#include "sexp-parse.h"
-#if GCRYPT_VERSION_NUMBER < 0x010700
-# define OCB_MODE_SUPPORTED 0
-#else
-# define OCB_MODE_SUPPORTED 1
-#endif
-
/* To use the openpgp-s2k3-ocb-aes scheme by default set the value of
* this macro to 1. Note that the caller of agent_protect may
* override this default. */
*resultlen = 0;
*result = NULL;
- if (use_ocb && !OCB_MODE_SUPPORTED)
- return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION);
-
modestr = (use_ocb? "openpgp-s2k3-ocb-aes"
/* */: "openpgp-s2k3-sha1-" PROT_CIPHER_STRING "-cbc");
rc = gcry_cipher_open (&hd, PROT_CIPHER,
-#if OCB_MODE_SUPPORTED
use_ocb? GCRY_CIPHER_MODE_OCB :
-#endif
GCRY_CIPHER_MODE_CBC,
GCRY_CIPHER_SECURE);
if (rc)
p += blklen;
}
assert ( p - outbuf == outlen);
-#if OCB_MODE_SUPPORTED
if (use_ocb)
{
gcry_cipher_final (hd);
}
}
else
-#endif /*OCB_MODE_SUPPORTED*/
{
rc = gcry_cipher_encrypt (hd, outbuf, enclen, NULL, 0);
}
unsigned char *outbuf;
size_t reallen;
- if (is_ocb && !OCB_MODE_SUPPORTED)
- return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION);
-
blklen = gcry_cipher_get_algo_blklen (prot_cipher);
if (is_ocb)
{
}
rc = gcry_cipher_open (&hd, prot_cipher,
-#if OCB_MODE_SUPPORTED
is_ocb? GCRY_CIPHER_MODE_OCB :
-#endif
GCRY_CIPHER_MODE_CBC,
GCRY_CIPHER_SECURE);
if (rc)
/* Decrypt. */
if (!rc)
{
-#if OCB_MODE_SUPPORTED
if (is_ocb)
{
rc = gcry_cipher_authenticate (hd, aad_begin,
rc = gcry_cipher_checktag (hd, protected + protectedlen - 16, 16);
}
else
-#endif /*OCB_MODE_SUPPORTED*/
{
rc = gcry_cipher_decrypt (hd, outbuf, protectedlen,
protected, protectedlen);
is_ocb = algotable[i].is_ocb;
break;
}
- if (i == DIM (algotable)
- || (is_ocb && !OCB_MODE_SUPPORTED))
+ if (i == DIM (algotable))
return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION);
if (!prot_cipher) /* This is "openpgp-native". */