security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-03-25 22:19:59 +01:00
Code Activity
gnupg/g10
History
Werner Koch 4c181d51a6
gpg: Do not use weak digest algos if selected by recipient prefs. 
* g10/misc.c (is_weak_digest): New.
(print_digest_algo_note): Use it here.
* g10/sig-check.c (check_signature_end_simple): Use it.
* g10/sign.c (hash_for): Do not use recipient_digest_algo if it is in
the least of weak digest algorithm.
--

If a message is signed and encrypted to several recipients, the to be
used digest algorithm is deduced from the preferences of the
recipient.  This is so that all recipients are able to check the the
signature.  However, if the sender has a declared an algorithm as
week, that algorithm shall not be used - in this case we fallback to
the standard way of selecting an algorithm.

Note that a smarter way of selecting the algo is to check this while
figuring out the algorithm - this needs more testing and thus we do it
the simple way.

Reported-by: Phil Pennock
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 15746d60d492f5792e4a179ab0a08801b4049695
2020-11-02 17:48:02 +01:00
..
all-tests.scm
tests: Make it possible to run all tests using our infrastructure.
2017-05-11 18:12:37 +02:00
armor.c
g10: Fix possible null dereference.
2019-05-14 11:24:35 +09:00
build-packet.c
gpg: Do not allow creation of user ids larger than our parser allows.
2019-05-21 16:28:11 +02:00
call-agent.c
gpg,gpgsm: Record the creation time of a private key.
2020-08-23 12:31:18 +02:00
call-agent.h
gpg,gpgsm: Record the creation time of a private key.
2020-08-23 12:31:18 +02:00
call-dirmngr.c
po: Make g10/call-dirmngr.c translatable.
2019-12-07 11:56:13 +01:00
call-dirmngr.h
gpg: Store key origin info for new DANE and WKD retrieved keys.
2017-07-24 20:09:52 +02:00
card-util.c
gpg: Use the new MANUFACTURER attribute.
2020-04-15 15:18:41 +02:00
ChangeLog-2011
Spelling: correct spelling of "passphrase".
2016-11-02 12:53:58 +01:00
cipher.c
gpg: Remove MDC options
2018-05-31 12:08:22 +02:00
compress-bz2.c
g10,tools: Fix bzlib.h include order.
2017-04-11 13:52:19 +09:00
compress.c
gpg: Fix minor memory leak in the compress filter.
2018-05-02 20:15:10 +02:00
cpr.c
spelling: Fix "synchronize"
2019-06-23 20:17:47 -04:00
dearmor.c
Revert "g10: Always save standard revocation certificate in file."
2017-08-01 19:08:16 +02:00
decrypt-data.c
common: Change argument order of log_printhex.
2020-05-12 18:51:47 +02:00
decrypt.c
gpg: Fix using --decrypt along with --use-embedded-filename.
2019-05-17 13:42:42 +02:00
dek.h
gpg: Support decryption of the new AEAD packet
2020-04-16 08:25:55 +02:00
delkey.c
gpg: Print a hint for --batch mode and --delete-secret-key.
2020-03-18 15:26:43 +01:00
distsigkey.gpg
Add a new dist signing key
2020-08-24 19:48:13 +02:00
ecdh.c
common: Change argument order of log_printhex.
2020-05-12 18:51:47 +02:00
encrypt.c
gpg: Fix flaw in symmetric algorithm selection in mixed mode.
2020-07-07 13:03:01 +02:00
exec.c
gpg: Improve the photo image viewer selection.
2019-05-17 12:46:16 +02:00
exec.h
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00
export.c
gpg: Do not close stdout after --export-ssh-key
2020-07-16 11:38:40 +02:00
filter.h
gpg: Fix minor memory leak in the compress filter.
2018-05-02 20:15:10 +02:00
free-packet.c
gpg: Fix possible double free of the card serialno.
2017-07-21 17:49:10 +02:00
getkey.c
gpg: Fix AEAD preference list overflow
2020-09-03 17:06:29 +02:00
gpg-w32info.rc
w32: Add manifest to gpg.
2015-02-04 09:15:34 +01:00
gpg.c
gpg: New command --quick-revoke-sig
2020-10-28 18:10:01 +01:00
gpg.h
gpg: Fix build on Windows.
2018-03-08 14:08:51 +09:00
gpg.w32-manifest.in
w32: Add manifest files to most binaries
2020-10-02 17:04:12 +02:00
gpgcompose.c
build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.
2020-02-10 16:37:34 +01:00
gpgsql.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
gpgsql.h
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00
gpgv-w32info.rc
w32: Add manifest files to most binaries
2020-10-02 17:04:12 +02:00
gpgv.c
gpg: Make use of the included key block in a signature.
2020-03-14 19:53:40 +01:00
gpgv.w32-manifest.in
w32: Add manifest files to most binaries
2020-10-02 17:04:12 +02:00
helptext.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
import.c
gpg,gpgsm: Record the creation time of a private key.
2020-08-23 12:31:18 +02:00
kbnode.c
gpg: Avoid importing secret keys if the keyblock is not valid.
2019-03-18 13:16:35 +01:00
key-check.c
gpg: Fix segv importing certain keys.
2020-09-02 16:06:46 +02:00
key-check.h
gpg: Avoid output to the tty during import.
2017-07-27 11:38:57 +02:00
key-clean.c
gpg: Remove multiple subkey bindings during export-clean.
2018-07-09 12:07:24 +02:00
key-clean.h
gpg: Let export-clean remove expired subkeys.
2018-07-09 10:25:06 +02:00
keydb.c
g10,sm: Use gnupg_access at two more places.
2020-10-26 12:36:38 +01:00
keydb.h
gpg: Make use of the included key block in a signature.
2020-03-14 19:53:40 +01:00
keyedit.c
gpg: Fix iteration over signatures
2020-10-30 15:52:16 +01:00
keyedit.h
gpg: New command --quick-revoke-sig
2020-10-28 18:10:01 +01:00
keygen.c
gpg: Initialize a parameter to silence valgrind.
2020-09-04 11:24:34 +02:00
keyid.c
common: Change argument order of log_printhex.
2020-05-12 18:51:47 +02:00
keylist.c
gpg: New command --quick-revoke-sig
2020-10-28 18:10:01 +01:00
keyring.c
Replace all calls to stat by gnupg_stat.
2020-10-23 11:15:59 +02:00
keyring.h
gpg: Pass CTRL to many more functions.
2017-03-31 20:07:20 +02:00
keyserver-internal.h
gpg: Pass key origin values to import functions.
2017-07-13 18:29:01 +02:00
keyserver.c
gpg: Add property "fpr" for use by --export-filter.
2020-03-14 19:15:00 +01:00
main.h
gpg: Do not use weak digest algos if selected by recipient prefs.
2020-11-02 17:48:02 +01:00
mainproc.c
sm: Exclude rsaPSS from de-vs compliance mode.
2020-07-03 17:08:58 +02:00
Makefile.am
w32: Add manifest files to most binaries
2020-10-02 17:04:12 +02:00
mdfilter.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
migrate.c
Replace most of the remaining stdio calls by estream calls.
2020-10-21 21:09:38 +02:00
misc.c
gpg: Do not use weak digest algos if selected by recipient prefs.
2020-11-02 17:48:02 +01:00
openfile.c
Replace all calls to stat by gnupg_stat.
2020-10-23 11:15:59 +02:00
options.h
gpg: New option --auto-key-import
2020-03-14 20:07:37 +01:00
packet.h
gpg: Show AEAD preferences
2020-04-16 08:36:28 +02:00
parse-packet.c
gpg: Support decryption of the new AEAD packet
2020-04-16 08:25:55 +02:00
passphrase.c
gpg: Use integrated passphrase repeat entry also for -c.
2020-07-08 16:13:57 +02:00
photoid.c
gpg: Improve the photo image viewer selection.
2019-05-17 12:46:16 +02:00
photoid.h
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00
pkclist.c
gpg: Make use of the included key block in a signature.
2020-03-14 19:53:40 +01:00
pkglue.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
pkglue.h
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00
plaintext.c
gpg: Fix using --decrypt along with --use-embedded-filename.
2019-05-17 13:42:42 +02:00
progress.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
pubkey-enc.c
sm: Exclude rsaPSS from de-vs compliance mode.
2020-07-03 17:08:58 +02:00
pubring.asc
Update copyright notices for 2017.
2017-01-23 19:16:55 +01:00
revoke.c
gpg: New command --quick-revoke-sig
2020-10-28 18:10:01 +01:00
rmd160.c
Clean up word replication.
2017-02-21 13:11:46 -05:00
rmd160.h
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00
seckey-cert.c
More change for common.
2017-03-07 20:32:09 +09:00
server.c
Remove -I option to common.
2017-03-07 20:25:54 +09:00
seskey.c
Spelling fixes in docs and comments.
2017-04-28 10:06:33 +09:00
sig-check.c
gpg: Do not use weak digest algos if selected by recipient prefs.
2020-11-02 17:48:02 +01:00
sign.c
gpg: Do not use weak digest algos if selected by recipient prefs.
2020-11-02 17:48:02 +01:00
skclist.c
gpg: Fix double free with anonymous recipients.
2019-11-29 17:44:12 +01:00
t-keydb-get-keyblock.c
gpg: Fix actual leak and possible leaks in the packet parser.
2017-03-30 16:01:52 +02:00
t-keydb-get-keyblock.gpg
gpg: Correctly handle keyblocks followed by legacy keys.
2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx
g10: Add test for keydb as well as new testing infrastructure.
2015-09-02 15:08:57 +02:00
t-keydb.c
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00
t-rmd160.c
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00
t-stutter-data.asc
gpg: Add a new test.
2016-03-08 14:08:49 +01:00
t-stutter.c
g10: Stop compiler warning for t-stutter.
2017-05-10 11:13:03 +09:00
tdbdump.c
gpg: Pass CTRL arg to get_trusthashrec.
2018-03-26 18:06:43 +02:00
tdbio.c
Replace all calls to stat by gnupg_stat.
2020-10-23 11:15:59 +02:00
tdbio.h
gpg: Pass CTRL arg to get_trusthashrec.
2018-03-26 18:06:43 +02:00
test-stubs.c
gpg: Make use of the included key block in a signature.
2020-03-14 19:53:40 +01:00
test.c
build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.
2020-02-10 16:37:34 +01:00
textfilter.c
gpg: Initialize a parameter to silence valgrind.
2020-09-04 11:24:34 +02:00
tofu.c
Replace all calls to stat by gnupg_stat.
2020-10-23 11:15:59 +02:00
tofu.h
g10: Remove dead code.
2016-12-06 12:16:56 +01:00
trust.c
gpg: Move key cleaning functions to a separate file.
2018-07-09 10:24:37 +02:00
trustdb.c
gpg: Add regular expression support.
2020-07-15 14:16:57 +09:00
trustdb.h
gpg: Move key cleaning functions to a separate file.
2018-07-09 10:24:37 +02:00
verify.c
gpg: Make really sure that --verify-files always returns an error.
2020-02-10 15:33:53 +01:00
zlib-riscos.h
Change all http://www.gnu.org in license notices to https://
2016-11-05 12:02:19 +01:00