Support the not anymore patented IDEA cipher algorithm.

* cipher/idea.c: New. Take from Libgcrypt master and adjust for direct use in GnuPG. * cipher/idea-stub.c: Remove. * cipher/Makefile.am: Add idea.c and remove idea-stub.c rules. * configure.ac: Remove idea-stub code. * g10/gpg.c (check_permissions): Remove code path for ITEM==2. (main): Make --load-extension a dummy option. * g10/keygen.c (keygen_set_std_prefs): Include IDEA only in PGP2 compatibility mode. * g10/misc.c (idea_cipher_warn): Remove. Also remove all callers. * g10/seckey-cert.c (do_check): Remove emitting of STATUS_RSA_OR_IDEA. * g10/status.c (get_status_string): Remove STATUS_RSA_OR_IDEA. * g10/status.h (STATUS_RSA_OR_IDEA): Remove. -- To keep the number of actually used algorithms low, we support IDEA only in a basically read-only way (unless --pgp2 is used during key generation). It does not make sense to suggest the use of this old 64 bit blocksize algorithm. However, there is old data available where it might be helpful to have IDEA available.
2025-07-03 22:56:33 +02:00 · 2012-11-08 13:25:02 +01:00 · 2012-11-08 13:25:02 +01:00 · b1eac93431
commit b1eac93431
parent c3a5448379
18 changed files with 575 additions and 452 deletions
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -332,14 +332,15 @@ keygen_set_std_prefs (const char *string,int personal)
 	    if(!check_cipher_algo(CIPHER_ALGO_CAST5))
 	      strcat(dummy_string,"S3 ");
 	    strcat(dummy_string,"S2 "); /* 3DES */
-	    /* If we have it, IDEA goes *after* 3DES so it won't be
+	    /* If we have it and we are in PGP2 mode,
+               IDEA goes *after* 3DES so it won't be
 	       used unless we're encrypting along with a V3 key.
 	       Ideally, we would only put the S1 preference in if the
 	       key was RSA and <=2048 bits, as that is what won't
 	       break PGP2, but that is difficult with the current
 	       code, and not really worth checking as a non-RSA <=2048
 	       bit key wouldn't be usable by PGP2 anyway. -dms */
-	    if(!check_cipher_algo(CIPHER_ALGO_IDEA))
+	    if(PGP2 && !check_cipher_algo(CIPHER_ALGO_IDEA))
 	      strcat(dummy_string,"S1 ");


@ -415,12 +416,6 @@ keygen_set_std_prefs (const char *string,int personal)
 	    else
 	      {
 		log_info (_("invalid item `%s' in preference string\n"),tok);
-
-		/* Complain if IDEA is not available. */
-		if(ascii_strcasecmp(tok,"s1")==0
-		   || ascii_strcasecmp(tok,"idea")==0)
-		  idea_cipher_warn(1);
-
 		rc=-1;
 	      }
 	  }