mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-23 15:07:03 +01:00
Tweaked v3 -c decryption, let --force-v4-certs use SHA-1 for all RSA keys.
This commit is contained in:
parent
961e45bf15
commit
0a036b6b03
@ -1,5 +1,11 @@
|
|||||||
2001-11-08 Werner Koch <wk@gnupg.org>
|
2001-11-08 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* pubkey-enc.c (get_it): To reduce the number of questions on the
|
||||||
|
MLs print the the name of cipher algorithm 1 with the error message.
|
||||||
|
|
||||||
|
* mainproc.c: Changed the way old rfc1991 encryption cipher is
|
||||||
|
selected. Based on a patch by W Lewis.
|
||||||
|
|
||||||
* pkclist.c (do_edit_ownertrust): Allow to skip over keys, the non
|
* pkclist.c (do_edit_ownertrust): Allow to skip over keys, the non
|
||||||
working "show info" is now assigned to "i"
|
working "show info" is now assigned to "i"
|
||||||
* trustdb.c (ask_ownertrust, validate_keys): Implement a real quit
|
* trustdb.c (ask_ownertrust, validate_keys): Implement a real quit
|
||||||
@ -11,7 +17,7 @@
|
|||||||
|
|
||||||
* g10.c, options.h : New option --[no-]froce-v4-certs.
|
* g10.c, options.h : New option --[no-]froce-v4-certs.
|
||||||
* sign.c (make_keysig_packet): Create v4 sigs on v4 keys even with
|
* sign.c (make_keysig_packet): Create v4 sigs on v4 keys even with
|
||||||
a v3 key. Use new option. By David Shaw
|
a v3 key. Use that new option. By David Shaw
|
||||||
|
|
||||||
* revoke.c (ask_revocation_reason): Allow to select "no reason".
|
* revoke.c (ask_revocation_reason): Allow to select "no reason".
|
||||||
By David Shaw.
|
By David Shaw.
|
||||||
|
@ -421,12 +421,33 @@ proc_encrypted( CTX c, PACKET *pkt )
|
|||||||
if( opt.list_only )
|
if( opt.list_only )
|
||||||
result = -1;
|
result = -1;
|
||||||
else if( !c->dek && !c->last_was_session_key ) {
|
else if( !c->dek && !c->last_was_session_key ) {
|
||||||
int algo = opt.def_cipher_algo ? opt.def_cipher_algo
|
int algo;
|
||||||
: opt.s2k_cipher_algo;
|
STRING2KEY s2kbuf, *s2k = NULL;
|
||||||
|
|
||||||
/* assume this is old style conventional encrypted data */
|
/* assume this is old style conventional encrypted data */
|
||||||
log_info(_("assuming %s encrypted data\n"),
|
if ( (algo = opt.def_cipher_algo))
|
||||||
cipher_algo_to_string (algo) );
|
log_info (_("assuming %s encrypted data\n"),
|
||||||
c->dek = passphrase_to_dek( NULL, 0, algo, NULL, 0);
|
cipher_algo_to_string(algo));
|
||||||
|
else if ( check_cipher_algo(CIPHER_ALGO_IDEA) ) {
|
||||||
|
algo = opt.def_cipher_algo;
|
||||||
|
if (!algo)
|
||||||
|
algo = opt.s2k_cipher_algo;;
|
||||||
|
log_info (_("IDEA cipher unavailable, "
|
||||||
|
"optimistically attempting to use %s instead\n"),
|
||||||
|
cipher_algo_to_string(algo));
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
algo = CIPHER_ALGO_IDEA;
|
||||||
|
if (!opt.def_digest_algo) {
|
||||||
|
/* If no digest is given we assume MD5 */
|
||||||
|
s2kbuf.mode = 0;
|
||||||
|
s2kbuf.hash_algo = DIGEST_ALGO_MD5;
|
||||||
|
s2k = &s2kbuf;
|
||||||
|
}
|
||||||
|
log_info (_("assuming %s encrypted data\n"), "IDEA");
|
||||||
|
}
|
||||||
|
|
||||||
|
c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0 );
|
||||||
if (c->dek)
|
if (c->dek)
|
||||||
c->dek->algo_info_printed = 1;
|
c->dek->algo_info_printed = 1;
|
||||||
}
|
}
|
||||||
|
@ -173,8 +173,8 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
|
|||||||
rc = check_cipher_algo( dek->algo );
|
rc = check_cipher_algo( dek->algo );
|
||||||
if( rc ) {
|
if( rc ) {
|
||||||
if( !opt.quiet && rc == G10ERR_CIPHER_ALGO ) {
|
if( !opt.quiet && rc == G10ERR_CIPHER_ALGO ) {
|
||||||
log_info(_("cipher algorithm %d is unknown or disabled\n"),
|
log_info(_("cipher algorithm %d%s is unknown or disabled\n"),
|
||||||
dek->algo);
|
dek->algo, dek->algo == CIPHER_ALGO_IDEA? " (IDEA)":"");
|
||||||
}
|
}
|
||||||
dek->algo = 0;
|
dek->algo = 0;
|
||||||
goto leave;
|
goto leave;
|
||||||
|
@ -1002,7 +1002,10 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
|
|||||||
break;
|
break;
|
||||||
case PUBKEY_ALGO_RSA_S:
|
case PUBKEY_ALGO_RSA_S:
|
||||||
case PUBKEY_ALGO_RSA:
|
case PUBKEY_ALGO_RSA:
|
||||||
digest_algo = sk->version < 4? DIGEST_ALGO_MD5 : DIGEST_ALGO_SHA1;
|
if (opt.force_v4_sigs || sk->version > 3)
|
||||||
|
digest_algo = DIGEST_ALGO_SHA1;
|
||||||
|
else
|
||||||
|
digest_algo = DIGEST_ALGO_MD5;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
digest_algo = DIGEST_ALGO_RMD160;
|
digest_algo = DIGEST_ALGO_RMD160;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user