mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-25 15:27:03 +01:00
Only check preferences against keys with v4 self sigs as v3 sigs have no
prefs Only put in the fake IDEA preference with --pgp2 mode Print "Expired" for expired but good signatures.
This commit is contained in:
parent
1cad77d9b4
commit
a6f19f40d9
@ -1,3 +1,16 @@
|
||||
2002-01-24 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* pubkey-enc.c (is_algo_in_prefs, get_it): Only check preferences
|
||||
against keys with v4 self sigs - there is really little point in
|
||||
warning for every single non-IDEA message encrypted to an old key.
|
||||
|
||||
* pkclist.c (select_algo_from_prefs): Only put in the fake IDEA
|
||||
preference if --pgp2 is on.
|
||||
|
||||
* mainproc.c (check_sig_and_print): Print "Expired" for expired
|
||||
but good signatures (this still prints "BAD" for expired but bad
|
||||
signatures).
|
||||
|
||||
2002-01-23 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* keygen.c (ask_keysize): Cosmetic: don't present a RSA signing
|
||||
|
@ -1286,7 +1286,8 @@ check_sig_and_print( CTX c, KBNODE node )
|
||||
-1 );
|
||||
|
||||
log_info(rc? _("BAD signature from \"")
|
||||
: _("Good signature from \""));
|
||||
: sig->flags.expired ? _("Expired signature from \"")
|
||||
: _("Good signature from \""));
|
||||
print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
|
||||
un->pkt->pkt.user_id->len );
|
||||
fputs("\"\n", log_stream() );
|
||||
@ -1307,7 +1308,8 @@ check_sig_and_print( CTX c, KBNODE node )
|
||||
un? un->pkt->pkt.user_id->len:3,
|
||||
-1 );
|
||||
|
||||
log_info(rc? _("BAD signature from \"")
|
||||
log_info(rc? _("BAD signature from \"")
|
||||
: sig->flags.expired ? _("Expired signature from \"")
|
||||
: _("Good signature from \""));
|
||||
if (!opt.always_trust && un) {
|
||||
fputs(_("[uncertain]"), log_stream() );
|
||||
|
@ -967,11 +967,14 @@ select_algo_from_prefs( PK_LIST pk_list, int preftype )
|
||||
|
||||
memset( mask, 0, 8 * sizeof *mask );
|
||||
if( preftype == PREFTYPE_SYM ) {
|
||||
if( pkr->pk->version < 4 && pkr->pk->selfsigversion < 4 )
|
||||
if( pkr->pk->version < 4 &&
|
||||
pkr->pk->selfsigversion < 4 &&
|
||||
opt.pgp2 )
|
||||
mask[0] |= (1<<1); /* IDEA is implicitly there for v3 keys
|
||||
with v3 selfsigs (rfc2440:12.1).
|
||||
This doesn't mean it's actually
|
||||
available, of course. */
|
||||
with v3 selfsigs (rfc2440:12.1) if
|
||||
--pgp2 mode is on. This doesn't
|
||||
mean it's actually available, of
|
||||
course. */
|
||||
else
|
||||
mask[0] |= (1<<2); /* 3DES is implicitly there for everyone else */
|
||||
}
|
||||
|
@ -46,14 +46,6 @@ is_algo_in_prefs ( KBNODE keyblock, preftype_t type, int algo )
|
||||
KBNODE k;
|
||||
|
||||
for (k=keyblock; k; k=k->next) {
|
||||
/* Fake IDEA preference for v3 keys with v3 selfsigs */
|
||||
if (k->pkt->pkttype == PKT_PUBLIC_KEY &&
|
||||
k->pkt->pkt.public_key->version < 4 &&
|
||||
k->pkt->pkt.public_key->selfsigversion < 4 &&
|
||||
type==PREFTYPE_SYM &&
|
||||
algo==CIPHER_ALGO_IDEA)
|
||||
return 1;
|
||||
|
||||
if (k->pkt->pkttype == PKT_USER_ID) {
|
||||
PKT_user_id *uid = k->pkt->pkt.user_id;
|
||||
prefitem_t *prefs = uid->prefs;
|
||||
@ -216,7 +208,8 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
|
||||
rc = -1;
|
||||
log_error("oops: public key not found for preference check\n");
|
||||
}
|
||||
else if( dek->algo != CIPHER_ALGO_3DES
|
||||
else if( pkb->pkt->pkt.public_key->selfsigversion > 3
|
||||
&& dek->algo != CIPHER_ALGO_3DES
|
||||
&& !is_algo_in_prefs( pkb, PREFTYPE_SYM, dek->algo ) ) {
|
||||
/* Don't print a note while we are not on verbose mode,
|
||||
* the cipher is blowfish and the preferences have twofish
|
||||
|
Loading…
x
Reference in New Issue
Block a user