1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-09 21:28:51 +01:00
Commit Graph

17 Commits

Author SHA1 Message Date
Werner Koch
6502bb0d2a
gpg: Tweak compliance checking for verification
* common/compliance.c (gnupg_pk_is_allowed): Rework to always allow
verification.
* g10/mainproc.c (check_sig_and_print): Print a con-compliant warning.
* g10/sig-check.c (check_signature2): Use log_error instead of
log_info.
--

We should be able to verify all signatures.  So we only print a
warning.  That is the same beheavour as for untrusted keys etc.

GnuPG-bug-id: 3311
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-27 16:22:36 +02:00
Werner Koch
a0d0cbee76
gpg,sm: Fix compliance checking for decryption.
* common/compliance.c (gnupg_pk_is_compliant): Remove the Elgamal
signing check.  We don't support Elgamal signing at all.
(gnupg_pk_is_allowed) <de-vs>: Revert encryption/decryption for RSA.
Check the curvenames for ECDH.
* g10/pubkey-enc.c (get_session_key): Print only a warning if the key
is not compliant.
* sm/decrypt.c (gpgsm_decrypt): Ditto.  Use the same string as in gpg
so that we have only one translation.
--

We always allow decryption and print only a note if the key was not
complaint at the encryption site.

GnuPG-bug-id: 3308
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-27 13:56:38 +02:00
Werner Koch
a149afe338
gpg,sm: Check compliance of the RNG.
* common/compliance.c (gnupg_rng_is_compliant): New.
* g10/call-agent.c (start_agent) [W32]: Check rng compliance.
* sm/call-agent.c (start_agent) [W32]: Ditto.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Check that the RNG is
compliant.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* g10/sign.c (do_sign): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
--

Under Windows we need to check that the Jitter RNG is active in de-vs
mode.  Under Linux this is not necessary because /dev/random can be
scrutinized and is believed to provide enough entropy.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-17 15:53:16 +02:00
Werner Koch
3621dbe525
gpg,gpgsm: Fix compliance check for DSA and avoid an assert.
* common/compliance.c (gnupg_pk_is_compliant): Swap P and Q for DSA
check.  Explicitly check for allowed ECC algos.
(gnupg_pk_is_allowed): Swap P and Q for DSA check.
* g10/mainproc.c (proc_encrypted): Simplify SYMKEYS check.  Replace
assert by debug message.

--

Note that in mainproc.c SYMKEYS is unsigned and thus a greater than 0
condition is surprising because it leads to the assumption SYMKEYS
could be negative.  Better use a boolean test.

The assert could have lead to a regression for no good reason.  Not
being compliant is better than breaking existing users.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-19 19:57:11 +02:00
Werner Koch
6cc4702767
indent: Always use "_(" and not "_ (" to mark translatable strings.
--

This makes greping much easier and we have done that since ever.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-19 19:57:11 +02:00
Werner Koch
3419a339d9
Change license of some files to LGPLv2.1.
* COPYING.LIB: Rename to COPYING.LGPL3.
* COPYING.LGPL21: New.
* COPYING.GPL2: New.
* Makefile.am: Distribute them.
* AUTHORS: Update license pointers.  Add BSI as copyright holder.
* common/compliance.c, common/compliance.h: Add BSI copyright notice.
Break overlong lines.
* dirmngr/loadswdb.c: Add BSI copyright notices.
* dirmngr/server.c: Ditto.
* tools/call-dirmngr.c: Change license to LGPLv2.1.  Add BSI
copyright notice.
* tools/call-dirmngr.h: Ditto.
* tools/gpg-wks-client.c: Ditto.
* tools/gpg-wks-server.c: Ditto.
* tools/gpg-wks.h: Ditto.
* tools/mime-maker.c: Ditto.
* tools/mime-maker.h: Ditto.
* tools/mime-parser.c: Ditto.
* tools/mime-parser.h: Ditto.
* tools/send-mail.c: Ditto.
* tools/send-mail.h: Ditto.
* tools/wks-receive.c: Ditto.
* tools/wks-util.c: Ditto.
* tools/rfc822parse.c, tools/rfc822parse.h: Change license to LGPLv2.1.
--

For better deployment it seems to be better to make the Web Key
Directory code more easily available.

Some code was been developed under contract of the BSI.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-19 12:42:13 +02:00
Justus Winter
6e23416fe6
gpg: Disable compliance module for other GnuPG components.
* common/compliance.c (gnupg_{pk,cipher,digest}_is_compliant): Return
false if the module is not initialized.
(gnupg_{pk,cipher,digest}_is_allowed): Return true if the module is
not initialized.
(gnupg_status_compliance_flag): Do not assert that the module is
initialized.
(gnupg_parse_compliance_option): Likewise.
(gnupg_compliance_option_string): Likewise.
--

This implements a default policy for modules not explicitly using the
compliance module.  The default policy is to allow all algorithms, but
mark none of them as compliant.

Fixes gpgv.

GnuPG-bug-id: 3210
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-19 11:00:04 +02:00
Werner Koch
7c91b48f0e
common: Fix -Wswitch warning.
* common/compliance.c (gnupg_digest_is_allowed): Don't include
GCRY_MD_WHIRLPOOL because it is not a digest_algo_t.
--

Note that Whirlpool is not used anywhere in gpg or gpgsm.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-13 09:01:24 +02:00
Justus Winter
a64a55e104
common,gpg,sm: Restrict the use of algorithms according to CO_DE_VS.
* common/compliance.c (gnupg_pk_is_allowed): New function.
(gnupg_cipher_is_allowed): Likewise.
(gnupg_digest_is_allowed): Likewise.
* common/compliance.h (enum pk_use_case): New definition.
(gnupg_pk_is_allowed): New prototype.
(gnupg_cipher_is_allowed): Likewise.
(gnupg_digest_is_allowed): Likewise.
* g10/decrypt-data.c (decrypt_data): Restrict use of algorithms using
the new predicates.
* g10/encrypt.c (encrypt_crypt): Likewise.
* g10/gpg.c (main): Likewise.
* g10/pubkey-enc.c (get_session_key): Likewise.
* g10/sig-check.c (check_signature2): Likewise.
* g10/sign.c (do_sign): Likewise.
* sm/decrypt.c (gpgsm_decrypt): Likewise.
* sm/encrypt.c (gpgsm_encrypt): Likewise.
* sm/gpgsm.c (main): Likewise.
* sm/sign.c (gpgsm_sign): Likewise.
* sm/verify.c (gpgsm_verify): Likewise.
--

With this change, policies can effectively restrict what algorithms
are used for different purposes.  The algorithm policy for CO_DE_VS is
implemented.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-08 14:22:54 +02:00
Justus Winter
e051e39615
common: Add cipher mode to compliance predicate.
* common/compliance.c (gnupg_cipher_is_compliant): Add mode parameter.
* common/compliance.h (gnupg_cipher_is_compliant): Likewise.
* g10/mainproc.c (proc_encrypted): Adapt callsite.
* sm/decrypt.c (gpgsm_decrypt): Likewise.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:54:44 +02:00
Justus Winter
21fc2508c9
common,gpg,sm: Initialize compliance module.
* common/compliance.c (gnupg_initialize_compliance): New function.
* common/compliance.h (gnupg_initialize_compliance): New prototype.
* g10/gpg.c (main): Use the new function.
* sm/gpgsm.c (main): Likewise.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:54:42 +02:00
Justus Winter
f440cf73ea
common,gpg: Move the compliance option printer.
* common/compliance.c (gnupg_compliance_option_string): New function.
* common/compliance.h (gnupg_compliance_option_string): New prototype.
* g10/encrypt.c (write_pubkey_enc_from_list): Update callsite.
* g10/gpg.c (main): Likewise.
* g10/keyedit.c (keyedit_menu): Likewise.
* g10/pkclist.c (build_pk_list): Likewise.
* g10/main.h (compliance_option_string): Remove prototype.
* g10/misc.c (compliance_option_string): Remove function.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:53:32 +02:00
Justus Winter
842d233d40
common,gpg,sm: Move the compliance option parser.
* common/compliance.c (gnupg_parse_compliance_option): New function.
* common/compliance.h (struct gnupg_compliance_option): New type.
(gnupg_parse_compliance_option): New prototype.
* g10/gpg.c (parse_compliance_option): Remove function.
(compliance_options): New variable.
(main): Adapt callsite.
* sm/gpgsm.c (main): Use the new common function.
* sm/gpgsm.h (opt): New field 'compliance'.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:53:31 +02:00
Justus Winter
216f0804c1
common,g10: Fix typos.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-06 16:08:45 +02:00
Justus Winter
be8ca88526
gpg: Report compliance with CO_DE_VS.
* common/compliance.c (gnupg_pk_is_compliant): Add DSA with certain
parameters.
(gnupg_cipher_is_compliant): New function.
(gnupg_digest_is_compliant): Likewise.
* common/compliance.h (gnupg_cipher_is_compliant): New prototype.
(gnupg_digest_is_compliant): Likewise.
* common/status.h (STATUS_DECRYPTION_COMPLIANCE_MODE): New status.
(STATUS_VERIFICATION_COMPLIANCE_MODE): Likewise.
* doc/DETAILS: Document the new status lines.
* g10/mainproc.c (proc_encrypted): Compute compliance with CO_DE_VS
and report that using the new status line.
(check_sig_and_print): Likewise.
* sm/decrypt.c (gpgsm_decrypt): Likewise.
* sm/verify.c (gpgsm_verify): Likewise.
--

When decrypting data and verifying signatures, report whether the
operations are in compliance with the criteria for data classified as
VS-NfD.  This information will be picked up by the frontend and
presented to the user.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 13:16:18 +02:00
Justus Winter
3b70f62423
common: Improve checking for compliance with CO_DE_VS.
* common/compliance.c (gnupg_pk_is_compliant): Only certain RSA key
sizes are compliant.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 12:26:17 +02:00
Justus Winter
8a012280e0
gpg,common: Move the compliance framework.
* common/Makefile.am (common_sources): Add new files.
* common/compliance.c: New file.  Move 'gnupg_pk_is_compliant' here,
and tweak it to not rely on types private to gpg.
* common/compliance.h: New file.  Move the compliance enum here.
* g10/keylist.c (print_compliance_flags): Adapt callsite.
* g10/main.h (gnupg_pk_is_compliant): Remove prototype.
* g10/misc.c (gnupg_pk_is_compliant): Remove function.
* g10/options.h (opt): Use the new compliance enum.
* sm/keylist.c (print_compliance_flags): Use the common functions.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 12:09:43 +02:00