summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
c998e82)
Before opening a private key, crypt.c checks that the permissions
are restrictive enough. However, the gcrypt implementation contains
no such check. This commit adds it.
gcry_sexp_t in, out, priv_key;
size_t nbytes;
gcry_sexp_t in, out, priv_key;
size_t nbytes;
+ ret = check_key_file(key_file, true);
+ if (ret < 0)
+ return ret;
PARA_INFO_LOG("decrypting %d byte input\n", inlen);
/* key_file -> asymmetric key priv */
ret = get_private_key(key_file, &priv);
PARA_INFO_LOG("decrypting %d byte input\n", inlen);
/* key_file -> asymmetric key priv */
ret = get_private_key(key_file, &priv);