file-collection: Make it consistent about block cipher algorithm

The original code tries to encrypt the file format using AES-256-CBC, though actually AES-128-CBC was used because the key size is shorter and libgcrypt automatically degrades to AES-128-CBC based on the key size. Reported by Sophie Herold in: https://github.com/bilelmoussaoui/oo7/issues/46#issuecomment-1816286494 Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2024-12-22 04:38:55 +00:00 · 2023-11-28 14:56:19 +09:00 · 2023-11-28 14:56:19 +09:00 · 0b4769f871
commit 0b4769f871
parent 47f524e2df
1 changed files with 5 additions and 4 deletions
--- a/libsecret/secret-file-collection.c
+++ b/libsecret/secret-file-collection.c
@ -32,8 +32,9 @@ EGG_SECURE_DECLARE (secret_file_collection);
 #define MAC_ALGO GCRY_MAC_HMAC_SHA256
 #define MAC_SIZE 32

-#define CIPHER_ALGO GCRY_CIPHER_AES256
+#define CIPHER_ALGO GCRY_CIPHER_AES128
 #define CIPHER_BLOCK_SIZE 16
+#define KEY_SIZE 16
 #define IV_SIZE CIPHER_BLOCK_SIZE

 #define KEYRING_FILE_HEADER "GnomeKeyring\n\r\0\n"
@ -96,9 +97,9 @@ do_derive_key (SecretFileCollection *self)

 	password = secret_value_get (self->password, &n_password);

-	key = egg_secure_alloc (CIPHER_BLOCK_SIZE);
+	key = egg_secure_alloc (KEY_SIZE);
 	self->key = g_bytes_new_with_free_func (key,
-						CIPHER_BLOCK_SIZE,
+						KEY_SIZE,
 						egg_secure_free,
 						key);

@ -106,7 +107,7 @@ do_derive_key (SecretFileCollection *self)
 	gcry = gcry_kdf_derive (password, n_password,
 				GCRY_KDF_PBKDF2, PBKDF2_HASH_ALGO,
 				g_bytes_get_data (self->salt, NULL), n_salt,
-				self->iteration_count, CIPHER_BLOCK_SIZE, key);
+				self->iteration_count, KEY_SIZE, key);
 	return (gcry != 0) ? FALSE : TRUE;
 }