gpg: Reject signatures made with MD5.

* g10/gpg.c: Add option --allow-weak-digest-algos. (main): Set option also in PGP2 mode. * g10/options.h (struct opt): Add flags.allow_weak_digest_algos. * g10/sig-check.c (do_check): Reject MD5 signatures. * tests/openpgp/gpg.conf.tmpl: Add allow_weak_digest_algos. -- (cherry picked from commit f90cfe6b66) Resolved conflicts: g10/gpg.c - adjust. tests/openpgp/defs.inc - no changes
2025-07-02 22:46:30 +02:00 · 2015-10-27 00:01:31 -04:00 · 2015-10-27 00:01:31 -04:00 · 43e5d28c6d
commit 43e5d28c6d
parent fc30a414d8
5 changed files with 33 additions and 1 deletions
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -376,6 +376,7 @@ enum cmd_and_opt_values
    oDisableDSA2,
    oAllowMultipleMessages,
    oNoAllowMultipleMessages,
+    oAllowWeakDigestAlgos,

    oNoop
  };
@ -725,6 +726,7 @@ static ARGPARSE_OPTS opts[] = {
    { oDisableDSA2, "disable-dsa2", 0, "@"},
    { oAllowMultipleMessages, "allow-multiple-messages", 0, "@"},
    { oNoAllowMultipleMessages, "no-allow-multiple-messages", 0, "@"},
+    { oAllowWeakDigestAlgos, "allow-weak-digest-algos", 0, "@"},

    /* These two are aliases to help users of the PGP command line
       product use gpg with minimal pain.  Many commands are common
@ -2876,6 +2878,10 @@ main (int argc, char **argv )
 	    opt.flags.allow_multiple_messages=0;
 	    break;

+          case oAllowWeakDigestAlgos:
+            opt.flags.allow_weak_digest_algos = 1;
+            break;
+
 	  case oNoop: break;

 	  default : pargs.err = configfp? 1:2; break;
@ -3043,6 +3049,7 @@ main (int argc, char **argv )
 	    opt.pgp2_workarounds = 1;
 	    opt.ask_sig_expire = 0;
 	    opt.ask_cert_expire = 0;
+            opt.flags.allow_weak_digest_algos = 1;
 	    xfree(def_digest_string);
 	    def_digest_string = xstrdup("md5");
 	    xfree(s2k_digest_string);
--- a/g10/options.h
+++ b/g10/options.h
@ -230,6 +230,7 @@ struct
    unsigned int utf8_filename:1;
    unsigned int dsa2:1;
    unsigned int allow_multiple_messages:1;
+    unsigned int allow_weak_digest_algos:1;
    unsigned int large_rsa:1;
  } flags;

--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@ -243,6 +243,22 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest,
    if( (rc=do_check_messages(pk,sig,r_expired,r_revoked)) )
        return rc;

+    if (sig->digest_algo == DIGEST_ALGO_MD5
+        && !opt.flags.allow_weak_digest_algos)
+      {
+        static int shown;
+
+        if (!shown)
+          {
+            log_info
+              (_("Note: signatures using the %s algorithm are rejected\n"),
+               "MD5");
+            shown = 1;
+          }
+
+        return G10ERR_DIGEST_ALGO;
+      }
+
    /* make sure the digest algo is enabled (in case of a detached signature)*/
    md_enable( digest, sig->digest_algo );