mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-25 15:27:03 +01:00
gpg: Avoid using cached MD5 signature status.
* g10/sig-check.c (check_key_signature2): Avoid using a cached MD5 signature status. * g10/keyring.c (keyring_get_keyblock): Ditto. (write_keyblock): Ditto. * g10/sig-check.c (do_check): Move reject warning to ... * g10/misc.c (print_md5_rejected_note): new. -- Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
f952fe8c6d
commit
9112fed78b
@ -434,11 +434,18 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
|
||||
&& (pkt->pkt.ring_trust->sigcache & 1) ) {
|
||||
/* This is a ring trust packet with a checked signature
|
||||
* status cache following directly a signature paket.
|
||||
* Set the cache status into that signature packet. */
|
||||
* Set the cache status into that signature packet.
|
||||
*
|
||||
* We do not use cached signatures made with MD5 to
|
||||
* avoid using a cached status created with an older
|
||||
* version of gpg. */
|
||||
PKT_signature *sig = lastnode->pkt->pkt.signature;
|
||||
|
||||
sig->flags.checked = 1;
|
||||
sig->flags.valid = !!(pkt->pkt.ring_trust->sigcache & 2);
|
||||
if (sig->digest_algo != DIGEST_ALGO_MD5)
|
||||
{
|
||||
sig->flags.checked = 1;
|
||||
sig->flags.valid = !!(pkt->pkt.ring_trust->sigcache & 2);
|
||||
}
|
||||
}
|
||||
/* Reset LASTNODE, so that we set the cache status only from
|
||||
* the ring trust packet immediately following a signature. */
|
||||
@ -490,8 +497,11 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
|
||||
&& lastnode->pkt->pkttype == PKT_SIGNATURE
|
||||
&& (pkt->pkt.ring_trust->sigcache & 1) ) {
|
||||
PKT_signature *sig = lastnode->pkt->pkt.signature;
|
||||
sig->flags.checked = 1;
|
||||
sig->flags.valid = !!(pkt->pkt.ring_trust->sigcache & 2);
|
||||
if (sig->digest_algo != DIGEST_ALGO_MD5)
|
||||
{
|
||||
sig->flags.checked = 1;
|
||||
sig->flags.valid = !!(pkt->pkt.ring_trust->sigcache & 2);
|
||||
}
|
||||
}
|
||||
*ret_kb = keyblock;
|
||||
}
|
||||
@ -1354,7 +1364,7 @@ write_keyblock (IOBUF fp, KBNODE keyblock)
|
||||
PKT_signature *sig = node->pkt->pkt.signature;
|
||||
unsigned int cacheval = 0;
|
||||
|
||||
if (sig->flags.checked)
|
||||
if (sig->flags.checked && sig->digest_algo != DIGEST_ALGO_MD5)
|
||||
{
|
||||
cacheval |= 1;
|
||||
if (sig->flags.valid)
|
||||
|
@ -63,9 +63,6 @@ extern int g10_errors_seen;
|
||||
#else
|
||||
void g10_exit(int rc);
|
||||
#endif
|
||||
void print_pubkey_algo_note( int algo );
|
||||
void print_cipher_algo_note( int algo );
|
||||
void print_digest_algo_note( int algo );
|
||||
|
||||
/*-- armor.c --*/
|
||||
char *make_radix64_string( const byte *data, size_t len );
|
||||
@ -82,6 +79,10 @@ u16 checksum( byte *p, unsigned n );
|
||||
u16 checksum_mpi( gcry_mpi_t a );
|
||||
u32 buffer_to_u32( const byte *buffer );
|
||||
const byte *get_session_marker( size_t *rlen );
|
||||
void print_pubkey_algo_note( int algo );
|
||||
void print_cipher_algo_note( int algo );
|
||||
void print_digest_algo_note( int algo );
|
||||
void print_md5_rejected_note (void);
|
||||
int map_cipher_openpgp_to_gcry (int algo);
|
||||
#define openpgp_cipher_open(_a,_b,_c,_d) gcry_cipher_open((_a),map_cipher_openpgp_to_gcry((_b)),(_c),(_d))
|
||||
#define openpgp_cipher_get_algo_keylen(_a) gcry_cipher_get_algo_keylen(map_cipher_openpgp_to_gcry((_a)))
|
||||
|
16
g10/misc.c
16
g10/misc.c
@ -340,6 +340,22 @@ print_digest_algo_note( int algo )
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
print_md5_rejected_note (void)
|
||||
{
|
||||
static int shown;
|
||||
|
||||
if (!shown)
|
||||
{
|
||||
fflush (stdout);
|
||||
log_info
|
||||
(_("Note: signatures using the %s algorithm are rejected\n"),
|
||||
"MD5");
|
||||
shown = 1;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do
|
||||
this for algorithms we implemented in Libgcrypt after they become
|
||||
part of OpenPGP. */
|
||||
|
@ -272,16 +272,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
|
||||
if (sig->digest_algo == GCRY_MD_MD5
|
||||
&& !opt.flags.allow_weak_digest_algos)
|
||||
{
|
||||
static int shown;
|
||||
|
||||
if (!shown)
|
||||
{
|
||||
log_info
|
||||
(_("Note: signatures using the %s algorithm are rejected\n"),
|
||||
"MD5");
|
||||
shown = 1;
|
||||
}
|
||||
|
||||
print_md5_rejected_note ();
|
||||
return GPG_ERR_DIGEST_ALGO;
|
||||
}
|
||||
|
||||
@ -549,9 +540,11 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
|
||||
/* Check whether we have cached the result of a previous signature
|
||||
check. Note that we may no longer have the pubkey or hash
|
||||
needed to verify a sig, but can still use the cached value. A
|
||||
cache refresh detects and clears these cases. */
|
||||
cache refresh detects and clears these cases.
|
||||
For safety reasons we ignore cache entries from MD5 signatures. */
|
||||
if ( !opt.no_sig_cache ) {
|
||||
if (sig->flags.checked) { /*cached status available*/
|
||||
if (sig->flags.checked && sig->digest_algo != DIGEST_ALGO_MD5) {
|
||||
/*cached status available*/
|
||||
if( is_selfsig ) {
|
||||
u32 keyid[2];
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user