security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-05-24 16:43:28 +02:00
Code Activity

Fix for bug 797.

Browse Source
This commit is contained in:
Werner Koch 2007-05-16 11:10:07 +00:00
parent ad3ab7a059
commit dae4b2a83a
2 changed files with 20 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
g10/ChangeLog
View File

@ -1,3 +1,8 @@
2007-05-16 Werner Koch <wk@g10code.com>
* sig-check.c (check_backsig): Check the digest algorithm before
using it. Fixed bug 797.
2007-05-09 Werner Koch <wk@g10code.com> 2007-05-09 Werner Koch <wk@g10code.com>
* openfile.c (overwrite_filep, open_outfile) [W32]: Need to use * openfile.c (overwrite_filep, open_outfile) [W32]: Need to use

27
g10/sig-check.c
View File

@ -438,22 +438,25 @@ check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
gcry_md_hd_t md; gcry_md_hd_t md;
int rc; int rc;
/* Always check whether the algorithm is available. Although
gcry_md_open woyuld throw an error, some libgcrypt versions will
print a debug message in that case too. */
if ((rc=openpgp_md_test_algo (backsig->digest_algo)))
return rc;
if(!opt.no_sig_cache && backsig->flags.checked) if(!opt.no_sig_cache && backsig->flags.checked)
return backsig->flags.valid? 0 : gpg_error (GPG_ERR_BAD_SIGNATURE);
rc = gcry_md_open (&md, backsig->digest_algo,0);
if (!rc)
{ {
if((rc=openpgp_md_test_algo (backsig->digest_algo))) hash_public_key(md,main_pk);
return rc; hash_public_key(md,sub_pk);
rc=do_check(sub_pk,backsig,md,NULL,NULL,NULL);
return backsig->flags.valid? 0 : gpg_error (GPG_ERR_BAD_SIGNATURE); cache_sig_result(backsig,rc);
gcry_md_close(md);
} }
if (gcry_md_open (&md, backsig->digest_algo,0))
BUG ();
hash_public_key(md,main_pk);
hash_public_key(md,sub_pk);
rc=do_check(sub_pk,backsig,md,NULL,NULL,NULL);
cache_sig_result(backsig,rc);
gcry_md_close(md);
return rc; return rc;
} }