From 2b8d8369d59249b89526c18c5ac276e6445dc35e Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 12 Aug 2014 10:36:30 +0200
Subject: [PATCH] gpg: Remove options --pgp2 and --rfc1991.

* g10/gpg.c (oRFC1991, oPGP2): Remove
(opts): Remove --pgp2 and --rfc1991.
* g10/options.h (CO_PGP2, CO_RFC1991): Remove.  Remove all users.
(RFC2440, PGP2): Remove.  Remove all code only enabled by these
conditions.
* tests/openpgp/clearsig.test: Remove --rfc1991 test.
--

The use of PGP 2.c is considered insecure for quite some time
now (e.g. due to the use of MD5).  Thus we remove all support for
_creating_ PGP 2 compatible messages.
---
 NEWS                        |  3 ++
 doc/gpg.texi                | 12 ++++-
 g10/cipher.c                |  2 +-
 g10/encrypt.c               | 46 +++++---------------
 g10/gpg.c                   | 87 ++-----------------------------------
 g10/keyedit.c               | 38 +---------------
 g10/keygen.c                | 10 -----
 g10/misc.c                  | 10 -----
 g10/options.h               |  6 +--
 g10/pkclist.c               | 16 ++-----
 g10/revoke.c                |  2 +-
 g10/server.c                |  4 --
 g10/sign.c                  | 51 +++++++---------------
 tests/openpgp/clearsig.test | 13 +-----
 14 files changed, 51 insertions(+), 249 deletions(-)

diff --git a/NEWS b/NEWS
index 2fcbaeb5b..d78c6d794 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,9 @@
 Noteworthy changes in version 2.1.0-betaxxx (unreleased)
 --------------------------------------------------------
 
+ * gpg: Removed the option --pgp2 and --rfc1991 and the ability to
+   create PGP-2 compatible messages.
+
 
 Noteworthy changes in version 2.1.0-beta751 (2014-07-03)
 --------------------------------------------------------
diff --git a/doc/gpg.texi b/doc/gpg.texi
index d0da83706..36aa18ef1 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1476,7 +1476,7 @@ Set what trust model GnuPG should follow. The models are:
 
   @item classic
   @opindex trust-mode:classic
-  This is the standard Web of Trust as used in PGP 2.x and earlier.
+  This is the standard Web of Trust as introduced by PGP 2.
 
   @item direct
   @opindex trust-mode:direct
@@ -2342,9 +2342,11 @@ behavior. Note that this is currently the same thing as
 Reset all packet, cipher and digest options to strict RFC-2440
 behavior.
 
+@ifclear gpgtowone
 @item --rfc1991
 @opindex rfc1991
-Try to be more RFC-1991 (PGP 2.x) compliant.
+Try to be more RFC-1991 (PGP 2.x) compliant.  This option is
+deprecated will be removed in GnuPG 2.1.
 
 @item --pgp2
 @opindex pgp2
@@ -2367,6 +2369,12 @@ This option implies
 @end ifclear
 It also disables @option{--textmode} when encrypting.
 
+This option is deprecated will be removed in GnuPG 2.1.  The reason
+for dropping PGP-2 support is that the PGP 2 format is not anymore
+considered safe (for example due to the use of the broken MD5 algorithm).
+Note that the decryption of PGP-2 created messages will continue to work.
+@end ifclear
+
 @item --pgp6
 @opindex pgp6
 Set up all options to be as PGP 6 compliant as possible. This
diff --git a/g10/cipher.c b/g10/cipher.c
index 10f0ebb96..b72b144bb 100644
--- a/g10/cipher.c
+++ b/g10/cipher.c
@@ -56,7 +56,7 @@ write_header( cipher_filter_context_t *cfx, IOBUF a )
     memset( &ed, 0, sizeof ed );
     ed.len = cfx->datalen;
     ed.extralen = blocksize+2;
-    ed.new_ctb = !ed.len && !RFC1991;
+    ed.new_ctb = !ed.len;
     if( cfx->dek->use_mdc ) {
 	ed.mdc_method = DIGEST_ALGO_SHA1;
 	gcry_md_open (&cfx->mdc_hash, DIGEST_ALGO_SHA1, 0);
diff --git a/g10/encrypt.c b/g10/encrypt.c
index 5b10b73ea..d1ce933c2 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -104,8 +104,8 @@ encrypt_seskey (DEK *dek, DEK **seskey, byte *enckey)
 static int
 use_mdc(PK_LIST pk_list,int algo)
 {
-  /* RFC-1991 and 2440 don't have MDC */
-  if(RFC1991 || RFC2440)
+  /* RFC-2440 don't has MDC */
+  if (RFC2440)
     return 0;
 
   /* --force-mdc overrides --disable-mdc */
@@ -174,7 +174,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
   compress_filter_context_t zfx;
   text_filter_context_t tfx;
   progress_filter_context_t *pfx;
-  int do_compress = !RFC1991 && default_compress_algo();
+  int do_compress = !!default_compress_algo();
 
   pfx = new_progress_context ();
   memset( &cfx, 0, sizeof cfx);
@@ -206,19 +206,13 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
   if (opt.textmode)
     iobuf_push_filter( inp, text_filter, &tfx );
 
-  /* Due the the fact that we use don't use an IV to encrypt the
-     session key we can't use the new mode with RFC1991 because it has
-     no S2K salt.  RFC1991 always uses simple S2K. */
-  if ( RFC1991 && use_seskey )
-    use_seskey = 0;
-
   cfx.dek = NULL;
   if ( mode )
     {
       int canceled;
 
       s2k = xmalloc_clear( sizeof *s2k );
-      s2k->mode = RFC1991? 0:opt.s2k_mode;
+      s2k->mode = opt.s2k_mode;
       s2k->hash_algo = S2K_DIGEST_ALGO;
       cfx.dek = passphrase_to_dek (NULL, 0,
                                    default_cipher_algo(), s2k, 4,
@@ -279,7 +273,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
       push_armor_filter (afx, out);
     }
 
-  if ( s2k && !RFC1991 )
+  if ( s2k )
     {
       PKT_symkey_enc *enc = xmalloc_clear( sizeof *enc + seskeylen + 1 );
       enc->version = 4;
@@ -335,7 +329,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
       pt->timestamp = make_timestamp();
       pt->mode = opt.textmode? 't' : 'b';
       pt->len = filesize;
-      pt->new_ctb = !pt->len && !RFC1991;
+      pt->new_ctb = !pt->len;
       pt->buf = inp;
       pkt.pkttype = PKT_PLAINTEXT;
       pkt.pkt.plaintext = pt;
@@ -478,13 +472,13 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
   compress_filter_context_t zfx;
   text_filter_context_t tfx;
   progress_filter_context_t *pfx;
-  PK_LIST pk_list, work_list;
+  PK_LIST pk_list;
   int do_compress;
 
   if (filefd != -1 && filename)
     return gpg_error (GPG_ERR_INV_ARG);
 
-  do_compress = opt.compress_algo && !RFC1991;
+  do_compress = !!opt.compress_algo;
 
   pfx = new_progress_context ();
   memset( &cfx, 0, sizeof cfx);
@@ -510,19 +504,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
         }
     }
 
-  if(PGP2)
-    {
-      for (work_list=pk_list; work_list; work_list=work_list->next)
-        if (!(is_RSA (work_list->pk->pubkey_algo)
-              && nbits_from_pk (work_list->pk) <= 2048))
-          {
-            log_info(_("you can only encrypt to RSA keys of 2048 bits or "
-                       "less in --pgp2 mode\n"));
-            compliance_failure();
-            break;
-          }
-    }
-
   /* Prepare iobufs. */
 #ifdef HAVE_W32_SYSTEM
   if (filefd == -1)
@@ -592,13 +573,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
       if (cfx.dek->algo == -1)
         {
           cfx.dek->algo = CIPHER_ALGO_3DES;
-
-          if (PGP2)
-            {
-              log_info(_("unable to use the IDEA cipher for all of the keys "
-                         "you are encrypting to.\n"));
-              compliance_failure();
-            }
         }
 
       /* In case 3DES has been selected, print a warning if any key
@@ -687,7 +661,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
       pt->timestamp = make_timestamp();
       pt->mode = opt.textmode ? 't' : 'b';
       pt->len = filesize;
-      pt->new_ctb = !pt->len && !RFC1991;
+      pt->new_ctb = !pt->len;
       pt->buf = inp;
       pkt.pkttype = PKT_PLAINTEXT;
       pkt.pkt.plaintext = pt;
@@ -895,7 +869,7 @@ write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out)
       keyid_from_pk( pk, enc->keyid );
       enc->throw_keyid = (opt.throw_keyid || (pk_list->flags&1));
 
-      if (opt.throw_keyid && (PGP2 || PGP6 || PGP7 || PGP8))
+      if (opt.throw_keyid && (PGP6 || PGP7 || PGP8))
         {
           log_info(_("you may not use %s while in %s mode\n"),
                    "--throw-keyid",compliance_option_string());
diff --git a/g10/gpg.c b/g10/gpg.c
index f5b22311f..7ba193b6f 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -205,11 +205,9 @@ enum cmd_and_opt_values
     oMaxCertDepth,
     oLoadExtension,
     oGnuPG,
-    oRFC1991,
     oRFC2440,
     oRFC4880,
     oOpenPGP,
-    oPGP2,
     oPGP6,
     oPGP7,
     oPGP8,
@@ -573,11 +571,9 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oGnuPG, "no-pgp6", "@"),
   ARGPARSE_s_n (oGnuPG, "no-pgp7", "@"),
   ARGPARSE_s_n (oGnuPG, "no-pgp8", "@"),
-  ARGPARSE_s_n (oRFC1991, "rfc1991", "@"),
   ARGPARSE_s_n (oRFC2440, "rfc2440", "@"),
   ARGPARSE_s_n (oRFC4880, "rfc4880", "@"),
   ARGPARSE_s_n (oOpenPGP, "openpgp", N_("use strict OpenPGP behavior")),
-  ARGPARSE_s_n (oPGP2, "pgp2", "@"),
   ARGPARSE_s_n (oPGP6, "pgp6", "@"),
   ARGPARSE_s_n (oPGP7, "pgp7", "@"),
   ARGPARSE_s_n (oPGP8, "pgp8", "@"),
@@ -2484,11 +2480,6 @@ main (int argc, char **argv)
             /* Dummy so that gpg 1.4 conf files can work. Should
                eventually be removed.  */
 	    break;
-	  case oRFC1991:
-	    opt.compliance = CO_RFC1991;
-	    opt.force_v4_certs = 0;
-	    opt.escape_from = 1;
-	    break;
 	  case oOpenPGP:
 	  case oRFC4880:
 	    /* This is effectively the same as RFC2440, but with
@@ -2530,7 +2521,6 @@ main (int argc, char **argv)
 	    opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
 	    opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
 	    break;
-	  case oPGP2:  opt.compliance = CO_PGP2;  break;
 	  case oPGP6:  opt.compliance = CO_PGP6;  break;
 	  case oPGP7:  opt.compliance = CO_PGP7;  break;
 	  case oPGP8:  opt.compliance = CO_PGP8;  break;
@@ -3238,78 +3228,7 @@ main (int argc, char **argv)
       log_clock ("start");
 
     /* Do these after the switch(), so they can override settings. */
-    if(PGP2)
-      {
-	int unusable=0;
-
-	if(cmd==aSign && !detached_sig)
-	  {
-	    log_info(_("you can only make detached or clear signatures "
-		       "while in --pgp2 mode\n"));
-	    unusable=1;
-	  }
-	else if(cmd==aSignEncr || cmd==aSignSym)
-	  {
-	    log_info(_("you can't sign and encrypt at the "
-		       "same time while in --pgp2 mode\n"));
-	    unusable=1;
-	  }
-	else if(argc==0 && (cmd==aSign || cmd==aEncr || cmd==aSym))
-	  {
-	    log_info(_("you must use files (and not a pipe) when "
-		       "working with --pgp2 enabled.\n"));
-	    unusable=1;
-	  }
-	else if(cmd==aEncr || cmd==aSym)
-	  {
-	    /* Everything else should work without IDEA (except using
-	       a secret key encrypted with IDEA and setting an IDEA
-	       preference, but those have their own error
-	       messages). */
-
-	    if (openpgp_cipher_test_algo(CIPHER_ALGO_IDEA))
-	      {
-		log_info(_("encrypting a message in --pgp2 mode requires "
-			   "the IDEA cipher\n"));
-		unusable=1;
-	      }
-	    else if(cmd==aSym)
-	      {
-		/* This only sets IDEA for symmetric encryption
-		   since it is set via select_algo_from_prefs for
-		   pk encryption. */
-		xfree(def_cipher_string);
-		def_cipher_string = xstrdup("idea");
-	      }
-
-	    /* PGP2 can't handle the output from the textmode
-	       filter, so we disable it for anything that could
-	       create a literal packet (only encryption and
-	       symmetric encryption, since we disable signing
-	       above). */
-	    if(!unusable)
-	      opt.textmode=0;
-	  }
-
-	if(unusable)
-	  compliance_failure();
-	else
-	  {
-	    opt.force_v4_certs = 0;
-	    opt.escape_from = 1;
-	    opt.force_v3_sigs = 1;
-	    opt.pgp2_workarounds = 1;
-	    opt.ask_sig_expire = 0;
-	    opt.ask_cert_expire = 0;
-            opt.flags.allow_weak_digest_algos = 1;
-	    xfree(def_digest_string);
-	    def_digest_string = xstrdup("md5");
-	    xfree(s2k_digest_string);
-	    s2k_digest_string = xstrdup("md5");
-	    opt.compress_algo = COMPRESS_ALGO_ZIP;
-	  }
-      }
-    else if(PGP6)
+    if(PGP6)
       {
 	opt.disable_mdc=1;
 	opt.escape_from=1;
@@ -3675,7 +3594,7 @@ main (int argc, char **argv)
 	else if(opt.s2k_mode==0)
 	  log_error(_("you cannot use --symmetric --encrypt"
 		      " with --s2k-mode 0\n"));
-	else if(PGP2 || PGP6 || PGP7 || RFC1991)
+	else if(PGP6 || PGP7)
 	  log_error(_("you cannot use --symmetric --encrypt"
 		      " while in %s mode\n"),compliance_option_string());
 	else
@@ -3726,7 +3645,7 @@ main (int argc, char **argv)
 	else if(opt.s2k_mode==0)
 	  log_error(_("you cannot use --symmetric --sign --encrypt"
 		      " with --s2k-mode 0\n"));
-	else if(PGP2 || PGP6 || PGP7 || RFC1991)
+	else if(PGP6 || PGP7)
 	  log_error(_("you cannot use --symmetric --sign --encrypt"
 		      " while in %s mode\n"),compliance_option_string());
 	else
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 77bd37f58..1d8062546 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -518,19 +518,6 @@ sign_uids (estream_t fp,
   KBNODE node, uidnode;
   PKT_public_key *primary_pk = NULL;
   int select_all = !count_selected_uids (keyblock) || interactive;
-  int all_v3 = 1;
-
-  /* Are there any non-v3 sigs on this key already? */
-  if (PGP2)
-    {
-      for (node = keyblock; node; node = node->next)
-        if (node->pkt->pkttype == PKT_SIGNATURE &&
-            node->pkt->pkt.signature->version > 3)
-          {
-            all_v3 = 0;
-            break;
-          }
-    }
 
   /* Build a list of all signators.
    *
@@ -894,29 +881,6 @@ sign_uids (estream_t fp,
       if (duration)
 	force_v4 = 1;
 
-      /* Is --pgp2 on, it's a v3 key, all the sigs on the key are
-         currently v3 and we're about to sign it with a v4 sig?  If
-         so, danger! */
-      if (PGP2 && all_v3 &&
-	  (pk->version > 3 || force_v4) && primary_pk->version <= 3)
-	{
-	  tty_fprintf (fp, _("You may not make an OpenPGP signature on a "
-                             "PGP 2.x key while in --pgp2 mode.\n"));
-	  tty_fprintf (fp, _("This would make the key unusable in PGP 2.x.\n"));
-
-	  if (opt.expert && !quick)
-	    {
-	      if (!cpr_get_answer_is_yes ("sign_uid.v4_on_v3_okay",
-					  _("Are you sure you still "
-					    "want to sign it? (y/N) ")))
-		continue;
-
-	      all_v3 = 0;
-	    }
-	  else
-	    continue;
-	}
-
       if (selfsig)
 	;
       else
@@ -1773,7 +1737,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
 	  break;
 
 	case cmdADDPHOTO:
-	  if (RFC2440 || RFC1991 || PGP2)
+	  if (RFC2440)
 	    {
 	      tty_printf (_("This command is not allowed while in %s mode.\n"),
 			  compliance_option_string ());
diff --git a/g10/keygen.c b/g10/keygen.c
index af5d34d24..ed11a2fff 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -341,16 +341,6 @@ keygen_set_std_prefs (const char *string,int personal)
 	    if ( !openpgp_cipher_test_algo (CIPHER_ALGO_CAST5) )
 	      strcat(dummy_string,"S3 ");
 	    strcat(dummy_string,"S2 "); /* 3DES */
-	    /* If we have it, IDEA goes *after* 3DES so it won't be
-	       used unless we're encrypting along with a V3 key.
-	       Ideally, we would only put the S1 preference in if the
-	       key was RSA and <=2048 bits, as that is what won't
-	       break PGP2, but that is difficult with the current
-	       code, and not really worth checking as a non-RSA <=2048
-	       bit key wouldn't be usable by PGP2 anyway. -dms */
-	    if (PGP2 && !openpgp_cipher_test_algo (CIPHER_ALGO_IDEA) )
-	      strcat(dummy_string,"S1 ");
-
 
             /* The default hash algo order is:
                  SHA-256, SHA-1, SHA-384, SHA-512, SHA-224.
diff --git a/g10/misc.c b/g10/misc.c
index 0125da4b0..0ad4602f9 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -1191,8 +1191,6 @@ compliance_option_string(void)
     case CO_GNUPG:   return "--gnupg";
     case CO_RFC4880: return "--openpgp";
     case CO_RFC2440: return "--rfc2440";
-    case CO_RFC1991: return "--rfc1991";
-    case CO_PGP2:    return "--pgp2";
     case CO_PGP6:    return "--pgp6";
     case CO_PGP7:    return "--pgp7";
     case CO_PGP8:    return "--pgp8";
@@ -1220,14 +1218,6 @@ compliance_failure(void)
       ver="OpenPGP (older)";
       break;
 
-    case CO_RFC1991:
-      ver="old PGP";
-      break;
-
-    case CO_PGP2:
-      ver="PGP 2.x";
-      break;
-
     case CO_PGP6:
       ver="PGP 6.x";
       break;
diff --git a/g10/options.h b/g10/options.h
index e407aa400..7efb3d6e6 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -121,7 +121,7 @@ struct
   int force_ownertrust;
   enum
     {
-      CO_GNUPG, CO_RFC4880, CO_RFC2440, CO_RFC1991, CO_PGP2,
+      CO_GNUPG, CO_RFC4880, CO_RFC2440,
       CO_PGP6, CO_PGP7, CO_PGP8
     } compliance;
   enum
@@ -307,14 +307,12 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
 
 /* Compatibility flags.  */
 #define GNUPG   (opt.compliance==CO_GNUPG)
-#define RFC1991 (opt.compliance==CO_RFC1991 || opt.compliance==CO_PGP2)
 #define RFC2440 (opt.compliance==CO_RFC2440)
 #define RFC4880 (opt.compliance==CO_RFC4880)
-#define PGP2    (opt.compliance==CO_PGP2)
 #define PGP6    (opt.compliance==CO_PGP6)
 #define PGP7    (opt.compliance==CO_PGP7)
 #define PGP8    (opt.compliance==CO_PGP8)
-#define PGPX    (PGP2 || PGP6 || PGP7 || PGP8)
+#define PGPX    (PGP6 || PGP7 || PGP8)
 
 /* Various option flags.  Note that there should be no common string
    names between the IMPORT_ and EXPORT_ flags as they can be mixed in
diff --git a/g10/pkclist.c b/g10/pkclist.c
index e783ae419..1032b0193 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -928,7 +928,7 @@ build_pk_list (ctrl_t ctrl,
 
           /* Hidden recipients are not allowed while in PGP mode,
              issue a warning and switch into GnuPG mode. */
-          if ((rov->flags&2) && (PGP2 || PGP6 || PGP7 || PGP8))
+          if ((rov->flags&2) && (PGP6 || PGP7 || PGP8))
             {
               log_info(_("you may not use %s while in %s mode\n"),
                        "--hidden-recipient",
@@ -978,7 +978,7 @@ build_pk_list (ctrl_t ctrl,
                   /* Hidden encrypt-to recipients are not allowed while
                      in PGP mode, issue a warning and switch into
                      GnuPG mode. */
-                  if ((r->flags&1) && (PGP2 || PGP6 || PGP7 || PGP8))
+                  if ((r->flags&1) && (PGP6 || PGP7 || PGP8))
                     {
                       log_info(_("you may not use %s while in %s mode\n"),
                                "--hidden-encrypt-to",
@@ -1344,10 +1344,7 @@ select_algo_from_prefs(PK_LIST pk_list, int preftype,
 	     dropped from 4880 but is still relevant to GPG's 1991
 	     support.  All this doesn't mean IDEA is actually
 	     available, of course. */
-	  if(PGP2 && pkr->pk->version<4 && pkr->pk->selfsigversion<4)
-	    implicit=CIPHER_ALGO_IDEA;
-	  else
-	    implicit=CIPHER_ALGO_3DES;
+          implicit=CIPHER_ALGO_3DES;
 
 	  break;
 
@@ -1359,12 +1356,7 @@ select_algo_from_prefs(PK_LIST pk_list, int preftype,
 	     mode, and that's the only time PREFTYPE_HASH is used
 	     anyway. -dms */
 
-	  /* MD5 is there for v3 keys with v3 selfsigs when --pgp2 is
-	     on. */
-	  if(PGP2 && pkr->pk->version<4 && pkr->pk->selfsigversion<4)
-	    implicit=DIGEST_ALGO_MD5;
-	  else
-	    implicit=DIGEST_ALGO_SHA1;
+          implicit=DIGEST_ALGO_SHA1;
 
 	  break;
 
diff --git a/g10/revoke.c b/g10/revoke.c
index bf5e33b3f..67f62e5cc 100644
--- a/g10/revoke.c
+++ b/g10/revoke.c
@@ -473,7 +473,7 @@ create_revocation (const char *filename,
       goto leave;
     }
 
-  if (keyblock && (PGP2 || PGP6 || PGP7 || PGP8))
+  if (keyblock && (PGP6 || PGP7 || PGP8))
     {
       /* Use a minimal pk for PGPx mode, since PGP can't import bare
          revocation certificates. */
diff --git a/g10/server.c b/g10/server.c
index e87c871e3..b019d1aa1 100644
--- a/g10/server.c
+++ b/g10/server.c
@@ -320,10 +320,6 @@ cmd_encrypt (assuan_context_t ctx, char *line)
       goto leave;
     }
 
-  /* Fixme: Check that we are using real files and not pipes if in
-     PGP-2 mode.  Do all the other checks we do in gpg.c for aEncr.
-     Maybe we should drop the PGP2 compatibility. */
-
 
   /* FIXME: GPGSM does this here: Add all encrypt-to marked recipients
      from the default list. */
diff --git a/g10/sign.c b/g10/sign.c
index 9aa4da49d..c8139d74c 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -509,11 +509,6 @@ hash_for (PKT_public_key *pk)
 
       return DIGEST_ALGO_SHA1;
     }
-  else if (PGP2 && pk->pubkey_algo == PUBKEY_ALGO_RSA && pk->version < 4 )
-    {
-      /* Old-style PGP only understands MD5 */
-      return DIGEST_ALGO_MD5;
-    }
   else if (opt.personal_digest_prefs)
     {
       /* It's not DSA, so we can use whatever the first hash algorithm
@@ -659,7 +654,7 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
         pt->timestamp = make_timestamp ();
         pt->mode = ptmode;
         pt->len = filesize;
-        pt->new_ctb = !pt->len && !RFC1991;
+        pt->new_ctb = !pt->len;
         pt->buf = inp;
         init_packet(&pkt);
         pkt.pkttype = PKT_PLAINTEXT;
@@ -710,7 +705,7 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
 
       /* Build the signature packet.  */
       sig = xmalloc_clear (sizeof *sig);
-      if (opt.force_v3_sigs || RFC1991)
+      if (opt.force_v3_sigs)
         sig->version = 3;
       else if (duration || opt.sig_policy_url
                || opt.sig_notations || opt.sig_keyserver_url)
@@ -819,7 +814,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
        && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek)))
       goto leave;
 
-    if(!opt.force_v3_sigs && !RFC1991)
+    if(!opt.force_v3_sigs)
       {
 	if(opt.ask_sig_expire && !opt.batch)
 	  duration=ask_expire_interval(1,opt.def_sig_expire);
@@ -832,13 +827,6 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
     if( (rc = build_sk_list (locusr, &sk_list, PUBKEY_USAGE_SIG )) )
 	goto leave;
 
-    if(PGP2 && !only_old_style(sk_list))
-      {
-	log_info(_("you can only detach-sign with PGP 2.x style keys "
-		   "while in --pgp2 mode\n"));
-	compliance_failure();
-      }
-
     if (encryptflag
         && (rc=build_pk_list (ctrl, remusr, &pk_list, PUBKEY_USAGE_ENC)))
       goto leave;
@@ -986,7 +974,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
     if( !multifile )
 	iobuf_push_filter( inp, md_filter, &mfx );
 
-    if( detached && !encryptflag && !RFC1991 )
+    if( detached && !encryptflag)
 	afx->what = 2;
 
     if( opt.armor && !outfile  )
@@ -1029,7 +1017,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
       }
 
     /* Write the one-pass signature packets if needed */
-    if (!detached && !RFC1991) {
+    if (!detached) {
         rc = write_onepass_sig_packets (sk_list, out,
                                         opt.textmode && !outfile ? 0x01:0x00);
         if (rc)
@@ -1135,7 +1123,7 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile )
     int rc = 0;
     SK_LIST sk_list = NULL;
     SK_LIST sk_rover = NULL;
-    int old_style = RFC1991;
+    int old_style = 0;
     int only_md5 = 0;
     u32 duration=0;
 
@@ -1143,7 +1131,7 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile )
     afx = new_armor_context ();
     init_packet( &pkt );
 
-    if(!opt.force_v3_sigs && !RFC1991)
+    if(!opt.force_v3_sigs)
       {
 	if(opt.ask_sig_expire && !opt.batch)
 	  duration=ask_expire_interval(1,opt.def_sig_expire);
@@ -1156,16 +1144,9 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile )
     if( (rc=build_sk_list( locusr, &sk_list, PUBKEY_USAGE_SIG )) )
 	goto leave;
 
-    if( !old_style && !duration )
+    if(!duration )
 	old_style = only_old_style( sk_list );
 
-    if(PGP2 && !only_old_style(sk_list))
-      {
-	log_info(_("you can only clearsign with PGP 2.x style keys "
-		   "while in --pgp2 mode\n"));
-	compliance_failure();
-      }
-
     /* prepare iobufs */
     inp = iobuf_open(fname);
     if (inp && is_secured_file (iobuf_get_fd (inp)))
@@ -1311,7 +1292,7 @@ sign_symencrypt_file (const char *fname, strlist_t locusr)
     memset( &cfx, 0, sizeof cfx);
     init_packet( &pkt );
 
-    if(!opt.force_v3_sigs && !RFC1991)
+    if(!opt.force_v3_sigs)
       {
 	if(opt.ask_sig_expire && !opt.batch)
 	  duration=ask_expire_interval(1,opt.def_sig_expire);
@@ -1343,7 +1324,7 @@ sign_symencrypt_file (const char *fname, strlist_t locusr)
 
     /* prepare key */
     s2k = xmalloc_clear( sizeof *s2k );
-    s2k->mode = RFC1991? 0:opt.s2k_mode;
+    s2k->mode = opt.s2k_mode;
     s2k->hash_algo = S2K_DIGEST_ALGO;
 
     algo = default_cipher_algo();
@@ -1389,7 +1370,7 @@ sign_symencrypt_file (const char *fname, strlist_t locusr)
 
     /* Write the symmetric key packet */
     /*(current filters: armor)*/
-    if (!RFC1991) {
+    {
 	PKT_symkey_enc *enc = xmalloc_clear( sizeof *enc );
 	enc->version = 4;
 	enc->cipher_algo = cfx.dek->algo;
@@ -1410,12 +1391,10 @@ sign_symencrypt_file (const char *fname, strlist_t locusr)
 
     /* Write the one-pass signature packets */
     /*(current filters: zip - encrypt - armor)*/
-    if (!RFC1991) {
-        rc = write_onepass_sig_packets (sk_list, out,
-                                        opt.textmode? 0x01:0x00);
-        if (rc)
-            goto leave;
-    }
+    rc = write_onepass_sig_packets (sk_list, out,
+                                    opt.textmode? 0x01:0x00);
+    if (rc)
+      goto leave;
 
     write_status_begin_signing (mfx.md);
 
diff --git a/tests/openpgp/clearsig.test b/tests/openpgp/clearsig.test
index 74631e180..bf67916d0 100755
--- a/tests/openpgp/clearsig.test
+++ b/tests/openpgp/clearsig.test
@@ -23,17 +23,6 @@ for i in $plain_files plain-large ; do
 done
 
 
-# ======================================
-# and once more to check rfc1991
-# ======================================
-
-if have_pubkey_algo "RSA"; then
-  for i in $plain_files plain-large ; do
-      $GPG -u $usrname3 --rfc1991 --digest-algo md5 --clearsign -o x --yes $i
-      $GPG --verify x
-  done
-fi
-
 # ======================================
 # and one with long lines
 # ======================================
@@ -100,7 +89,7 @@ cat >y <<EOF
 	    }
 	    /* ask for file and hash it */
 -	    if( c->sigs_only ) {
-+	    if( c->sigs_only )   
++	    if( c->sigs_only )
 		rc = hash_datafiles( c->mfx.md, NULL,
 				     c->signed_data, c->sigfilename,
 			n1? (n1->pkt->pkt.onepass_sig->sig_class == 0x01):0 );