security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-02-22 19:58:29 +01:00
Code Activity

* mainproc.c (proc_plaintext): Properly handle SIG+LITERAL (old-style PGP)

Browse Source 
signatures that use hashes other than SHA-1, RIPEMD160, or MD5.
This commit is contained in:
David Shaw 2005-04-01 16:22:34 +00:00
parent c43423f0bd
commit 727cda9758
2 changed files with 41 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
g10/ChangeLog
View File

@ -1,3 +1,9 @@
2005-04-01 David Shaw <dshaw@jabberwocky.com>
* mainproc.c (proc_plaintext): Properly handle SIG+LITERAL
(old-style PGP) signatures that use hashes other than SHA-1,
RIPEMD160, or MD5.
2005-03-31 David Shaw <dshaw@jabberwocky.com> 2005-03-31 David Shaw <dshaw@jabberwocky.com>
* exec.h, exec.c (set_exec_path): Remove some dead code and change * exec.h, exec.c (set_exec_path): Remove some dead code and change

32
g10/mainproc.c
View File

@ -600,7 +600,6 @@ proc_encrypted( CTX c, PACKET *pkt )
} }
static void static void
proc_plaintext( CTX c, PACKET *pkt ) proc_plaintext( CTX c, PACKET *pkt )
{ {
@ -621,9 +620,13 @@ proc_plaintext( CTX c, PACKET *pkt )
* See: Russ Allbery's mail 1999-02-09 * See: Russ Allbery's mail 1999-02-09
*/ */
any = clearsig = only_md5 = 0; any = clearsig = only_md5 = 0;
for(n=c->list; n; n = n->next ) { for(n=c->list; n; n = n->next )
if( n->pkt->pkttype == PKT_ONEPASS_SIG ) { {
if( n->pkt->pkt.onepass_sig->digest_algo ) { if( n->pkt->pkttype == PKT_ONEPASS_SIG )
{
/* For the onepass signature case */
if( n->pkt->pkt.onepass_sig->digest_algo )
{
md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo ); md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo );
if( !any && n->pkt->pkt.onepass_sig->digest_algo if( !any && n->pkt->pkt.onepass_sig->digest_algo
== DIGEST_ALGO_MD5 ) == DIGEST_ALGO_MD5 )
@ -637,7 +640,9 @@ proc_plaintext( CTX c, PACKET *pkt )
} }
else if( n->pkt->pkttype == PKT_GPG_CONTROL else if( n->pkt->pkttype == PKT_GPG_CONTROL
&& n->pkt->pkt.gpg_control->control && n->pkt->pkt.gpg_control->control
== CTRLPKT_CLEARSIGN_START ) { == CTRLPKT_CLEARSIGN_START )
{
/* For the clearsigned message case */
size_t datalen = n->pkt->pkt.gpg_control->datalen; size_t datalen = n->pkt->pkt.gpg_control->datalen;
const byte *data = n->pkt->pkt.gpg_control->data; const byte *data = n->pkt->pkt.gpg_control->data;
@ -650,12 +655,23 @@ proc_plaintext( CTX c, PACKET *pkt )
for( data++, datalen--; datalen; datalen--, data++ ) for( data++, datalen--; datalen; datalen--, data++ )
md_enable( c->mfx.md, *data ); md_enable( c->mfx.md, *data );
any = 1; any = 1;
break; /* no pass signature pakets are expected */ break; /* no pass signature packets are expected */
}
else if(n->pkt->pkttype==PKT_SIGNATURE)
{
/* For the SIG+LITERAL case that PGP used to use. */
md_enable( c->mfx.md, n->pkt->pkt.signature->digest_algo );
any=1;
} }
} }
if( !any && !opt.skip_verify ) { if( !any && !opt.skip_verify )
/* no onepass sig packet: enable all standard algos */ {
/* This is for the old GPG LITERAL+SIG case. It's not legal
according to 2440, so hopefully it won't come up that
often. There is no good way to specify what algorithms to
use in that case, so these three are the historical
answer. */
md_enable( c->mfx.md, DIGEST_ALGO_RMD160 ); md_enable( c->mfx.md, DIGEST_ALGO_RMD160 );
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 ); md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); md_enable( c->mfx.md, DIGEST_ALGO_MD5 );