security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity
gnupg/g10
History
Werner Koch 4c181d51a6
gpg: Do not use weak digest algos if selected by recipient prefs. 
* g10/misc.c (is_weak_digest): New.
(print_digest_algo_note): Use it here.
* g10/sig-check.c (check_signature_end_simple): Use it.
* g10/sign.c (hash_for): Do not use recipient_digest_algo if it is in
the least of weak digest algorithm.
--

If a message is signed and encrypted to several recipients, the to be
used digest algorithm is deduced from the preferences of the
recipient.  This is so that all recipients are able to check the the
signature.  However, if the sender has a declared an algorithm as
week, that algorithm shall not be used - in this case we fallback to
the standard way of selecting an algorithm.

Note that a smarter way of selecting the algo is to check this while
figuring out the algorithm - this needs more testing and thus we do it
the simple way.

Reported-by: Phil Pennock
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 15746d60d4
 		2020-11-02 17:48:02 +01:00
..
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
Makefile.am w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10: Fix possible null dereference. 2019-05-14 11:24:35 +09:00
build-packet.c gpg: Do not allow creation of user ids larger than our parser allows. 2019-05-21 16:28:11 +02:00
call-agent.c gpg,gpgsm: Record the creation time of a private key. 2020-08-23 12:31:18 +02:00
call-agent.h gpg,gpgsm: Record the creation time of a private key. 2020-08-23 12:31:18 +02:00
call-dirmngr.c po: Make g10/call-dirmngr.c translatable. 2019-12-07 11:56:13 +01:00
call-dirmngr.h gpg: Store key origin info for new DANE and WKD retrieved keys. 2017-07-24 20:09:52 +02:00
card-util.c gpg: Use the new MANUFACTURER attribute. 2020-04-15 15:18:41 +02:00
cipher.c gpg: Remove MDC options 2018-05-31 12:08:22 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c spelling: Fix "synchronize" 2019-06-23 20:17:47 -04:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
decrypt.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:42:42 +02:00
dek.h gpg: Support decryption of the new AEAD packet 2020-04-16 08:25:55 +02:00
delkey.c gpg: Print a hint for --batch mode and --delete-secret-key. 2020-03-18 15:26:43 +01:00
distsigkey.gpg Add a new dist signing key 2020-08-24 19:48:13 +02:00
ecdh.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
encrypt.c gpg: Fix flaw in symmetric algorithm selection in mixed mode. 2020-07-07 13:03:01 +02:00
exec.c gpg: Improve the photo image viewer selection. 2019-05-17 12:46:16 +02:00
exec.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
export.c gpg: Do not close stdout after --export-ssh-key 2020-07-16 11:38:40 +02:00
filter.h gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
free-packet.c gpg: Fix possible double free of the card serialno. 2017-07-21 17:49:10 +02:00
getkey.c gpg: Fix AEAD preference list overflow 2020-09-03 17:06:29 +02:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
gpg.h gpg: Fix build on Windows. 2018-03-08 14:08:51 +09:00
gpg.w32-manifest.in w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
gpgcompose.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:37:34 +01:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv-w32info.rc w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
gpgv.c gpg: Make use of the included key block in a signature. 2020-03-14 19:53:40 +01:00
gpgv.w32-manifest.in w32: Add manifest files to most binaries 2020-10-02 17:04:12 +02:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c gpg,gpgsm: Record the creation time of a private key. 2020-08-23 12:31:18 +02:00
kbnode.c gpg: Avoid importing secret keys if the keyblock is not valid. 2019-03-18 13:16:35 +01:00
key-check.c gpg: Fix segv importing certain keys. 2020-09-02 16:06:46 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Remove multiple subkey bindings during export-clean. 2018-07-09 12:07:24 +02:00
key-clean.h gpg: Let export-clean remove expired subkeys. 2018-07-09 10:25:06 +02:00
keydb.c g10,sm: Use gnupg_access at two more places. 2020-10-26 12:36:38 +01:00
keydb.h gpg: Make use of the included key block in a signature. 2020-03-14 19:53:40 +01:00
keyedit.c gpg: Fix iteration over signatures 2020-10-30 15:52:16 +01:00
keyedit.h gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
keygen.c gpg: Initialize a parameter to silence valgrind. 2020-09-04 11:24:34 +02:00
keyid.c common: Change argument order of log_printhex. 2020-05-12 18:51:47 +02:00
keylist.c gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
keyring.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: Pass key origin values to import functions. 2017-07-13 18:29:01 +02:00
keyserver.c gpg: Add property "fpr" for use by --export-filter. 2020-03-14 19:15:00 +01:00
main.h gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 17:48:02 +01:00
mainproc.c sm: Exclude rsaPSS from de-vs compliance mode. 2020-07-03 17:08:58 +02:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Replace most of the remaining stdio calls by estream calls. 2020-10-21 21:09:38 +02:00
misc.c gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 17:48:02 +01:00
openfile.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
options.h gpg: New option --auto-key-import 2020-03-14 20:07:37 +01:00
packet.h gpg: Show AEAD preferences 2020-04-16 08:36:28 +02:00
parse-packet.c gpg: Support decryption of the new AEAD packet 2020-04-16 08:25:55 +02:00
passphrase.c gpg: Use integrated passphrase repeat entry also for -c. 2020-07-08 16:13:57 +02:00
photoid.c gpg: Improve the photo image viewer selection. 2019-05-17 12:46:16 +02:00
photoid.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
pkclist.c gpg: Make use of the included key block in a signature. 2020-03-14 19:53:40 +01:00
pkglue.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pkglue.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
plaintext.c gpg: Fix using --decrypt along with --use-embedded-filename. 2019-05-17 13:42:42 +02:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c sm: Exclude rsaPSS from de-vs compliance mode. 2020-07-03 17:08:58 +02:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: New command --quick-revoke-sig 2020-10-28 18:10:01 +01:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
sig-check.c gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 17:48:02 +01:00
sign.c gpg: Do not use weak digest algos if selected by recipient prefs. 2020-11-02 17:48:02 +01:00
skclist.c gpg: Fix double free with anonymous recipients. 2019-11-29 17:44:12 +01:00
t-keydb-get-keyblock.c gpg: Fix actual leak and possible leaks in the packet parser. 2017-03-30 16:01:52 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
tdbio.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c gpg: Make use of the included key block in a signature. 2020-03-14 19:53:40 +01:00
test.c build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. 2020-02-10 16:37:34 +01:00
textfilter.c gpg: Initialize a parameter to silence valgrind. 2020-09-04 11:24:34 +02:00
tofu.c Replace all calls to stat by gnupg_stat. 2020-10-23 11:15:59 +02:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Move key cleaning functions to a separate file. 2018-07-09 10:24:37 +02:00
trustdb.c gpg: Add regular expression support. 2020-07-15 14:16:57 +09:00
trustdb.h gpg: Move key cleaning functions to a separate file. 2018-07-09 10:24:37 +02:00
verify.c gpg: Make really sure that --verify-files always returns an error. 2020-02-10 15:33:53 +01:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00