security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpg: Reject signatures made with MD5. 

* g10/gpg.c: Add option --allow-weak-digest-algos.
(main): Set option also in PGP2 mode.
* g10/options.h (struct opt): Add flags.allow_weak_digest_algos.
* g10/sig-check.c (do_check): Reject MD5 signatures.
* tests/openpgp/defs.inc: Add allow_weak_digest_algos to gpg.conf.
This commit is contained in:
Werner Koch 2014-03-17 17:54:36 +01:00
parent 1e2e39c575
commit f90cfe6b66
5 changed files with 36 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
doc/gpg.texi
View File

@ -2276,9 +2276,10 @@ a message that PGP 2.x will not be able to handle. Note that `PGP
available, but the MIT release is a good common baseline. available, but the MIT release is a good common baseline.
This option implies @option{--rfc1991 --disable-mdc This option implies @option{--rfc1991 --disable-mdc
--no-force-v4-certs --escape-from-lines --force-v3-sigs --cipher-algo --no-force-v4-certs --escape-from-lines --force-v3-sigs
IDEA --digest-algo MD5 --compress-algo ZIP}. It also disables --allow-weak-digest-algos --cipher-algo IDEA --digest-algo
@option{--textmode} when encrypting. MD5--compress-algo ZIP}. It also disables @option{--textmode} when
encrypting.
@item --pgp6 @item --pgp6
@opindex pgp6 @opindex pgp6
@ -2734,6 +2735,13 @@ necessary to get as much data as possible out of the corrupt message.
However, be aware that a MDC protection failure may also mean that the However, be aware that a MDC protection failure may also mean that the
message was tampered with intentionally by an attacker. message was tampered with intentionally by an attacker.
@item --allow-weak-digest-algos
@opindex allow-weak-digest-algos
Signatures made with the broken MD5 algorithm are normally rejected
with an ``invalid digest algorithm'' message. This option allows the
verification of signatures made with such weak algorithms.
@item --no-default-keyring @item --no-default-keyring
@opindex no-default-keyring @opindex no-default-keyring
Do not add the default keyrings to the list of keyrings. Note that Do not add the default keyrings to the list of keyrings. Note that

7
g10/gpg.c
View File

@ -374,6 +374,7 @@ enum cmd_and_opt_values
oDisableDSA2, oDisableDSA2,
oAllowMultipleMessages, oAllowMultipleMessages,
oNoAllowMultipleMessages, oNoAllowMultipleMessages,
oAllowWeakDigestAlgos,
oFakedSystemTime, oFakedSystemTime,
oNoop oNoop
@ -768,6 +769,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oDisableDSA2, "disable-dsa2", "@"), ARGPARSE_s_n (oDisableDSA2, "disable-dsa2", "@"),
ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"), ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"),
ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"), ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"),
ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"),
/* These two are aliases to help users of the PGP command line /* These two are aliases to help users of the PGP command line
product use gpg with minimal pain. Many commands are common product use gpg with minimal pain. Many commands are common
@ -3066,6 +3068,10 @@ main (int argc, char **argv)
opt.flags.allow_multiple_messages=0; opt.flags.allow_multiple_messages=0;
break; break;
case oAllowWeakDigestAlgos:
opt.flags.allow_weak_digest_algos = 1;
break;
case oFakedSystemTime: case oFakedSystemTime:
{ {
time_t faked_time = isotime2epoch (pargs.r.ret_str); time_t faked_time = isotime2epoch (pargs.r.ret_str);
@ -3280,6 +3286,7 @@ main (int argc, char **argv)
opt.pgp2_workarounds = 1; opt.pgp2_workarounds = 1;
opt.ask_sig_expire = 0; opt.ask_sig_expire = 0;
opt.ask_cert_expire = 0; opt.ask_cert_expire = 0;
opt.flags.allow_weak_digest_algos = 1;
xfree(def_digest_string); xfree(def_digest_string);
def_digest_string = xstrdup("md5"); def_digest_string = xstrdup("md5");
xfree(s2k_digest_string); xfree(s2k_digest_string);

1
g10/options.h
View File

@ -228,6 +228,7 @@ struct
unsigned int utf8_filename:1; unsigned int utf8_filename:1;
unsigned int dsa2:1; unsigned int dsa2:1;
unsigned int allow_multiple_messages:1; unsigned int allow_multiple_messages:1;
unsigned int allow_weak_digest_algos:1;
} flags; } flags;
/* Linked list of ways to find a key if the key isn't on the local /* Linked list of ways to find a key if the key isn't on the local

16
g10/sig-check.c
View File

@ -266,6 +266,22 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
if( (rc=do_check_messages(pk,sig,r_expired,r_revoked)) ) if( (rc=do_check_messages(pk,sig,r_expired,r_revoked)) )
return rc; return rc;
if (sig->digest_algo == GCRY_MD_MD5
&& !opt.flags.allow_weak_digest_algos)
{
static int shown;
if (!shown)
{
log_info
(_("Note: signatures using the %s algorithm are rejected\n"),
"MD5");
shown = 1;
}
return GPG_ERR_DIGEST_ALGO;
}
/* Make sure the digest algo is enabled (in case of a detached /* Make sure the digest algo is enabled (in case of a detached
signature). */ signature). */
gcry_md_enable (digest, sig->digest_algo); gcry_md_enable (digest, sig->digest_algo);

1
tests/openpgp/defs.inc
View File

@ -245,6 +245,7 @@ for f in gpg.conf gpg-agent.conf ; do
gpg.conf) gpg.conf)
[ -n "${opt_always}" ] && echo "no-auto-check-trustdb" >>"$f" [ -n "${opt_always}" ] && echo "no-auto-check-trustdb" >>"$f"
echo "agent-program $GPG_AGENT" >>"$f" echo "agent-program $GPG_AGENT" >>"$f"
echo "allow-weak-digest-algos" >>"$f"
;; ;;
gpg-agent.conf) gpg-agent.conf)