fix logic for choosing SKESK/PKESK/SEIPD versions

rnpgp · Jun 4, 2024 · 979a001 · 979a001
1 parent b74386c
commit 979a001
Showing 1 changed file with 12 additions and 9 deletions.
diff --git a/src/librepgp/stream-write.cpp b/src/librepgp/stream-write.cpp
@@ -1047,6 +1047,10 @@ init_encrypted_dst(pgp_write_handler_t *handler, pgp_dest_t *dst, pgp_dest_t *wr
     bool                        singlepass = true;
     unsigned                    pkeycount = 0;
     unsigned                    skeycount = 0;
+#if defined(ENABLE_CRYPTO_REFRESH)
+    bool                        use_v6_pkesk = false;
+    bool                        use_v6_skesk = false;
+#endif
     unsigned                    keylen;
     rnp_result_t                ret = RNP_ERROR_GENERIC;
 
@@ -1090,16 +1094,15 @@ init_encrypted_dst(pgp_write_handler_t *handler, pgp_dest_t *dst, pgp_dest_t *wr
     skeycount = handler->ctx->passwords.size();
 
 #if defined(ENABLE_CRYPTO_REFRESH)
-    /* in the case of PKESK (pkeycount > 0) and all keys are PKESKv6/SEIPDv2 capable, ugprade
-     * to AEADv2 */
-    if (handler->ctx->enable_pkesk_v6 && handler->ctx->pkeskv6_capable() && pkeycount > 0) {
-        param->auth_type = rnp::AuthType::AEADv2;
-    }
+    /* We use v6 PKESK/SKESK with v2 SEIPD if all recipients support it
+       and the variables enable_pkesk_v6 and enable_skesk_v6 are set. */
+    if (handler->ctx->aalg != PGP_AEAD_NONE) {
+        use_v6_pkesk = handler->ctx->enable_pkesk_v6 && handler->ctx->pkeskv6_capable();
+        use_v6_skesk = handler->ctx->enable_skesk_v6;
 
-    /* Use SEIPDv2 for SKESK if enabled and preconditions are met */
-    if (handler->ctx->enable_skesk_v6 && handler->ctx->aalg != PGP_AEAD_NONE &&
-        skeycount > 0) {
-        param->auth_type = rnp::AuthType::AEADv2;
+        if ((use_v6_pkesk || !pkeycount) && (use_v6_skesk || !skeycount) ) {
+            param->auth_type = rnp::AuthType::AEADv2;
+        }
     }
 #endif
     param->aalg = handler->ctx->aalg;