AM
Parents
rGfb84674d6c64: scd:p15: Factor the commonObjectAttributes parser out.
Branches
Unknown
Tags
Unknown

Event Timeline

Jab added tasks: T5068: LDAP keyserver does not support lookup by fingerprint, T5069: Concurrent auto-start of gpg-agent by multiple gpg instances., T5070: Retain the exact name of the archive when extracting/decrypting via gpgtar, T5076: [solved] gpg-agent respawn another process randomly and causes cached passphrase check failed / expired, T5079: Add compliance flag to trustlist.txt, T5083: usecase for --detach-sign as the default signature creation method, T5084: Using GPGWin 3.1.13, Putty fails to load the private key from a YubiKey, T5085: Filter APDUs in log output, T5090: The name field of kleo's key gen wizard is falsely marked as optional, T5094: Kleopatra: Add "revsig" support, T5091: Kleopatra: Close all tabs except this one, T5096: Kleopatra: Remove X509 as much as possible, T5099: Confirmation dialog for remote access (restricted extra socket), T5100: OpenPGP app overwrites Yubikey serial number, T5105: can't find users with Kleopatra when press "Look up on server", T5110: Primary Key Binding Signature not updated when updating Subkey Binding Signature, T5114: GnuPG fails to import back generated and exported EdDSA secret key., T5116: GnuPG master shows an error when importing Ed25519 keys generated, T5118: gpgconf: Master does not show some values, T5119: TOFU messages are not completely and correctly localized to German, T5120: Incompatible Ed25519 secret key (no-encryption), T5122: Importing secret key with wrong passphrase may result GPG_ERR_MISSING_VALUE (should be able to be tried 3 times), T5123: Kleopatra: Generate OpenPGP pubkey S/MIME CSR from existing card, T5124: Kleopatra GUI Not Working, T5125: Kleopatra: Generate OpenPGP public key for OpenPGP card key, T5126: Kleopatra: Generate OpenPGP public key for PIV card key, T5127: Kleopatra: Generate S/MIME CSR for PIV card key, T5128: Kleopatra: Generate OpenPGP public key for NetKey card key, T5129: Kleopatra: Generate S/MIME CSR for NetKey card key, T5134: GPG - will not sign nor verify the pin when using a contactless reader, T5135: Provide more practical thread-safe strerror, perhaps with strerror_l, T5137: gpg-agent 2.x poor performance / futex errors, T5138: Change Reset Code not working in Kleopatra, T5145: gpgsm: Export secret key failures return zero, T5148: gnupg.org mail server doesn't encrypt outgoing mail, T5149: Incorrect error handling in export_key_minimal(), T5152: PGP/MIME e-mails are not decrypted, T5154: Kleopatra: Failed to move backup when generating cardkey, T5155: GPGol: Will work for one user and not another on the same machine. Windows 10 Outlook 2016 GPGOL 2.4.8 (gpg4win-3.1.14), T5156: Automatically dismiss the popup 'please insert card with S/N...', T5157: libgcrypt: ARM64 Builds on macOS fail, T5162: Import problem due to disabled brainpool curves, T5164: GpgOL: Check that verify errors still show a decrypted message on decrypt & verify, T5165: GpgOL plugin attachments showup intermittently , T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d, T5171: Wish: in GPA add other types of keys such as Kleopatra, T5172: GPA crashes in the pubkey preferences "use advanced mode" switching, T5173: GPA Could not show link.Jan 27 2021, 11:55 AM
Jab added tasks: T5068: LDAP keyserver does not support lookup by fingerprint, T5069: Concurrent auto-start of gpg-agent by multiple gpg instances., T5070: Retain the exact name of the archive when extracting/decrypting via gpgtar, T5076: [solved] gpg-agent respawn another process randomly and causes cached passphrase check failed / expired, T5079: Add compliance flag to trustlist.txt, T5083: usecase for --detach-sign as the default signature creation method, T5084: Using GPGWin 3.1.13, Putty fails to load the private key from a YubiKey, T5085: Filter APDUs in log output, T5090: The name field of kleo's key gen wizard is falsely marked as optional, T5094: Kleopatra: Add "revsig" support, T5091: Kleopatra: Close all tabs except this one, T5096: Kleopatra: Remove X509 as much as possible, T5099: Confirmation dialog for remote access (restricted extra socket), T5100: OpenPGP app overwrites Yubikey serial number, T5105: can't find users with Kleopatra when press "Look up on server", T5110: Primary Key Binding Signature not updated when updating Subkey Binding Signature, T5114: GnuPG fails to import back generated and exported EdDSA secret key., T5116: GnuPG master shows an error when importing Ed25519 keys generated, T5118: gpgconf: Master does not show some values, T5119: TOFU messages are not completely and correctly localized to German, T5120: Incompatible Ed25519 secret key (no-encryption), T5122: Importing secret key with wrong passphrase may result GPG_ERR_MISSING_VALUE (should be able to be tried 3 times), T5123: Kleopatra: Generate OpenPGP pubkey S/MIME CSR from existing card, T5124: Kleopatra GUI Not Working, T5125: Kleopatra: Generate OpenPGP public key for OpenPGP card key, T5126: Kleopatra: Generate OpenPGP public key for PIV card key, T5127: Kleopatra: Generate S/MIME CSR for PIV card key, T5128: Kleopatra: Generate OpenPGP public key for NetKey card key, T5129: Kleopatra: Generate S/MIME CSR for NetKey card key, T5134: GPG - will not sign nor verify the pin when using a contactless reader, T5135: Provide more practical thread-safe strerror, perhaps with strerror_l, T5137: gpg-agent 2.x poor performance / futex errors, T5138: Change Reset Code not working in Kleopatra, T5145: gpgsm: Export secret key failures return zero, T5148: gnupg.org mail server doesn't encrypt outgoing mail, T5149: Incorrect error handling in export_key_minimal(), T5152: PGP/MIME e-mails are not decrypted, T5154: Kleopatra: Failed to move backup when generating cardkey, T5155: GPGol: Will work for one user and not another on the same machine. Windows 10 Outlook 2016 GPGOL 2.4.8 (gpg4win-3.1.14), T5156: Automatically dismiss the popup 'please insert card with S/N...', T5157: libgcrypt: ARM64 Builds on macOS fail, T5162: Import problem due to disabled brainpool curves, T5164: GpgOL: Check that verify errors still show a decrypted message on decrypt & verify, T5165: GpgOL plugin attachments showup intermittently , T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d, T5171: Wish: in GPA add other types of keys such as Kleopatra, T5172: GPA crashes in the pubkey preferences "use advanced mode" switching, T5173: GPA Could not show link.
aheinecke removed tasks: T5268: macOS getentropy, T5267: Ed25519 backward compatible private key support for preceding ZERO(s), T5265: gpgol cannot open decrypted plain text message, T5173: GPA Could not show link, T5172: GPA crashes in the pubkey preferences "use advanced mode" switching, T5171: Wish: in GPA add other types of keys such as Kleopatra, T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d, T5165: GpgOL plugin attachments showup intermittently , T5164: GpgOL: Check that verify errors still show a decrypted message on decrypt & verify, T5162: Import problem due to disabled brainpool curves, T5157: libgcrypt: ARM64 Builds on macOS fail, T5156: Automatically dismiss the popup 'please insert card with S/N...', T5155: GPGol: Will work for one user and not another on the same machine. Windows 10 Outlook 2016 GPGOL 2.4.8 (gpg4win-3.1.14), T5154: Kleopatra: Failed to move backup when generating cardkey, T5152: PGP/MIME e-mails are not decrypted, T5149: Incorrect error handling in export_key_minimal(), T5148: gnupg.org mail server doesn't encrypt outgoing mail, T5145: gpgsm: Export secret key failures return zero, T5138: Change Reset Code not working in Kleopatra, T5137: gpg-agent 2.x poor performance / futex errors, T5135: Provide more practical thread-safe strerror, perhaps with strerror_l, T5134: GPG - will not sign nor verify the pin when using a contactless reader, T5129: Kleopatra: Generate S/MIME CSR for NetKey card key, T5128: Kleopatra: Generate OpenPGP public key for NetKey card key, T5127: Kleopatra: Generate S/MIME CSR for PIV card key, T5126: Kleopatra: Generate OpenPGP public key for PIV card key, T5125: Kleopatra: Generate OpenPGP public key for OpenPGP card key, T5124: Kleopatra GUI Not Working, T5123: Kleopatra: Generate OpenPGP pubkey S/MIME CSR from existing card, T5122: Importing secret key with wrong passphrase may result GPG_ERR_MISSING_VALUE (should be able to be tried 3 times), T5120: Incompatible Ed25519 secret key (no-encryption), T5119: TOFU messages are not completely and correctly localized to German, T5118: gpgconf: Master does not show some values, T5116: GnuPG master shows an error when importing Ed25519 keys generated, T5114: GnuPG fails to import back generated and exported EdDSA secret key., T5110: Primary Key Binding Signature not updated when updating Subkey Binding Signature, T5105: can't find users with Kleopatra when press "Look up on server", T5100: OpenPGP app overwrites Yubikey serial number, T5099: Confirmation dialog for remote access (restricted extra socket), T5096: Kleopatra: Remove X509 as much as possible, T5091: Kleopatra: Close all tabs except this one, T5094: Kleopatra: Add "revsig" support, T5090: The name field of kleo's key gen wizard is falsely marked as optional, T5085: Filter APDUs in log output, T5084: Using GPGWin 3.1.13, Putty fails to load the private key from a YubiKey, T5083: usecase for --detach-sign as the default signature creation method, T5079: Add compliance flag to trustlist.txt, T5076: [solved] gpg-agent respawn another process randomly and causes cached passphrase check failed / expired, T5070: Retain the exact name of the archive when extracting/decrypting via gpgtar, T5069: Concurrent auto-start of gpg-agent by multiple gpg instances..
aheinecke removed tasks: T5268: macOS getentropy, T5267: Ed25519 backward compatible private key support for preceding ZERO(s), T5265: gpgol cannot open decrypted plain text message, T5173: GPA Could not show link, T5172: GPA crashes in the pubkey preferences "use advanced mode" switching, T5171: Wish: in GPA add other types of keys such as Kleopatra, T5170: card: Allow use cases with no corresponding *.key file under private-keys-v1.d, T5165: GpgOL plugin attachments showup intermittently , T5164: GpgOL: Check that verify errors still show a decrypted message on decrypt & verify, T5162: Import problem due to disabled brainpool curves, T5157: libgcrypt: ARM64 Builds on macOS fail, T5156: Automatically dismiss the popup 'please insert card with S/N...', T5155: GPGol: Will work for one user and not another on the same machine. Windows 10 Outlook 2016 GPGOL 2.4.8 (gpg4win-3.1.14), T5154: Kleopatra: Failed to move backup when generating cardkey, T5152: PGP/MIME e-mails are not decrypted, T5149: Incorrect error handling in export_key_minimal(), T5148: gnupg.org mail server doesn't encrypt outgoing mail, T5145: gpgsm: Export secret key failures return zero, T5138: Change Reset Code not working in Kleopatra, T5137: gpg-agent 2.x poor performance / futex errors, T5135: Provide more practical thread-safe strerror, perhaps with strerror_l, T5134: GPG - will not sign nor verify the pin when using a contactless reader, T5129: Kleopatra: Generate S/MIME CSR for NetKey card key, T5128: Kleopatra: Generate OpenPGP public key for NetKey card key, T5127: Kleopatra: Generate S/MIME CSR for PIV card key, T5126: Kleopatra: Generate OpenPGP public key for PIV card key, T5125: Kleopatra: Generate OpenPGP public key for OpenPGP card key, T5124: Kleopatra GUI Not Working, T5123: Kleopatra: Generate OpenPGP pubkey S/MIME CSR from existing card, T5122: Importing secret key with wrong passphrase may result GPG_ERR_MISSING_VALUE (should be able to be tried 3 times), T5120: Incompatible Ed25519 secret key (no-encryption), T5119: TOFU messages are not completely and correctly localized to German, T5118: gpgconf: Master does not show some values, T5116: GnuPG master shows an error when importing Ed25519 keys generated, T5114: GnuPG fails to import back generated and exported EdDSA secret key., T5110: Primary Key Binding Signature not updated when updating Subkey Binding Signature, T5105: can't find users with Kleopatra when press "Look up on server", T5100: OpenPGP app overwrites Yubikey serial number, T5099: Confirmation dialog for remote access (restricted extra socket), T5096: Kleopatra: Remove X509 as much as possible, T5091: Kleopatra: Close all tabs except this one, T5094: Kleopatra: Add "revsig" support, T5090: The name field of kleo's key gen wizard is falsely marked as optional, T5085: Filter APDUs in log output, T5084: Using GPGWin 3.1.13, Putty fails to load the private key from a YubiKey, T5083: usecase for --detach-sign as the default signature creation method, T5079: Add compliance flag to trustlist.txt, T5076: [solved] gpg-agent respawn another process randomly and causes cached passphrase check failed / expired, T5070: Retain the exact name of the archive when extracting/decrypting via gpgtar, T5069: Concurrent auto-start of gpg-agent by multiple gpg instances..