gpg: Reject signatures made with MD5.

* g10/gpg.c: Add option --allow-weak-digest-algos. (main): Set option also in PGP2 mode. * g10/options.h (struct opt): Add flags.allow_weak_digest_algos. * g10/sig-check.c (do_check): Reject MD5 signatures. * tests/openpgp/gpg.conf.tmpl: Add allow_weak_digest_algos. -- (cherry picked from commit f90cfe6b66) Resolved conflicts: g10/gpg.c - adjust. tests/openpgp/defs.inc - no changes
2025-07-02 22:46:30 +02:00 · 2015-10-27 00:01:31 -04:00 · 2015-10-27 00:01:31 -04:00 · 43e5d28c6d
commit 43e5d28c6d
parent fc30a414d8
5 changed files with 33 additions and 1 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -2178,7 +2178,7 @@ available, but the MIT release is a good common baseline.

 This option implies
@option{--rfc1991 --disable-mdc --no-force-v4-certs
- --escape-from-lines  --force-v3-sigs
+ --escape-from-lines  --force-v3-sigs --allow-weak-digest-algos
 --cipher-algo IDEA --digest-algo MD5 --compress-algo ZIP}.
 It also disables @option{--textmode} when encrypting.

@ -2608,6 +2608,13 @@ necessary to get as much data as possible out of the corrupt message.
 However, be aware that a MDC protection failure may also mean that the
 message was tampered with intentionally by an attacker.

+@item --allow-weak-digest-algos
+@opindex allow-weak-digest-algos
+Signatures made with the broken MD5 algorithm are normally rejected
+with an ``invalid digest algorithm'' message.  This option allows the
+verification of signatures made with such weak algorithms.
+
+
@item --no-default-keyring
@opindex no-default-keyring
 Do not add the default keyrings to the list of keyrings. Note that