security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

gpg: Do not use weak digest algos if selected by recipient prefs.

Browse source 
* g10/misc.c (is_weak_digest): New.
(print_digest_algo_note): Use it here.
* g10/sig-check.c (check_signature_end_simple): Use it.
* g10/sign.c (hash_for): Do not use recipient_digest_algo if it is in
the least of weak digest algorithm.
--

If a message is signed and encrypted to several recipients, the to be
used digest algorithm is deduced from the preferences of the
recipient.  This is so that all recipients are able to check the the
signature.  However, if the sender has a declared an algorithm as
week, that algorithm shall not be used - in this case we fallback to
the standard way of selecting an algorithm.

Note that a smarter way of selecting the algo is to check this while
figuring out the algorithm - this needs more testing and thus we do it
the simple way.

Reported-by: Phil Pennock
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 15746d60d4
This commit is contained in:
Werner Koch 2020-11-02 13:39:58 +01:00
parent 8a94142808
commit 4c181d51a6
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
4 changed files with 37 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

34
g10/misc.c
View file

@ -311,12 +311,11 @@ print_cipher_algo_note (cipher_algo_t algo)
void
print_digest_algo_note (digest_algo_t algo)
{
const enum gcry_md_algos galgo = map_md_openpgp_to_gcry (algo);
const struct weakhash *weak;
if(algo >= 100 && algo <= 110)
{
static int warn=0;
const enum gcry_md_algos galgo = map_md_openpgp_to_gcry (algo);
if(!warn)
{
warn=1;
@ -325,14 +324,13 @@ print_digest_algo_note (digest_algo_t algo)
gcry_md_algo_name (galgo));
}
}
else
for (weak = opt.weak_digests; weak != NULL; weak = weak->next)
if (weak->algo == galgo)
{
es_fflush (es_stdout);
log_info (_("WARNING: digest algorithm %s is deprecated\n"),
gcry_md_algo_name (galgo));
}
else if (is_weak_digest (algo))
{
const enum gcry_md_algos galgo = map_md_openpgp_to_gcry (algo);
es_fflush (es_stdout);
log_info (_("WARNING: digest algorithm %s is deprecated\n"),
gcry_md_algo_name (galgo));
}
}
@ -1860,3 +1858,17 @@ additional_weak_digest (const char* digestname)
weak->next = opt.weak_digests;
opt.weak_digests = weak;
}
/* Return true if ALGO is in the list of weak digests. */
int
is_weak_digest (digest_algo_t algo)
{
const enum gcry_md_algos galgo = map_md_openpgp_to_gcry (algo);
const struct weakhash *weak;
for (weak = opt.weak_digests; weak; weak = weak->next)
if (weak->algo == galgo)
return 1;
return 0;
}