* mainproc.c (proc_plaintext): Properly handle SIG+LITERAL (old-style PGP)

signatures that use hashes other than SHA-1, RIPEMD160, or MD5.
2025-02-21 19:48:05 +01:00 · 2005-04-01 16:22:34 +00:00 · 2005-04-01 16:22:34 +00:00 · 727cda9758
commit 727cda9758
parent c43423f0bd
2 changed files with 41 additions and 19 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,9 @@
+2005-04-01  David Shaw  <dshaw@jabberwocky.com>
+
+	* mainproc.c (proc_plaintext): Properly handle SIG+LITERAL
+	(old-style PGP) signatures that use hashes other than SHA-1,
+	RIPEMD160, or MD5.
+
 2005-03-31  David Shaw  <dshaw@jabberwocky.com>

 	* exec.h, exec.c (set_exec_path): Remove some dead code and change
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -600,7 +600,6 @@ proc_encrypted( CTX c, PACKET *pkt )
 }


-
 static void
 proc_plaintext( CTX c, PACKET *pkt )
 {
@ -621,45 +620,62 @@ proc_plaintext( CTX c, PACKET *pkt )
     * See: Russ Allbery's mail 1999-02-09
     */
    any = clearsig = only_md5 = 0;
-    for(n=c->list; n; n = n->next ) {
-	if( n->pkt->pkttype == PKT_ONEPASS_SIG ) {
-	    if( n->pkt->pkt.onepass_sig->digest_algo ) {
+    for(n=c->list; n; n = n->next )
+      {
+	if( n->pkt->pkttype == PKT_ONEPASS_SIG )
+	  {
+  	    /* For the onepass signature case */
+	    if( n->pkt->pkt.onepass_sig->digest_algo )
+	      {
 		md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo );
 		if( !any && n->pkt->pkt.onepass_sig->digest_algo
-						      == DIGEST_ALGO_MD5 )
-		    only_md5 = 1;
+		    == DIGEST_ALGO_MD5 )
+		  only_md5 = 1;
 		else
-		    only_md5 = 0;
+		  only_md5 = 0;
 		any = 1;
-	    }
+	      }
 	    if( n->pkt->pkt.onepass_sig->sig_class != 0x01 )
-		only_md5 = 0;
-	}
+	      only_md5 = 0;
+	  }
 	else if( n->pkt->pkttype == PKT_GPG_CONTROL
                 && n->pkt->pkt.gpg_control->control
-                    == CTRLPKT_CLEARSIGN_START ) {
+		 == CTRLPKT_CLEARSIGN_START )
+	  {
+	    /* For the clearsigned message case */
            size_t datalen = n->pkt->pkt.gpg_control->datalen;
            const byte *data = n->pkt->pkt.gpg_control->data;

            /* check that we have at least the sigclass and one hash */
            if ( datalen < 2 )
-                log_fatal("invalid control packet CTRLPKT_CLEARSIGN_START\n"); 
+	      log_fatal("invalid control packet CTRLPKT_CLEARSIGN_START\n"); 
            /* Note that we don't set the clearsig flag for not-dash-escaped
             * documents */
            clearsig = (*data == 0x01);
            for( data++, datalen--; datalen; datalen--, data++ )
-                md_enable( c->mfx.md, *data );
+	      md_enable( c->mfx.md, *data );
            any = 1;
-            break;  /* no pass signature pakets are expected */
-        }
-    }
+            break;  /* no pass signature packets are expected */
+	  }
+	else if(n->pkt->pkttype==PKT_SIGNATURE)
+	  {
+	    /* For the SIG+LITERAL case that PGP used to use. */
+	    md_enable( c->mfx.md, n->pkt->pkt.signature->digest_algo );
+	    any=1;
+	  }
+      }

-    if( !any && !opt.skip_verify ) {
-	/* no onepass sig packet: enable all standard algos */
+    if( !any && !opt.skip_verify )
+      {
+	/* This is for the old GPG LITERAL+SIG case.  It's not legal
+	   according to 2440, so hopefully it won't come up that
+	   often.  There is no good way to specify what algorithms to
+	   use in that case, so these three are the historical
+	   answer. */
 	md_enable( c->mfx.md, DIGEST_ALGO_RMD160 );
 	md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
 	md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
-    }
+      }
    if( opt.pgp2_workarounds && only_md5 && !opt.skip_verify ) {
 	/* This is a kludge to work around a bug in pgp2.  It does only
 	 * catch those mails which are armored.  To catch the non-armored