diff --git a/g10/ChangeLog b/g10/ChangeLog index 804a7b1e7..051e7f4b6 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,11 @@ 2002-05-07 David Shaw + * options.h, g10.c (main), getkey.c (finish_lookup), pkclist.c + (algo_available): --pgp7, identical to --pgp6 except that it + permits a few algorithms that PGP 7 added: AES128, AES192, AES256, + and TWOFISH. Any more of these --pgpX flags, and it'll be time to + start looking at a generic --emulate-pgp X option. + * export.c (do_export_stream): Warn the user when exporting a secret key if it or any of its secret subkeys are protected with SHA1 while simple_sk_checksum is set. diff --git a/g10/g10.c b/g10/g10.c index 72376cdb2..f70348986 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -164,6 +164,8 @@ enum cmd_and_opt_values { aNull = 0, oNoPGP2, oPGP6, oNoPGP6, + oPGP7, + oNoPGP7, oCipherAlgo, oDigestAlgo, oCompressAlgo, @@ -420,6 +422,8 @@ static ARGPARSE_OPTS opts[] = { { oNoPGP2, "no-pgp2", 0, "@"}, { oPGP6, "pgp6", 0, "@"}, { oNoPGP6, "no-pgp6", 0, "@"}, + { oPGP7, "pgp7", 0, "@"}, + { oNoPGP7, "no-pgp7", 0, "@"}, { oS2KMode, "s2k-mode", 1, N_("|N|use passphrase mode N")}, { oS2KDigest, "s2k-digest-algo",2, N_("|NAME|use message digest algorithm NAME for passphrases")}, @@ -1117,6 +1121,8 @@ main( int argc, char **argv ) case oNoPGP2: opt.pgp2 = 0; break; case oPGP6: opt.pgp6 = 1; break; case oNoPGP6: opt.pgp6 = 0; break; + case oPGP7: opt.pgp7 = 1; break; + case oNoPGP7: opt.pgp7 = 0; break; case oEmuChecksumBug: opt.emulate_bugs |= EMUBUG_GPGCHKSUM; break; case oEmu3DESS2KBug: opt.emulate_bugs |= EMUBUG_3DESS2K; break; case oEmuMDEncodeBug: opt.emulate_bugs |= EMUBUG_MDENCODE; break; @@ -1392,8 +1398,9 @@ main( int argc, char **argv ) g10_opt_homedir = opt.homedir; /* Do these after the switch(), so they can override settings. */ - if(opt.pgp2 && opt.pgp6) - log_error(_("%s not allowed with %s!\n"),"--pgp2","--pgp6"); + if(opt.pgp2 && (opt.pgp6 || opt.pgp7)) + log_error(_("%s not allowed with %s!\n"), + "--pgp2",opt.pgp6?"--pgp6":"--pgp7"); else { if(opt.pgp2) @@ -1463,7 +1470,7 @@ main( int argc, char **argv ) } } - if(opt.pgp6) + if(opt.pgp6 || opt.pgp7) { opt.force_mdc=0; opt.disable_mdc=1; diff --git a/g10/getkey.c b/g10/getkey.c index a578d51cb..fd8eb5b89 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1834,10 +1834,10 @@ finish_lookup (GETKEY_CTX ctx) #define USAGE_MASK (PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC) unsigned int req_usage = ( ctx->req_usage & USAGE_MASK ); /* Request the primary if we're certifying another key, and also - if signing data while --pgp6 is on (since pgp 6 (and 7) do not - understand signatures made by a signing subkey. */ + if signing data while --pgp6 or --pgp7 is on since pgp 6 and 7 + do not understand signatures made by a signing subkey. */ int req_prim = (ctx->req_usage & PUBKEY_USAGE_CERT) || - (opt.pgp6 && (ctx->req_usage & PUBKEY_USAGE_SIG)); + ((opt.pgp6 || opt.pgp7) && (ctx->req_usage & PUBKEY_USAGE_SIG)); u32 latest_date; KBNODE latest_key; u32 curtime = make_timestamp (); diff --git a/g10/options.h b/g10/options.h index 9093690c2..a5faffa1e 100644 --- a/g10/options.h +++ b/g10/options.h @@ -88,6 +88,8 @@ struct { int always_trust; int pgp2; int pgp6; + int pgp7; /* if we get any more of these, it's time to look at a + special emulate_pgp variable... */ int rfc1991; int rfc2440; int pgp2_workarounds; diff --git a/g10/pkclist.c b/g10/pkclist.c index 393087a5c..26be90f74 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -955,18 +955,19 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use ) /* In pgp6 mode, disallow all ciphers except IDEA (1), 3DES (2), and CAST5 (3), all hashes except MD5 (1), SHA1 (2), and RIPEMD160 (3), - and all compressions except none (0) and ZIP (1). For a true PGP6 - key all of this is unneeded as they are the only items present in - the preferences subpacket, but checking here covers the weird case - of encrypting to a key that had preferences from a different - implementation which was then used with PGP6. I am not completely - comfortable with this as the right thing to do, as it slightly - alters the list of what the user is supposedly requesting. It is - not against the RFC however, as the preference chosen will never be - one that the user didn't specify somewhere ("The implementation may - use any mechanism to pick an algorithm in the intersection"), and - PGP6 has no mechanism to fix such a broken preference list, so I'm - including it. -dms */ + and all compressions except none (0) and ZIP (1). pgp7 mode + expands the cipher list to include AES128 (7), AES192 (8), AES256 + (9), and TWOFISH (10). For a true PGP key all of this is unneeded + as they are the only items present in the preferences subpacket, + but checking here covers the weird case of encrypting to a key that + had preferences from a different implementation which was then used + with PGP. I am not completely comfortable with this as the right + thing to do, as it slightly alters the list of what the user is + supposedly requesting. It is not against the RFC however, as the + preference chosen will never be one that the user didn't specify + somewhere ("The implementation may use any mechanism to pick an + algorithm in the intersection"), and PGP has no mechanism to fix + such a broken preference list, so I'm including it. -dms */ static int algo_available( int preftype, int algo ) @@ -975,16 +976,20 @@ algo_available( int preftype, int algo ) if( opt.pgp6 && ( algo != 1 && algo != 2 && algo != 3) ) return 0; + if( opt.pgp7 && (algo != 1 && algo != 2 && algo != 3 && + algo != 7 && algo != 8 && algo != 9 && algo != 10) ) + return 0; + return algo && !check_cipher_algo( algo ); } else if( preftype == PREFTYPE_HASH ) { - if( opt.pgp6 && ( algo != 1 && algo != 2 && algo != 3) ) + if( (opt.pgp6 || opt.pgp7 ) && ( algo != 1 && algo != 2 && algo != 3) ) return 0; return algo && !check_digest_algo( algo ); } else if( preftype == PREFTYPE_ZIP ) { - if ( opt.pgp6 && ( algo !=0 && algo != 1) ) + if ( ( opt.pgp6 || opt.pgp7 ) && ( algo !=0 && algo != 1) ) return 0; return !algo || algo == 1 || algo == 2;