Refactor encrypted_add_password().

.github/workflows/codeql.yml

@@ -32,7 +32,7 @@ jobs:
         if: ${{ matrix.language == 'cpp' }}
         run: |
           sudo apt-get update
-          sudo apt-get install --yes libjson-c-dev libgtest-dev
+          sudo apt-get install --yes libbz2-dev libjson-c-dev libgtest-dev
 
       - name: After Prepare (cpp)
         if: ${{ matrix.language == 'cpp' }}

.github/workflows/coverity.yml

@@ -18,7 +18,7 @@ jobs:
       - name: Install dependencies
         run: |
           sudo apt-get -y update
-          sudo apt-get -y install cmake libjson-c-dev libbotan-2-dev asciidoctor
+          sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor
 
       - name: Configure
         run: |

.github/workflows/ubuntu.yml

@@ -99,7 +99,7 @@ jobs:
 #     Already installed on GHA: build-essential libbz2-dev zlib1g-dev
         run: |
           sudo apt-get -y update
-          sudo apt-get -y install cmake libjson-c-dev ${{ matrix.backend.package }} asciidoctor
+          sudo apt-get -y install cmake libbz2-dev libjson-c-dev ${{ matrix.backend.package }} asciidoctor
 
       - name: Configure
         run: |
@@ -133,7 +133,7 @@ jobs:
       - name: Install dependencies
         run: |
           sudo apt-get -y update
-          sudo apt-get -y install cmake libjson-c-dev libbotan-2-dev asciidoctor googletest
+          sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor googletest
 
       - name: Configure
         run: |
@@ -174,7 +174,7 @@ jobs:
       - name: Install dependencies
         run: |
           sudo apt-get -y update
-          sudo apt-get -y install cmake libjson-c-dev libbotan-2-dev asciidoctor googletest
+          sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor googletest
 
       - name: Build googletest
         run: |
@@ -221,7 +221,7 @@ jobs:
       - name: Install dependencies
         run: |
           sudo apt-get -y update
-          sudo apt-get -y install cmake libjson-c-dev libbotan-2-dev asciidoctor
+          sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor
 
       - name: Checkout sexpp
         uses: actions/checkout@v4
@@ -286,7 +286,7 @@ jobs:
       - name: Install dependencies
         run: |
           sudo apt-get -y update
-          sudo apt-get -y install cmake libjson-c-dev libbotan-2-dev asciidoctor
+          sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor
 
       - name: Configure
         run: |
@@ -323,7 +323,7 @@ jobs:
       - name: Install dependencies
         run: |
           sudo apt-get -y update
-          sudo apt-get -y install cmake libjson-c-dev libbotan-2-dev asciidoctor
+          sudo apt-get -y install cmake libbz2-dev libjson-c-dev libbotan-2-dev asciidoctor
 
       - name: Download source package
         uses: actions/download-artifact@v4

src/lib/crypto/mem.h

@@ -123,6 +123,12 @@ template <typename T, std::size_t N> struct secure_array {
         return &data_[0];
     }
 
+    const T *
+    data() const
+    {
+        return &data_[0];
+    }
+
     std::size_t
     size() const
     {

src/lib/ffi-priv-types.h

@@ -187,11 +187,17 @@ struct rnp_op_sign_signature_st {
 typedef std::list<rnp_op_sign_signature_st> rnp_op_sign_signatures_t;
 
 struct rnp_op_sign_st {
-    rnp_ffi_t                ffi{};
-    rnp_input_t              input{};
-    rnp_output_t             output{};
-    rnp_ctx_t                rnpctx{};
-    rnp_op_sign_signatures_t signatures{};
+    rnp_ffi_t                ffi;
+    rnp_input_t              input;
+    rnp_output_t             output;
+    rnp_ctx_t                rnpctx;
+    rnp_op_sign_signatures_t signatures;
+
+    rnp_op_sign_st(rnp_ffi_t affi, rnp_input_t in, rnp_output_t out)
+        : ffi(affi), input(in), output(out),
+          rnpctx(ffi->context, ffi->key_provider, ffi->pass_provider)
+    {
+    }
 };
 
 struct rnp_op_verify_signature_st {
@@ -201,11 +207,11 @@ struct rnp_op_verify_signature_st {
 };
 
 struct rnp_op_verify_st {
-    rnp_ffi_t    ffi{};
-    rnp_input_t  input{};
+    rnp_ffi_t    ffi;
+    rnp_input_t  input;
     rnp_input_t  detached_input{}; /* for detached signature will be source file/data */
     rnp_output_t output{};
-    rnp_ctx_t    rnpctx{};
+    rnp_ctx_t    rnpctx;
     /* these fields are filled after operation execution */
     std::vector<rnp_op_verify_signature_st> signatures_;
     pgp_literal_hdr_t                       lithdr{};
@@ -225,15 +231,25 @@ struct rnp_op_verify_st {
     rnp_symenc_handle_t                  used_symenc{};
     size_t                               encrypted_layers{};
 
+    rnp_op_verify_st(rnp_ffi_t affi, rnp_input_t in)
+        : ffi(affi), input(in), rnpctx(ffi->context, ffi->key_provider, ffi->pass_provider)
+    {
+    }
     ~rnp_op_verify_st();
 };
 
 struct rnp_op_encrypt_st {
-    rnp_ffi_t                ffi{};
-    rnp_input_t              input{};
-    rnp_output_t             output{};
-    rnp_ctx_t                rnpctx{};
-    rnp_op_sign_signatures_t signatures{};
+    rnp_ffi_t                ffi;
+    rnp_input_t              input;
+    rnp_output_t             output;
+    rnp_ctx_t                rnpctx;
+    rnp_op_sign_signatures_t signatures;
+
+    rnp_op_encrypt_st(rnp_ffi_t affi, rnp_input_t in, rnp_output_t out)
+        : ffi(affi), input(in), output(out),
+          rnpctx(ffi->context, ffi->key_provider, ffi->pass_provider)
+    {
+    }
 };
 
 #define RNP_LOCATOR_MAX_SIZE (MAX_ID_LENGTH + 1)

src/lib/logging.h

@@ -59,6 +59,9 @@ class LogStop {
 } // namespace rnp
 
 /* remove "src" */
+#ifndef SOURCE_PATH_SIZE
+#define SOURCE_PATH_SIZE 0
+#endif
 #define __SOURCE_PATH_FILE__ (&(__FILE__[SOURCE_PATH_SIZE + 3]))
 
 #define RNP_LOG_FD(fd, ...)                                                              \

src/lib/rnp.cpp

@@ -120,15 +120,6 @@ ffi_key_provider(const pgp_key_request_ctx_t *ctx, void *userdata)
     return find_key(ffi, ctx->search, ctx->secret, true);
 }
 
-static void
-rnp_ctx_init_ffi(rnp_ctx_t &ctx, rnp_ffi_t ffi)
-{
-    ctx.ctx = &ffi->context;
-    ctx.ealg = DEFAULT_PGP_SYMM_ALG;
-    ctx.aalg = PGP_AEAD_NONE;
-    ctx.abits = DEFAULT_AEAD_CHUNK_BITS;
-}
-
 static const id_str_pair sig_type_map[] = {{PGP_SIG_BINARY, "binary"},
                                            {PGP_SIG_TEXT, "text"},
                                            {PGP_SIG_STANDALONE, "standalone"},
@@ -2589,11 +2580,7 @@ try {
         return RNP_ERROR_NULL_POINTER;
     }
 
-    *op = new rnp_op_encrypt_st();
-    rnp_ctx_init_ffi((*op)->rnpctx, ffi);
-    (*op)->ffi = ffi;
-    (*op)->input = input;
-    (*op)->output = output;
+    *op = new rnp_op_encrypt_st(ffi, input, output);
     return RNP_SUCCESS;
 }
 FFI_GUARD
@@ -2876,20 +2863,6 @@ try {
 }
 FFI_GUARD
 
-static pgp_write_handler_t
-pgp_write_handler(pgp_password_provider_t *pass_provider,
-                  rnp_ctx_t *              rnpctx,
-                  void *                   param,
-                  rnp::KeyProvider *       key_provider)
-{
-    pgp_write_handler_t handler{};
-    handler.password_provider = pass_provider;
-    handler.ctx = rnpctx;
-    handler.param = param;
-    handler.key_provider = key_provider;
-    return handler;
-}
-
 static rnp_result_t
 rnp_op_add_signatures(rnp_op_sign_signatures_t &opsigs, rnp_ctx_t &ctx)
 {
@@ -2925,14 +2898,12 @@ try {
     if (!op->rnpctx.halg) {
         op->rnpctx.halg = DEFAULT_PGP_HASH_ALG;
     }
-    pgp_write_handler_t handler =
-      pgp_write_handler(&op->ffi->pass_provider, &op->rnpctx, NULL, &op->ffi->key_provider);
 
-    rnp_result_t ret;
+    rnp_result_t ret = RNP_ERROR_GENERIC;
     if (!op->signatures.empty() && (ret = rnp_op_add_signatures(op->signatures, op->rnpctx))) {
         return ret;
     }
-    ret = rnp_encrypt_sign_src(&handler, &op->input->src, &op->output->dst);
+    ret = rnp_encrypt_sign_src(op->rnpctx, op->input->src, op->output->dst);
 
     dst_flush(&op->output->dst);
     op->output->keep = ret == RNP_SUCCESS;
@@ -2958,11 +2929,7 @@ try {
         return RNP_ERROR_NULL_POINTER;
     }
 
-    *op = new rnp_op_sign_st();
-    rnp_ctx_init_ffi((*op)->rnpctx, ffi);
-    (*op)->ffi = ffi;
-    (*op)->input = input;
-    (*op)->output = output;
+    *op = new rnp_op_sign_st(ffi, input, output);
     return RNP_SUCCESS;
 }
 FFI_GUARD
@@ -3126,14 +3093,11 @@ try {
     if (!op->rnpctx.halg) {
         op->rnpctx.halg = DEFAULT_PGP_HASH_ALG;
     }
-    pgp_write_handler_t handler =
-      pgp_write_handler(&op->ffi->pass_provider, &op->rnpctx, NULL, &op->ffi->key_provider);
-
-    rnp_result_t ret;
+    rnp_result_t ret = RNP_ERROR_GENERIC;
     if ((ret = rnp_op_add_signatures(op->signatures, op->rnpctx))) {
         return ret;
     }
-    ret = rnp_sign_src(&handler, &op->input->src, &op->output->dst);
+    ret = rnp_sign_src(op->rnpctx, op->input->src, op->output->dst);
 
     dst_flush(&op->output->dst);
     op->output->keep = ret == RNP_SUCCESS;
@@ -3320,10 +3284,7 @@ try {
         return RNP_ERROR_NULL_POINTER;
     }
 
-    *op = new rnp_op_verify_st();
-    rnp_ctx_init_ffi((*op)->rnpctx, ffi);
-    (*op)->ffi = ffi;
-    (*op)->input = input;
+    *op = new rnp_op_verify_st(ffi, input);
     (*op)->output = output;
 
     return RNP_SUCCESS;
@@ -3340,11 +3301,8 @@ try {
         return RNP_ERROR_NULL_POINTER;
     }
 
-    *op = new rnp_op_verify_st();
-    rnp_ctx_init_ffi((*op)->rnpctx, ffi);
+    *op = new rnp_op_verify_st(ffi, signature);
     (*op)->rnpctx.detached = true;
-    (*op)->ffi = ffi;
-    (*op)->input = signature;
     (*op)->detached_input = input;
 
     return RNP_SUCCESS;

src/librepgp/stream-common.cpp

@@ -45,6 +45,7 @@
 #include <rnp/rnp_def.h>
 #include "rnp.h"
 #include "stream-common.h"
+#include "stream-packet.h"
 #include "types.h"
 #include "file-utils.h"
 #include "crypto/mem.h"
@@ -1230,3 +1231,18 @@ check_enforce_aes_v3_pkesk(pgp_pubkey_alg_t alg, pgp_symm_alg_t salg, pgp_pkesk_
     return (ver != PGP_PKSK_V3) || have_pkesk_checksum(alg) || pgp_is_sa_aes(salg);
 }
 #endif
+
+#if defined(ENABLE_AEAD)
+bool
+encrypted_sesk_set_ad(pgp_crypt_t &crypt, pgp_sk_sesskey_t &skey)
+{
+    uint8_t ad_data[4];
+
+    ad_data[0] = PGP_PKT_SK_SESSION_KEY | PGP_PTAG_ALWAYS_SET | PGP_PTAG_NEW_FORMAT;
+    ad_data[1] = skey.version;
+    ad_data[2] = skey.alg;
+    ad_data[3] = skey.aalg;
+
+    return pgp_cipher_aead_set_ad(&crypt, ad_data, 4);
+}
+#endif

src/librepgp/stream-common.h

@@ -563,5 +563,9 @@ bool check_enforce_aes_v3_pkesk(pgp_pubkey_alg_t    alg,
                                 pgp_symm_alg_t      salg,
                                 pgp_pkesk_version_t ver);
 #endif
+#if defined(ENABLE_AEAD)
+typedef struct pgp_sk_sesskey_t pgp_sk_sesskey_t;
+bool encrypted_sesk_set_ad(pgp_crypt_t &crypt, pgp_sk_sesskey_t &skey);
+#endif
 
 #endif

src/librepgp/stream-ctx.cpp

@@ -41,9 +41,9 @@ rnp_ctx_t::add_encryption_password(const std::string &password,
     info.s2k.usage = PGP_S2KU_ENCRYPTED_AND_HASHED;
     info.s2k.specifier = PGP_S2KS_ITERATED_AND_SALTED;
     info.s2k.hash_alg = halg;
-    ctx->rng.get(info.s2k.salt, sizeof(info.s2k.salt));
+    sec_ctx.rng.get(info.s2k.salt, sizeof(info.s2k.salt));
     if (!iterations) {
-        iterations = ctx->s2k_iterations(halg);
+        iterations = sec_ctx.s2k_iterations(halg);
     }
     if (!iterations) {
         return RNP_ERROR_BAD_PARAMETERS;

src/librepgp/stream-ctx.h

@@ -35,6 +35,8 @@
 #include <list>
 #include "pgp-key.h"
 #include "crypto/mem.h"
+#include "key-provider.h"
+#include "pass-provider.h"
 #include "sec_profile.hpp"
 
 /* signature info structure */
@@ -93,18 +95,18 @@ typedef struct rnp_symmetric_pass_info_t {
  */
 
 typedef struct rnp_ctx_t {
-    std::string    filename{};  /* name of the input file to store in literal data packet */
+    std::string    filename;    /* name of the input file to store in literal data packet */
     int64_t        filemtime{}; /* file modification time to store in literal data packet */
     int64_t        sigcreate{}; /* signature creation time */
     uint64_t       sigexpire{}; /* signature expiration time */
     bool           clearsign{}; /* cleartext signature */
     bool           detached{};  /* detached signature */
-    pgp_hash_alg_t halg{};      /* hash algorithm */
-    pgp_symm_alg_t ealg{};      /* encryption algorithm */
+    pgp_hash_alg_t halg;        /* hash algorithm */
+    pgp_symm_alg_t ealg;        /* encryption algorithm */
     int            zalg{};      /* compression algorithm used */
     int            zlevel{};    /* compression level */
-    pgp_aead_alg_t aalg{};      /* non-zero to use AEAD */
-    int            abits{};     /* AEAD chunk bits */
+    pgp_aead_alg_t aalg;        /* non-zero to use AEAD */
+    int            abits;       /* AEAD chunk bits */
     bool           overwrite{}; /* allow to overwrite output file if exists */
     bool           armor{};     /* whether to use ASCII armor on output */
     bool           no_wrap{};   /* do not wrap source in literal data packet */
@@ -114,12 +116,20 @@ typedef struct rnp_ctx_t {
 #if defined(ENABLE_PQC)
     bool pref_pqc_enc_subkey{}; /* prefer to encrypt to PQC subkey */
 #endif
-    std::list<pgp_key_t *> recipients{};              /* recipients of the encrypted message */
-    std::list<rnp_symmetric_pass_info_t> passwords{}; /* passwords to encrypt message */
-    std::list<rnp_signer_info_t>         signers{};   /* keys to which sign message */
-    rnp::SecurityContext *               ctx{};       /* pointer to rnp::RNG */
+    std::list<pgp_key_t *>               recipients; /* recipients of the encrypted message */
+    std::list<rnp_symmetric_pass_info_t> passwords;  /* passwords to encrypt message */
+    std::list<rnp_signer_info_t>         signers;    /* keys to which sign message */
+    rnp::SecurityContext &               sec_ctx;    /* security context */
+    rnp::KeyProvider &                   key_provider;  /* Key provider */
+    pgp_password_provider_t &            pass_provider; /* Password provider */
+
+    rnp_ctx_t(rnp::SecurityContext &   sctx,
+              rnp::KeyProvider &       kprov,
+              pgp_password_provider_t &pprov)
+        : halg(DEFAULT_PGP_HASH_ALG), ealg(DEFAULT_PGP_SYMM_ALG), aalg(PGP_AEAD_NONE),
+          abits(DEFAULT_AEAD_CHUNK_BITS), sec_ctx(sctx), key_provider(kprov),
+          pass_provider(pprov){};
 
-    rnp_ctx_t() = default;
     rnp_ctx_t(const rnp_ctx_t &) = delete;
     rnp_ctx_t(rnp_ctx_t &&) = delete;