1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-09 12:54:23 +01:00

gpg: Print warning when rejecting weak digests

* g10/misc.c (print_md5_rejected_note): Rename to ..
(print_digest_rejected_note): this.  Parameterize function to take an
enum gcry_md_algos.
* g10/sig-check.c: Use print_digest_rejected_note() when rejecting
signatures.

--

76afaed65e3b0ddfa4923cb577ada43217dd4b18 allowed extra --weak-digests,
but removed the one call to print_md5_rejected_note().  This replaces
and generalizes that warning.

Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This commit is contained in:
Daniel Kahn Gillmor 2015-10-19 10:41:23 -04:00 committed by Werner Koch
parent 76afaed65e
commit b98939812a
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
3 changed files with 11 additions and 5 deletions

View File

@ -87,7 +87,7 @@ extern int g10_errors_seen;
void print_pubkey_algo_note (pubkey_algo_t algo); void print_pubkey_algo_note (pubkey_algo_t algo);
void print_cipher_algo_note (cipher_algo_t algo); void print_cipher_algo_note (cipher_algo_t algo);
void print_digest_algo_note (digest_algo_t algo); void print_digest_algo_note (digest_algo_t algo);
void print_md5_rejected_note (void); void print_digest_rejected_note (enum gcry_md_algos algo);
void additional_weak_digest (const char* digestname); void additional_weak_digest (const char* digestname);
/*-- armor.c --*/ /*-- armor.c --*/

View File

@ -339,7 +339,7 @@ print_digest_algo_note (digest_algo_t algo)
void void
print_md5_rejected_note (void) print_digest_rejected_note (enum gcry_md_algos algo)
{ {
static int shown; static int shown;
@ -348,7 +348,7 @@ print_md5_rejected_note (void)
es_fflush (es_stdout); es_fflush (es_stdout);
log_info log_info
(_("Note: signatures using the %s algorithm are rejected\n"), (_("Note: signatures using the %s algorithm are rejected\n"),
"MD5"); gcry_md_algo_name(algo));
shown = 1; shown = 1;
} }
} }

View File

@ -282,11 +282,17 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
if (!opt.flags.allow_weak_digest_algos) if (!opt.flags.allow_weak_digest_algos)
{ {
if (sig->digest_algo == GCRY_MD_MD5) if (sig->digest_algo == GCRY_MD_MD5)
{
print_digest_rejected_note(sig->digest_algo);
return GPG_ERR_DIGEST_ALGO; return GPG_ERR_DIGEST_ALGO;
}
for (weak = opt.additional_weak_digests; weak; weak = weak->next) for (weak = opt.additional_weak_digests; weak; weak = weak->next)
if (sig->digest_algo == weak->algo) if (sig->digest_algo == weak->algo)
{
print_digest_rejected_note(sig->digest_algo);
return GPG_ERR_DIGEST_ALGO; return GPG_ERR_DIGEST_ALGO;
} }
}
/* Make sure the digest algo is enabled (in case of a detached /* Make sure the digest algo is enabled (in case of a detached
signature). */ signature). */