diff --git a/g10/ChangeLog b/g10/ChangeLog index d6fb5b699..4f0ca21ed 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,16 @@ +2002-01-24 David Shaw + + * pubkey-enc.c (is_algo_in_prefs, get_it): Only check preferences + against keys with v4 self sigs - there is really little point in + warning for every single non-IDEA message encrypted to an old key. + + * pkclist.c (select_algo_from_prefs): Only put in the fake IDEA + preference if --pgp2 is on. + + * mainproc.c (check_sig_and_print): Print "Expired" for expired + but good signatures (this still prints "BAD" for expired but bad + signatures). + 2002-01-23 David Shaw * keygen.c (ask_keysize): Cosmetic: don't present a RSA signing diff --git a/g10/mainproc.c b/g10/mainproc.c index 0f4342730..08a205b18 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -1286,7 +1286,8 @@ check_sig_and_print( CTX c, KBNODE node ) -1 ); log_info(rc? _("BAD signature from \"") - : _("Good signature from \"")); + : sig->flags.expired ? _("Expired signature from \"") + : _("Good signature from \"")); print_utf8_string( log_stream(), un->pkt->pkt.user_id->name, un->pkt->pkt.user_id->len ); fputs("\"\n", log_stream() ); @@ -1307,7 +1308,8 @@ check_sig_and_print( CTX c, KBNODE node ) un? un->pkt->pkt.user_id->len:3, -1 ); - log_info(rc? _("BAD signature from \"") + log_info(rc? _("BAD signature from \"") + : sig->flags.expired ? _("Expired signature from \"") : _("Good signature from \"")); if (!opt.always_trust && un) { fputs(_("[uncertain]"), log_stream() ); diff --git a/g10/pkclist.c b/g10/pkclist.c index 4c1ac50a2..9847e0f8f 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -967,11 +967,14 @@ select_algo_from_prefs( PK_LIST pk_list, int preftype ) memset( mask, 0, 8 * sizeof *mask ); if( preftype == PREFTYPE_SYM ) { - if( pkr->pk->version < 4 && pkr->pk->selfsigversion < 4 ) + if( pkr->pk->version < 4 && + pkr->pk->selfsigversion < 4 && + opt.pgp2 ) mask[0] |= (1<<1); /* IDEA is implicitly there for v3 keys - with v3 selfsigs (rfc2440:12.1). - This doesn't mean it's actually - available, of course. */ + with v3 selfsigs (rfc2440:12.1) if + --pgp2 mode is on. This doesn't + mean it's actually available, of + course. */ else mask[0] |= (1<<2); /* 3DES is implicitly there for everyone else */ } diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index d08cd7c12..05ba85f85 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -46,14 +46,6 @@ is_algo_in_prefs ( KBNODE keyblock, preftype_t type, int algo ) KBNODE k; for (k=keyblock; k; k=k->next) { - /* Fake IDEA preference for v3 keys with v3 selfsigs */ - if (k->pkt->pkttype == PKT_PUBLIC_KEY && - k->pkt->pkt.public_key->version < 4 && - k->pkt->pkt.public_key->selfsigversion < 4 && - type==PREFTYPE_SYM && - algo==CIPHER_ALGO_IDEA) - return 1; - if (k->pkt->pkttype == PKT_USER_ID) { PKT_user_id *uid = k->pkt->pkt.user_id; prefitem_t *prefs = uid->prefs; @@ -216,7 +208,8 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid ) rc = -1; log_error("oops: public key not found for preference check\n"); } - else if( dek->algo != CIPHER_ALGO_3DES + else if( pkb->pkt->pkt.public_key->selfsigversion > 3 + && dek->algo != CIPHER_ALGO_3DES && !is_algo_in_prefs( pkb, PREFTYPE_SYM, dek->algo ) ) { /* Don't print a note while we are not on verbose mode, * the cipher is blowfish and the preferences have twofish