security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpg: Reject signatures made with MD5. 

* g10/gpg.c: Add option --allow-weak-digest-algos.
(main): Set option also in PGP2 mode.
* g10/options.h (struct opt): Add flags.allow_weak_digest_algos.
* g10/sig-check.c (do_check): Reject MD5 signatures.
* tests/openpgp/defs.inc: Add allow_weak_digest_algos to gpg.conf.
This commit is contained in:
Werner Koch 2014-03-17 17:54:36 +01:00
parent 1e2e39c575
commit f90cfe6b66
5 changed files with 36 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
doc/gpg.texi
View File

@ -2276,9 +2276,10 @@ a message that PGP 2.x will not be able to handle. Note that `PGP
available, but the MIT release is a good common baseline.
This option implies @option{--rfc1991 --disable-mdc
--no-force-v4-certs --escape-from-lines --force-v3-sigs --cipher-algo
IDEA --digest-algo MD5 --compress-algo ZIP}. It also disables
@option{--textmode} when encrypting.
--no-force-v4-certs --escape-from-lines --force-v3-sigs
--allow-weak-digest-algos --cipher-algo IDEA --digest-algo
MD5--compress-algo ZIP}. It also disables @option{--textmode} when
encrypting.
@item --pgp6
@opindex pgp6
@ -2734,6 +2735,13 @@ necessary to get as much data as possible out of the corrupt message.
However, be aware that a MDC protection failure may also mean that the
message was tampered with intentionally by an attacker.
@item --allow-weak-digest-algos
@opindex allow-weak-digest-algos
Signatures made with the broken MD5 algorithm are normally rejected
with an ``invalid digest algorithm'' message. This option allows the
verification of signatures made with such weak algorithms.
@item --no-default-keyring
@opindex no-default-keyring
Do not add the default keyrings to the list of keyrings. Note that

7
g10/gpg.c
View File

@ -374,6 +374,7 @@ enum cmd_and_opt_values
oDisableDSA2,
oAllowMultipleMessages,
oNoAllowMultipleMessages,
oAllowWeakDigestAlgos,
oFakedSystemTime,
oNoop
@ -768,6 +769,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oDisableDSA2, "disable-dsa2", "@"),
ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"),
ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"),
ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"),
/* These two are aliases to help users of the PGP command line
product use gpg with minimal pain. Many commands are common
@ -3066,6 +3068,10 @@ main (int argc, char **argv)
opt.flags.allow_multiple_messages=0;
break;
case oAllowWeakDigestAlgos:
opt.flags.allow_weak_digest_algos = 1;
break;
case oFakedSystemTime:
{
time_t faked_time = isotime2epoch (pargs.r.ret_str);
@ -3280,6 +3286,7 @@ main (int argc, char **argv)
opt.pgp2_workarounds = 1;
opt.ask_sig_expire = 0;
opt.ask_cert_expire = 0;
opt.flags.allow_weak_digest_algos = 1;
xfree(def_digest_string);
def_digest_string = xstrdup("md5");
xfree(s2k_digest_string);

1
g10/options.h
View File

@ -228,6 +228,7 @@ struct
unsigned int utf8_filename:1;
unsigned int dsa2:1;
unsigned int allow_multiple_messages:1;
unsigned int allow_weak_digest_algos:1;
} flags;
/* Linked list of ways to find a key if the key isn't on the local

16
g10/sig-check.c
View File

@ -266,6 +266,22 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
if( (rc=do_check_messages(pk,sig,r_expired,r_revoked)) )
return rc;
if (sig->digest_algo == GCRY_MD_MD5
&& !opt.flags.allow_weak_digest_algos)
{
static int shown;
if (!shown)
{
log_info
(_("Note: signatures using the %s algorithm are rejected\n"),
"MD5");
shown = 1;
}
return GPG_ERR_DIGEST_ALGO;
}
/* Make sure the digest algo is enabled (in case of a detached
signature). */
gcry_md_enable (digest, sig->digest_algo);

1
tests/openpgp/defs.inc
View File

@ -245,6 +245,7 @@ for f in gpg.conf gpg-agent.conf ; do
gpg.conf)
[ -n "${opt_always}" ] && echo "no-auto-check-trustdb" >>"$f"
echo "agent-program $GPG_AGENT" >>"$f"
echo "allow-weak-digest-algos" >>"$f"
;;
gpg-agent.conf)