From e2f93583af0942b855b451c74ffe11dcf702ae7e Mon Sep 17 00:00:00 2001
From: Stephen Paul Weber <singpolyma@singpolyma.net>
Date: Tue, 1 Jan 2013 13:27:34 -0500
Subject: SymmetricSessionKeyPacket

---
 Data/OpenPGP.hs                    |  31 ++++++++++++++++++++++++-------
 openpgp.cabal                      |   1 +
 tests/data/symmetrically_encrypted | Bin 0 -> 528 bytes
 tests/suite.hs                     |   1 +
 4 files changed, 26 insertions(+), 7 deletions(-)
 create mode 100644 tests/data/symmetrically_encrypted

diff --git a/Data/OpenPGP.hs b/Data/OpenPGP.hs
index 266cd9b..e71e48a 100644
--- a/Data/OpenPGP.hs
+++ b/Data/OpenPGP.hs
@@ -8,6 +8,7 @@ module Data.OpenPGP (
 	Packet(
 		AsymmetricSessionKeyPacket,
 		OnePassSignaturePacket,
+		SymmetricSessionKeyPacket,
 		PublicKeyPacket,
 		SecretKeyPacket,
 		CompressedDataPacket,
@@ -185,6 +186,13 @@ data Packet =
 		trailer::B.ByteString
 	} |
 	-- ^ <http://tools.ietf.org/html/rfc4880#section-5.2>
+	SymmetricSessionKeyPacket {
+		version::Word8,
+		symmetric_algorithm::SymmetricAlgorithm,
+		s2k::S2K,
+		encrypted_data::B.ByteString
+	} |
+	-- ^ <http://tools.ietf.org/html/rfc4880#section-5.3>
 	OnePassSignaturePacket {
 		version::Word8,
 		signature_type::Word8,
@@ -209,7 +217,7 @@ data Packet =
 		key_algorithm::KeyAlgorithm,
 		key::[(Char,MPI)],
 		s2k_useage::Word8,
-		s2k::Maybe S2K,
+		s2k::S2K, -- ^ This is meaningless if symmetric_algorithm == Unencrypted
 		symmetric_algorithm::SymmetricAlgorithm,
 		encrypted_data::B.ByteString,
 		private_hash::Maybe B.ByteString, -- ^ the hash may be in the encrypted data
@@ -403,6 +411,8 @@ put_packet (SignaturePacket { version = v,
 	Just (IssuerPacket keyidS) = find isIssuer unhashed_subpackets
 	isIssuer (IssuerPacket {}) = True
 	isIssuer _ = False
+put_packet (SymmetricSessionKeyPacket version salgo s2k encd) =
+	(B.concat [encode version, encode salgo, encode s2k, encd], 3)
 put_packet (SignaturePacket { version = 4,
                               unhashed_subpackets = unhashed_subpackets,
                               hash_head = hash_head,
@@ -435,9 +445,10 @@ put_packet (SecretKeyPacket { version = version, timestamp = timestamp,
                               encrypted_data = encrypted_data,
                               is_subkey = is_subkey }) =
 	(B.concat $ p :
-	(case s2k of
-		Just s2k -> [encode s2k_useage, encode symmetric_algorithm, encode s2k]
-		Nothing -> [encode symmetric_algorithm]
+	(if s2k_useage `elem` [254,255] then
+		[encode s2k_useage, encode symmetric_algorithm, encode s2k]
+	else
+		[encode symmetric_algorithm]
 	) ++
 	(if symmetric_algorithm /= Unencrypted then
 		[encrypted_data]
@@ -552,6 +563,12 @@ parse_packet  2 = do
 				trailer = B.concat [encode version, encode signature_type, encode key_algorithm, encode hash_algorithm, encode (fromIntegral hashed_size :: Word16), hashed_data, B.pack [4, 0xff], encode ((6 + fromIntegral hashed_size) :: Word32)]
 			}
 		x -> fail $ "Unknown SignaturePacket version " ++ show x ++ "."
+-- SymmetricSessionKeyPacket, http://tools.ietf.org/html/rfc4880#section-5.3
+parse_packet  3 = SymmetricSessionKeyPacket
+	<$> (assertProp (==4) =<< get)
+	<*> get
+	<*> get
+	<*> getRemainingByteString
 -- OnePassSignaturePacket, http://tools.ietf.org/html/rfc4880#section-5.4
 parse_packet  4 = do
 	version <- get
@@ -580,12 +597,12 @@ parse_packet  5 = do
 	s2k_useage <- get :: Get Word8
 	let k = SecretKeyPacket version timestamp algorithm key s2k_useage
 	(symmetric_algorithm, s2k) <- case () of
-		_ | s2k_useage `elem` [255, 254] -> (,) <$> get <*> fmap Just get
+		_ | s2k_useage `elem` [255, 254] -> (,) <$> get <*> get
 		_ | s2k_useage > 0 ->
 			-- s2k_useage is symmetric_type in this case
-			return (decode $ encode s2k_useage, Just $ SimpleS2K MD5)
+			return (decode $ encode s2k_useage, SimpleS2K MD5)
 		_ ->
-			return (Unencrypted, Nothing)
+			return (Unencrypted, S2K 100 B.empty)
 	if symmetric_algorithm /= Unencrypted then do {
 		encrypted <- getRemainingByteString;
 		return (k s2k symmetric_algorithm encrypted Nothing False)
diff --git a/openpgp.cabal b/openpgp.cabal
index 9a92e22..3a1e054 100644
--- a/openpgp.cabal
+++ b/openpgp.cabal
@@ -120,6 +120,7 @@ extra-source-files:
         tests/data/compressedsig.gpg,
         tests/data/compressedsig-zlib.gpg,
         tests/data/onepass_sig,
+        tests/data/symmetrically_encrypted,
         tests/data/pubring.gpg,
         tests/data/secring.gpg,
         tests/data/uncompressed-ops-dsa.gpg,
diff --git a/tests/data/symmetrically_encrypted b/tests/data/symmetrically_encrypted
new file mode 100644
index 0000000..129155a
Binary files /dev/null and b/tests/data/symmetrically_encrypted differ
diff --git a/tests/suite.hs b/tests/suite.hs
index feb5fe6..4bee6d6 100644
--- a/tests/suite.hs
+++ b/tests/suite.hs
@@ -141,6 +141,7 @@ tests =
 			testCase "compressedsig-zlib.gpg" (testSerialization "compressedsig-zlib.gpg"),
 			testCase "compressedsig-bzip2.gpg" (testSerialization "compressedsig-bzip2.gpg"),
 			testCase "onepass_sig" (testSerialization "onepass_sig"),
+			testCase "symmetrically_encrypted" (testSerialization "symmetrically_encrypted"),
 			testCase "uncompressed-ops-dsa.gpg" (testSerialization "uncompressed-ops-dsa.gpg"),
 			testCase "uncompressed-ops-dsa-sha384.txt.gpg" (testSerialization "uncompressed-ops-dsa-sha384.txt.gpg"),
 			testCase "uncompressed-ops-rsa.gpg" (testSerialization "uncompressed-ops-rsa.gpg"),
-- 
cgit v1.2.3