mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-09 12:54:23 +01:00
* options.h, g10.c (main), main.h, seskey.c (do_encode_md,
encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove --emulate-md-encode-bug as it only applied to Elgamal signatures, which are going away.
This commit is contained in:
David Shaw
parent
a32a3a863e
commit
3c40fd65d6
@ -1,3 +1,10 @@
|
|||||||
|
2003-12-03 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* options.h, g10.c (main), main.h, seskey.c (do_encode_md,
|
||||||
|
encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove
|
||||||
|
--emulate-md-encode-bug as it only applied to Elgamal signatures,
|
||||||
|
which are going away.
|
||||||
|
|
||||||
2003-11-30 David Shaw <dshaw@jabberwocky.com>
|
2003-11-30 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* mainproc.c (proc_symkey_enc, proc_encrypted): Add ability to use
|
* mainproc.c (proc_symkey_enc, proc_encrypted): Add ability to use
|
||||||
|
|||||||
@ -317,7 +317,6 @@ enum cmd_and_opt_values
|
|||||||
oPersonalCipherPreferences,
|
oPersonalCipherPreferences,
|
||||||
oPersonalDigestPreferences,
|
oPersonalDigestPreferences,
|
||||||
oPersonalCompressPreferences,
|
oPersonalCompressPreferences,
|
||||||
oEmuMDEncodeBug,
|
|
||||||
oDisplay,
|
oDisplay,
|
||||||
oTTYname,
|
oTTYname,
|
||||||
oTTYtype,
|
oTTYtype,
|
||||||
@ -642,7 +641,6 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
{ oPersonalCipherPreferences, "personal-cipher-prefs", 2, "@"},
|
{ oPersonalCipherPreferences, "personal-cipher-prefs", 2, "@"},
|
||||||
{ oPersonalDigestPreferences, "personal-digest-prefs", 2, "@"},
|
{ oPersonalDigestPreferences, "personal-digest-prefs", 2, "@"},
|
||||||
{ oPersonalCompressPreferences, "personal-compress-prefs", 2, "@"},
|
{ oPersonalCompressPreferences, "personal-compress-prefs", 2, "@"},
|
||||||
{ oEmuMDEncodeBug, "emulate-md-encode-bug", 0, "@"},
|
|
||||||
{ oDisplay, "display", 2, "@" },
|
{ oDisplay, "display", 2, "@" },
|
||||||
{ oTTYname, "ttyname", 2, "@" },
|
{ oTTYname, "ttyname", 2, "@" },
|
||||||
{ oTTYtype, "ttytype", 2, "@" },
|
{ oTTYtype, "ttytype", 2, "@" },
|
||||||
@ -662,11 +660,9 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
{ opcscDriver, "pcsc-driver", 2, "@"},
|
{ opcscDriver, "pcsc-driver", 2, "@"},
|
||||||
{ oDisableCCID, "disable-ccid", 0, "@"},
|
{ oDisableCCID, "disable-ccid", 0, "@"},
|
||||||
|
|
||||||
|
|
||||||
{0} };
|
{0} };
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
int g10_errors_seen = 0;
|
int g10_errors_seen = 0;
|
||||||
|
|
||||||
static int utf8_strings = 0;
|
static int utf8_strings = 0;
|
||||||
@ -1673,7 +1669,6 @@ main( int argc, char **argv )
|
|||||||
case oPGP7: opt.compliance = CO_PGP7; break;
|
case oPGP7: opt.compliance = CO_PGP7; break;
|
||||||
case oPGP8: opt.compliance = CO_PGP8; break;
|
case oPGP8: opt.compliance = CO_PGP8; break;
|
||||||
case oGnuPG: opt.compliance = CO_GNUPG; break;
|
case oGnuPG: opt.compliance = CO_GNUPG; break;
|
||||||
case oEmuMDEncodeBug: opt.emulate_bugs |= EMUBUG_MDENCODE; break;
|
|
||||||
case oCompressSigs: opt.compress_sigs = 1; break;
|
case oCompressSigs: opt.compress_sigs = 1; break;
|
||||||
case oRunAsShmCP:
|
case oRunAsShmCP:
|
||||||
#ifndef __riscos__
|
#ifndef __riscos__
|
||||||
|
|||||||
@ -169,8 +169,8 @@ void try_make_homedir( const char *fname );
|
|||||||
/*-- seskey.c --*/
|
/*-- seskey.c --*/
|
||||||
void make_session_key( DEK *dek );
|
void make_session_key( DEK *dek );
|
||||||
MPI encode_session_key( DEK *dek, unsigned nbits );
|
MPI encode_session_key( DEK *dek, unsigned nbits );
|
||||||
MPI encode_md_value( int pubkey_algo, MD_HANDLE md,
|
MPI encode_md_value( int pubkey_algo, MD_HANDLE md,
|
||||||
int hash_algo, unsigned nbits, int v3compathack );
|
int hash_algo, unsigned nbits );
|
||||||
|
|
||||||
/*-- comment.c --*/
|
/*-- comment.c --*/
|
||||||
KBNODE make_comment_node( const char *s );
|
KBNODE make_comment_node( const char *s );
|
||||||
|
|||||||
@ -103,7 +103,6 @@ struct {
|
|||||||
CO_GNUPG=0, CO_RFC2440, CO_RFC1991, CO_PGP2, CO_PGP6, CO_PGP7, CO_PGP8
|
CO_GNUPG=0, CO_RFC2440, CO_RFC1991, CO_PGP2, CO_PGP6, CO_PGP7, CO_PGP8
|
||||||
} compliance;
|
} compliance;
|
||||||
int pgp2_workarounds;
|
int pgp2_workarounds;
|
||||||
unsigned int emulate_bugs; /* bug emulation flags EMUBUG_xxxx */
|
|
||||||
int shm_coprocess;
|
int shm_coprocess;
|
||||||
const char *set_filename;
|
const char *set_filename;
|
||||||
STRLIST comments;
|
STRLIST comments;
|
||||||
@ -196,9 +195,6 @@ struct {
|
|||||||
|
|
||||||
} opt;
|
} opt;
|
||||||
|
|
||||||
|
|
||||||
#define EMUBUG_MDENCODE 4
|
|
||||||
|
|
||||||
#define DBG_PACKET_VALUE 1 /* debug packet reading/writing */
|
#define DBG_PACKET_VALUE 1 /* debug packet reading/writing */
|
||||||
#define DBG_MPI_VALUE 2 /* debug mpi details */
|
#define DBG_MPI_VALUE 2 /* debug mpi details */
|
||||||
#define DBG_CIPHER_VALUE 4 /* debug cipher handling */
|
#define DBG_CIPHER_VALUE 4 /* debug cipher handling */
|
||||||
|
|||||||
12
g10/seskey.c
12
g10/seskey.c
@ -142,7 +142,7 @@ encode_session_key( DEK *dek, unsigned nbits )
|
|||||||
|
|
||||||
static MPI
|
static MPI
|
||||||
do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
|
do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
|
||||||
const byte *asn, size_t asnlen, int v3compathack )
|
const byte *asn, size_t asnlen )
|
||||||
{
|
{
|
||||||
int nframe = (nbits+7) / 8;
|
int nframe = (nbits+7) / 8;
|
||||||
byte *frame;
|
byte *frame;
|
||||||
@ -155,14 +155,14 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
|
|||||||
|
|
||||||
/* We encode the MD in this way:
|
/* We encode the MD in this way:
|
||||||
*
|
*
|
||||||
* 0 A PAD(n bytes) 0 ASN(asnlen bytes) MD(len bytes)
|
* 0 1 PAD(n bytes) 0 ASN(asnlen bytes) MD(len bytes)
|
||||||
*
|
*
|
||||||
* PAD consists of FF bytes.
|
* PAD consists of FF bytes.
|
||||||
*/
|
*/
|
||||||
frame = md_is_secure(md)? m_alloc_secure( nframe ) : m_alloc( nframe );
|
frame = md_is_secure(md)? m_alloc_secure( nframe ) : m_alloc( nframe );
|
||||||
n = 0;
|
n = 0;
|
||||||
frame[n++] = 0;
|
frame[n++] = 0;
|
||||||
frame[n++] = v3compathack? algo : 1; /* block type */
|
frame[n++] = 1; /* block type */
|
||||||
i = nframe - len - asnlen -3 ;
|
i = nframe - len - asnlen -3 ;
|
||||||
assert( i > 1 );
|
assert( i > 1 );
|
||||||
memset( frame+n, 0xff, i ); n += i;
|
memset( frame+n, 0xff, i ); n += i;
|
||||||
@ -196,8 +196,8 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits,
|
|||||||
* the encoded value. Setting this flag forces the old behaviour.
|
* the encoded value. Setting this flag forces the old behaviour.
|
||||||
*/
|
*/
|
||||||
MPI
|
MPI
|
||||||
encode_md_value( int pubkey_algo, MD_HANDLE md, int hash_algo,
|
encode_md_value( int pubkey_algo, MD_HANDLE md,
|
||||||
unsigned nbits, int v3compathack )
|
int hash_algo, unsigned nbits )
|
||||||
{
|
{
|
||||||
int algo = hash_algo? hash_algo : md_get_algo(md);
|
int algo = hash_algo? hash_algo : md_get_algo(md);
|
||||||
const byte *asn;
|
const byte *asn;
|
||||||
@ -220,7 +220,7 @@ encode_md_value( int pubkey_algo, MD_HANDLE md, int hash_algo,
|
|||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
asn = md_asn_oid( algo, &asnlen, &mdlen );
|
asn = md_asn_oid( algo, &asnlen, &mdlen );
|
||||||
frame = do_encode_md( md, algo, mdlen, nbits, asn, asnlen, v3compathack);
|
frame = do_encode_md( md, algo, mdlen, nbits, asn, asnlen );
|
||||||
}
|
}
|
||||||
return frame;
|
return frame;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -324,7 +324,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest,
|
|||||||
md_final( digest );
|
md_final( digest );
|
||||||
|
|
||||||
result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo,
|
result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo,
|
||||||
mpi_get_nbits(pk->pkey[0]), 0 );
|
mpi_get_nbits(pk->pkey[0]) );
|
||||||
if (!result)
|
if (!result)
|
||||||
return G10ERR_GENERAL;
|
return G10ERR_GENERAL;
|
||||||
ctx.sig = sig;
|
ctx.sig = sig;
|
||||||
@ -332,21 +332,6 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest,
|
|||||||
rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey,
|
rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey,
|
||||||
cmp_help, &ctx );
|
cmp_help, &ctx );
|
||||||
mpi_free( result );
|
mpi_free( result );
|
||||||
if( (opt.emulate_bugs & EMUBUG_MDENCODE)
|
|
||||||
&& rc == G10ERR_BAD_SIGN && is_ELGAMAL(pk->pubkey_algo) ) {
|
|
||||||
/* In this case we try again because old GnuPG versions didn't encode
|
|
||||||
* the hash right. There is no problem with DSA however */
|
|
||||||
result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo,
|
|
||||||
mpi_get_nbits(pk->pkey[0]), (sig->version < 5) );
|
|
||||||
if (!result)
|
|
||||||
rc = G10ERR_GENERAL;
|
|
||||||
else {
|
|
||||||
ctx.sig = sig;
|
|
||||||
ctx.md = digest;
|
|
||||||
rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey,
|
|
||||||
cmp_help, &ctx );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if( !rc && sig->flags.unknown_critical ) {
|
if( !rc && sig->flags.unknown_critical ) {
|
||||||
log_info(_("assuming bad signature from key %08lX due to an unknown critical bit\n"),(ulong)keyid_from_pk(pk,NULL));
|
log_info(_("assuming bad signature from key %08lX due to an unknown critical bit\n"),(ulong)keyid_from_pk(pk,NULL));
|
||||||
|
|||||||
@ -334,7 +334,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
frame = encode_md_value( sk->pubkey_algo, md,
|
frame = encode_md_value( sk->pubkey_algo, md,
|
||||||
digest_algo, mpi_get_nbits(sk->skey[0]), 0 );
|
digest_algo, mpi_get_nbits(sk->skey[0]) );
|
||||||
if (!frame)
|
if (!frame)
|
||||||
return G10ERR_GENERAL;
|
return G10ERR_GENERAL;
|
||||||
rc = pubkey_sign( sk->pubkey_algo, sig->data, frame, sk->skey );
|
rc = pubkey_sign( sk->pubkey_algo, sig->data, frame, sk->skey );
|
||||||
@ -352,7 +352,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
|
|||||||
else {
|
else {
|
||||||
frame = encode_md_value (pk->pubkey_algo, md,
|
frame = encode_md_value (pk->pubkey_algo, md,
|
||||||
sig->digest_algo,
|
sig->digest_algo,
|
||||||
mpi_get_nbits(pk->pkey[0]), 0);
|
mpi_get_nbits(pk->pkey[0]) );
|
||||||
if (!frame)
|
if (!frame)
|
||||||
rc = G10ERR_GENERAL;
|
rc = G10ERR_GENERAL;
|
||||||
else
|
else
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user