diff options
| author | David Shaw <[email protected]> | 2010-10-29 19:14:28 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2010-10-29 19:14:28 +0000 |
| commit | 79019ee7766f1fb850546924c606be40ceb625ea (patch) | |
| tree | 548f49a8bedc3c38dd72b15cefd4b1401180725b | |
| parent | * pkclist.c (select_algo_from_prefs): Make sure the scores can't (diff) | |
| download | gnupg-79019ee7766f1fb850546924c606be40ceb625ea.tar.gz gnupg-79019ee7766f1fb850546924c606be40ceb625ea.zip | |
* pkclist.c (select_algo_from_prefs): Slightly improve the handling of
MD5 in preference lists. Instead of replacing MD5 with SHA-1, just
remove MD5 from the list altogether, and let the next-highest ranked
algorithm be chosen.
| -rw-r--r-- | g10/ChangeLog | 5 | ||||
| -rw-r--r-- | g10/pkclist.c | 34 |
2 files changed, 26 insertions, 13 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 6e6c7c379..5d0d69c46 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -5,6 +5,11 @@ can't pick something not present in all preference lists, but we might pick something that isn't scored first choice). + * pkclist.c (select_algo_from_prefs): Slightly improve the + handling of MD5 in preference lists. Instead of replacing MD5 + with SHA-1, just remove MD5 from the list altogether, and let the + next-highest ranked algorithm be chosen. + 2010-10-27 Werner Koch <[email protected]> * keygen.c (ask_expire_interval): Print 2038 warning only for 32 diff --git a/g10/pkclist.c b/g10/pkclist.c index 9c8315540..5154b19b1 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -1266,7 +1266,6 @@ select_algo_from_prefs(PK_LIST pk_list, int preftype, u32 bits[8]; const prefitem_t *prefs; int result=-1,i; - unsigned int best=-1; u16 scores[256]; if( !pk_list ) @@ -1403,10 +1402,31 @@ select_algo_from_prefs(PK_LIST pk_list, int preftype, if(result==-1) { + unsigned int best=-1; + /* At this point, we have not selected an algorithm due to a special request or via personal prefs. Pick the highest ranked algorithm (i.e. the one with the lowest score). */ + if(preftype==PREFTYPE_HASH && scores[DIGEST_ALGO_MD5]) + { + /* "If you are building an authentication system, the recipient + may specify a preferred signing algorithm. However, the + signer would be foolish to use a weak algorithm simply + because the recipient requests it." (RFC4880:14). If any + other hash algorithm is available, pretend that MD5 isn't. + Note that if the user intentionally chose MD5 by putting it + in their personal prefs, then we do what the user said (as we + never reach this code). */ + + for(i=DIGEST_ALGO_MD5+1;i<256;i++) + if(scores[i]) + { + scores[DIGEST_ALGO_MD5]=0; + break; + } + } + for(i=0;i<256;i++) { /* Note the '<' here. This means in case of a tie, we will @@ -1424,18 +1444,6 @@ select_algo_from_prefs(PK_LIST pk_list, int preftype, result=i; } } - - /* "If you are building an authentication system, the recipient - may specify a preferred signing algorithm. However, the - signer would be foolish to use a weak algorithm simply - because the recipient requests it." (RFC4880:14). If we - settle on MD5, and SHA1 is also available, use SHA1 instead. - Note that if the user intentionally chose MD5 by putting it - in their personal prefs, then we do what the user said (as we - never reach this code). */ - if(preftype==PREFTYPE_HASH && result==DIGEST_ALGO_MD5 - && (bits[0] & (1<<DIGEST_ALGO_SHA1))) - result=DIGEST_ALGO_SHA1; } return result; |