file-collection: Make it consistent about block cipher algorithm

The original code tries to encrypt the file format using AES-256-CBC,
though actually AES-128-CBC was used because the key size is shorter
and libgcrypt automatically degrades to AES-128-CBC based on the key
size.  Reported by Sophie Herold in:
https://github.com/bilelmoussaoui/oo7/issues/46#issuecomment-1816286494

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
This commit is contained in:
Daiki Ueno 2023-11-28 14:56:19 +09:00
parent 47f524e2df
commit 0b4769f871

View File

@ -32,8 +32,9 @@ EGG_SECURE_DECLARE (secret_file_collection);
#define MAC_ALGO GCRY_MAC_HMAC_SHA256 #define MAC_ALGO GCRY_MAC_HMAC_SHA256
#define MAC_SIZE 32 #define MAC_SIZE 32
#define CIPHER_ALGO GCRY_CIPHER_AES256 #define CIPHER_ALGO GCRY_CIPHER_AES128
#define CIPHER_BLOCK_SIZE 16 #define CIPHER_BLOCK_SIZE 16
#define KEY_SIZE 16
#define IV_SIZE CIPHER_BLOCK_SIZE #define IV_SIZE CIPHER_BLOCK_SIZE
#define KEYRING_FILE_HEADER "GnomeKeyring\n\r\0\n" #define KEYRING_FILE_HEADER "GnomeKeyring\n\r\0\n"
@ -96,9 +97,9 @@ do_derive_key (SecretFileCollection *self)
password = secret_value_get (self->password, &n_password); password = secret_value_get (self->password, &n_password);
key = egg_secure_alloc (CIPHER_BLOCK_SIZE); key = egg_secure_alloc (KEY_SIZE);
self->key = g_bytes_new_with_free_func (key, self->key = g_bytes_new_with_free_func (key,
CIPHER_BLOCK_SIZE, KEY_SIZE,
egg_secure_free, egg_secure_free,
key); key);
@ -106,7 +107,7 @@ do_derive_key (SecretFileCollection *self)
gcry = gcry_kdf_derive (password, n_password, gcry = gcry_kdf_derive (password, n_password,
GCRY_KDF_PBKDF2, PBKDF2_HASH_ALGO, GCRY_KDF_PBKDF2, PBKDF2_HASH_ALGO,
g_bytes_get_data (self->salt, NULL), n_salt, g_bytes_get_data (self->salt, NULL), n_salt,
self->iteration_count, CIPHER_BLOCK_SIZE, key); self->iteration_count, KEY_SIZE, key);
return (gcry != 0) ? FALSE : TRUE; return (gcry != 0) ? FALSE : TRUE;
} }