mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-09 12:54:23 +01:00
gpg: Print warning when rejecting weak digests
* g10/misc.c (print_md5_rejected_note): Rename to .. (print_digest_rejected_note): this. Parameterize function to take an enum gcry_md_algos. * g10/sig-check.c: Use print_digest_rejected_note() when rejecting signatures. -- 76afaed65e3b0ddfa4923cb577ada43217dd4b18 allowed extra --weak-digests, but removed the one call to print_md5_rejected_note(). This replaces and generalizes that warning. Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
parent
76afaed65e
commit
b98939812a
@ -87,7 +87,7 @@ extern int g10_errors_seen;
|
|||||||
void print_pubkey_algo_note (pubkey_algo_t algo);
|
void print_pubkey_algo_note (pubkey_algo_t algo);
|
||||||
void print_cipher_algo_note (cipher_algo_t algo);
|
void print_cipher_algo_note (cipher_algo_t algo);
|
||||||
void print_digest_algo_note (digest_algo_t algo);
|
void print_digest_algo_note (digest_algo_t algo);
|
||||||
void print_md5_rejected_note (void);
|
void print_digest_rejected_note (enum gcry_md_algos algo);
|
||||||
void additional_weak_digest (const char* digestname);
|
void additional_weak_digest (const char* digestname);
|
||||||
|
|
||||||
/*-- armor.c --*/
|
/*-- armor.c --*/
|
||||||
|
@ -339,7 +339,7 @@ print_digest_algo_note (digest_algo_t algo)
|
|||||||
|
|
||||||
|
|
||||||
void
|
void
|
||||||
print_md5_rejected_note (void)
|
print_digest_rejected_note (enum gcry_md_algos algo)
|
||||||
{
|
{
|
||||||
static int shown;
|
static int shown;
|
||||||
|
|
||||||
@ -348,7 +348,7 @@ print_md5_rejected_note (void)
|
|||||||
es_fflush (es_stdout);
|
es_fflush (es_stdout);
|
||||||
log_info
|
log_info
|
||||||
(_("Note: signatures using the %s algorithm are rejected\n"),
|
(_("Note: signatures using the %s algorithm are rejected\n"),
|
||||||
"MD5");
|
gcry_md_algo_name(algo));
|
||||||
shown = 1;
|
shown = 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -282,11 +282,17 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
|
|||||||
if (!opt.flags.allow_weak_digest_algos)
|
if (!opt.flags.allow_weak_digest_algos)
|
||||||
{
|
{
|
||||||
if (sig->digest_algo == GCRY_MD_MD5)
|
if (sig->digest_algo == GCRY_MD_MD5)
|
||||||
|
{
|
||||||
|
print_digest_rejected_note(sig->digest_algo);
|
||||||
return GPG_ERR_DIGEST_ALGO;
|
return GPG_ERR_DIGEST_ALGO;
|
||||||
|
}
|
||||||
for (weak = opt.additional_weak_digests; weak; weak = weak->next)
|
for (weak = opt.additional_weak_digests; weak; weak = weak->next)
|
||||||
if (sig->digest_algo == weak->algo)
|
if (sig->digest_algo == weak->algo)
|
||||||
|
{
|
||||||
|
print_digest_rejected_note(sig->digest_algo);
|
||||||
return GPG_ERR_DIGEST_ALGO;
|
return GPG_ERR_DIGEST_ALGO;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* Make sure the digest algo is enabled (in case of a detached
|
/* Make sure the digest algo is enabled (in case of a detached
|
||||||
signature). */
|
signature). */
|
||||||
|
Loading…
x
Reference in New Issue
Block a user