security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

gpg: Print warning when rejecting weak digests

Browse source 
* g10/misc.c (print_md5_rejected_note): Rename to ..
(print_digest_rejected_note): this.  Parameterize function to take an
enum gcry_md_algos.
* g10/sig-check.c: Use print_digest_rejected_note() when rejecting
signatures.

--

76afaed65e allowed extra --weak-digests,
but removed the one call to print_md5_rejected_note().  This replaces
and generalizes that warning.

Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
Daniel Kahn Gillmor 2015-10-19 10:41:23 -04:00 committed by Werner Koch
parent 76afaed65e
commit b98939812a
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
3 changed files with 11 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
g10/sig-check.c
View file

@ -282,10 +282,16 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
if (!opt.flags.allow_weak_digest_algos)
{
if (sig->digest_algo == GCRY_MD_MD5)
return GPG_ERR_DIGEST_ALGO;
{
print_digest_rejected_note(sig->digest_algo);
return GPG_ERR_DIGEST_ALGO;
}
for (weak = opt.additional_weak_digests; weak; weak = weak->next)
if (sig->digest_algo == weak->algo)
return GPG_ERR_DIGEST_ALGO;
{
print_digest_rejected_note(sig->digest_algo);
return GPG_ERR_DIGEST_ALGO;
}
}
/* Make sure the digest algo is enabled (in case of a detached