mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-08 12:44:23 +01:00
* options.h, g10.c (main), main.h, seskey.c (do_encode_md,
encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove --emulate-md-encode-bug as it only applied to Elgamal signatures, which are going away.
This commit is contained in:
David Shaw
parent
a32a3a863e
commit
3c40fd65d6
@ -1,3 +1,10 @@
|
||||
2003-12-03 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* options.h, g10.c (main), main.h, seskey.c (do_encode_md,
|
||||
encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove
|
||||
--emulate-md-encode-bug as it only applied to Elgamal signatures,
|
||||
which are going away.
|
||||
|
||||
2003-11-30 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* mainproc.c (proc_symkey_enc, proc_encrypted): Add ability to use
|
||||
|
||||
@ -317,7 +317,6 @@ enum cmd_and_opt_values
|
||||
oPersonalCipherPreferences,
|
||||
oPersonalDigestPreferences,
|
||||
oPersonalCompressPreferences,
|
||||
oEmuMDEncodeBug,
|
||||
oDisplay,
|
||||
oTTYname,
|
||||
oTTYtype,
|
||||
@ -642,7 +641,6 @@ static ARGPARSE_OPTS opts[] = {
|
||||
{ oPersonalCipherPreferences, "personal-cipher-prefs", 2, "@"},
|
||||
{ oPersonalDigestPreferences, "personal-digest-prefs", 2, "@"},
|
||||
{ oPersonalCompressPreferences, "personal-compress-prefs", 2, "@"},
|
||||
{ oEmuMDEncodeBug, "emulate-md-encode-bug", 0, "@"},
|
||||
{ oDisplay, "display", 2, "@" },
|
||||
{ oTTYname, "ttyname", 2, "@" },
|
||||
{ oTTYtype, "ttytype", 2, "@" },
|
||||
@ -662,11 +660,9 @@ static ARGPARSE_OPTS opts[] = {
|
||||
{ opcscDriver, "pcsc-driver", 2, "@"},
|
||||
{ oDisableCCID, "disable-ccid", 0, "@"},
|
||||
|
||||
|
||||
{0} };
|
||||
|
||||
|
||||
|
||||
int g10_errors_seen = 0;
|
||||
|
||||
static int utf8_strings = 0;
|
||||
@ -1673,7 +1669,6 @@ main( int argc, char **argv )
|
||||
case oPGP7: opt.compliance = CO_PGP7; break;
|
||||
case oPGP8: opt.compliance = CO_PGP8; break;
|
||||
case oGnuPG: opt.compliance = CO_GNUPG; break;
|
||||
case oEmuMDEncodeBug: opt.emulate_bugs |= EMUBUG_MDENCODE; break;
|
||||
case oCompressSigs: opt.compress_sigs = 1; break;
|
||||
case oRunAsShmCP:
|
||||
#ifndef __riscos__
|
||||
|
||||
@ -169,8 +169,8 @@ void try_make_homedir( const char *fname );
|
||||
/*-- seskey.c --*/
|
||||
void make_session_key( DEK *dek );
|
||||
MPI encode_session_key( DEK *dek, unsigned nbits );
|
||||
MPI encode_md_value( int pubkey_algo, MD_HANDLE md,
|
||||
int hash_algo, unsigned nbits, int v3compathack );
|
||||
MPI encode_md_value( int pubkey_algo, MD_HANDLE md,
|
||||
int hash_algo, unsigned nbits );
|
||||
|
||||
/*-- comment.c --*/
|
||||
KBNODE make_comment_node( const char *s );
|
||||
|
||||
@ -103,7 +103,6 @@ struct {
|
||||
CO_GNUPG=0, CO_RFC2440, CO_RFC1991, CO_PGP2, CO_PGP6, CO_PGP7, CO_PGP8
|
||||
} compliance;
|
||||
int pgp2_workarounds;
|
||||
unsigned int emulate_bugs; /* bug emulation flags EMUBUG_xxxx */
|
||||
int shm_coprocess;
|
||||
const char *set_filename;
|
||||
STRLIST comments;
|
||||
@ -196,9 +195,6 @@ struct {
|
||||
|
||||
} opt;
|
||||
|
||||
|
||||
#define EMUBUG_MDENCODE 4
|
||||
|
||||
#define DBG_PACKET_VALUE 1 /* debug packet reading/writing */
|
||||
#define DBG_MPI_VALUE 2 /* debug mpi details */
|
||||
#define DBG_CIPHER_VALUE 4 /* debug cipher handling */
|
||||
|
||||
12
g10/seskey.c
12
g10/seskey.c
@ -142,7 +142,7 @@ encode_session_key( DEK *dek, unsigned nbits )
|
||||
|
||||
static MPI
|
||||
do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
|
||||
const byte *asn, size_t asnlen, int v3compathack )
|
||||
const byte *asn, size_t asnlen )
|
||||
{
|
||||
int nframe = (nbits+7) / 8;
|
||||
byte *frame;
|
||||
@ -155,14 +155,14 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
|
||||
|
||||
/* We encode the MD in this way:
|
||||
*
|
||||
* 0 A PAD(n bytes) 0 ASN(asnlen bytes) MD(len bytes)
|
||||
* 0 1 PAD(n bytes) 0 ASN(asnlen bytes) MD(len bytes)
|
||||
*
|
||||
* PAD consists of FF bytes.
|
||||
*/
|
||||
frame = md_is_secure(md)? m_alloc_secure( nframe ) : m_alloc( nframe );
|
||||
n = 0;
|
||||
frame[n++] = 0;
|
||||
frame[n++] = v3compathack? algo : 1; /* block type */
|
||||
frame[n++] = 1; /* block type */
|
||||
i = nframe - len - asnlen -3 ;
|
||||
assert( i > 1 );
|
||||
memset( frame+n, 0xff, i ); n += i;
|
||||
@ -196,8 +196,8 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
|
||||
* the encoded value. Setting this flag forces the old behaviour.
|
||||
*/
|
||||
MPI
|
||||
encode_md_value( int pubkey_algo, MD_HANDLE md, int hash_algo,
|
||||
unsigned nbits, int v3compathack )
|
||||
encode_md_value( int pubkey_algo, MD_HANDLE md,
|
||||
int hash_algo, unsigned nbits )
|
||||
{
|
||||
int algo = hash_algo? hash_algo : md_get_algo(md);
|
||||
const byte *asn;
|
||||
@ -220,7 +220,7 @@ encode_md_value( int pubkey_algo, MD_HANDLE md, int hash_algo,
|
||||
}
|
||||
else {
|
||||
asn = md_asn_oid( algo, &asnlen, &mdlen );
|
||||
frame = do_encode_md( md, algo, mdlen, nbits, asn, asnlen, v3compathack);
|
||||
frame = do_encode_md( md, algo, mdlen, nbits, asn, asnlen );
|
||||
}
|
||||
return frame;
|
||||
}
|
||||
|
||||
@ -324,7 +324,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest,
|
||||
md_final( digest );
|
||||
|
||||
result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo,
|
||||
mpi_get_nbits(pk->pkey[0]), 0 );
|
||||
mpi_get_nbits(pk->pkey[0]) );
|
||||
if (!result)
|
||||
return G10ERR_GENERAL;
|
||||
ctx.sig = sig;
|
||||
@ -332,21 +332,6 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest,
|
||||
rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey,
|
||||
cmp_help, &ctx );
|
||||
mpi_free( result );
|
||||
if( (opt.emulate_bugs & EMUBUG_MDENCODE)
|
||||
&& rc == G10ERR_BAD_SIGN && is_ELGAMAL(pk->pubkey_algo) ) {
|
||||
/* In this case we try again because old GnuPG versions didn't encode
|
||||
* the hash right. There is no problem with DSA however */
|
||||
result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo,
|
||||
mpi_get_nbits(pk->pkey[0]), (sig->version < 5) );
|
||||
if (!result)
|
||||
rc = G10ERR_GENERAL;
|
||||
else {
|
||||
ctx.sig = sig;
|
||||
ctx.md = digest;
|
||||
rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey,
|
||||
cmp_help, &ctx );
|
||||
}
|
||||
}
|
||||
|
||||
if( !rc && sig->flags.unknown_critical ) {
|
||||
log_info(_("assuming bad signature from key %08lX due to an unknown critical bit\n"),(ulong)keyid_from_pk(pk,NULL));
|
||||
|
||||
@ -334,7 +334,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
|
||||
else
|
||||
{
|
||||
frame = encode_md_value( sk->pubkey_algo, md,
|
||||
digest_algo, mpi_get_nbits(sk->skey[0]), 0 );
|
||||
digest_algo, mpi_get_nbits(sk->skey[0]) );
|
||||
if (!frame)
|
||||
return G10ERR_GENERAL;
|
||||
rc = pubkey_sign( sk->pubkey_algo, sig->data, frame, sk->skey );
|
||||
@ -352,7 +352,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
|
||||
else {
|
||||
frame = encode_md_value (pk->pubkey_algo, md,
|
||||
sig->digest_algo,
|
||||
mpi_get_nbits(pk->pkey[0]), 0);
|
||||
mpi_get_nbits(pk->pkey[0]) );
|
||||
if (!frame)
|
||||
rc = G10ERR_GENERAL;
|
||||
else
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user