Only check preferences against keys with v4 self sigs as v3 sigs have no

prefs
Only put in the fake IDEA preference with --pgp2 mode
Print "Expired" for expired but good signatures.

4 files changed, 26 insertions, 15 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index d6fb5b699..4f0ca21ed 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,16 @@
+2002-01-24  David Shaw  <[email protected]>
+
+	* pubkey-enc.c (is_algo_in_prefs, get_it): Only check preferences
+	against keys with v4 self sigs - there is really little point in
+	warning for every single non-IDEA message encrypted to an old key.
+
+	* pkclist.c (select_algo_from_prefs): Only put in the fake IDEA
+	preference if --pgp2 is on.
+
+	* mainproc.c (check_sig_and_print): Print "Expired" for expired
+	but good signatures (this still prints "BAD" for expired but bad
+	signatures).
+
 2002-01-23  David Shaw  <[email protected]>
 
 	* keygen.c (ask_keysize): Cosmetic: don't present a RSA signing
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 0f4342730..08a205b18 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1286,7 +1286,8 @@ check_sig_and_print( CTX c, KBNODE node )
                                           -1 );
 
             log_info(rc? _("BAD signature from \"")
-                       : _("Good signature from \""));
+                       : sig->flags.expired ? _("Expired signature from \"")
+		       : _("Good signature from \""));
 	    print_utf8_string( log_stream(), un->pkt->pkt.user_id->name,
 					     un->pkt->pkt.user_id->len );
 	    fputs("\"\n", log_stream() );
@@ -1307,7 +1308,8 @@ check_sig_and_print( CTX c, KBNODE node )
                                           un? un->pkt->pkt.user_id->len:3, 
                                           -1 );
 
-	    log_info(rc? _("BAD signature from \"")
+            log_info(rc? _("BAD signature from \"")
+                       : sig->flags.expired ? _("Expired signature from \"")
 		       : _("Good signature from \""));
             if (!opt.always_trust && un) {
                 fputs(_("[uncertain]"), log_stream() );
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 4c1ac50a2..9847e0f8f 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -967,11 +967,14 @@ select_algo_from_prefs( PK_LIST pk_list, int preftype )
 
 	memset( mask, 0, 8 * sizeof *mask );
 	if( preftype == PREFTYPE_SYM ) {
-	  if( pkr->pk->version < 4 && pkr->pk->selfsigversion < 4 )
+	  if( pkr->pk->version < 4 &&
+	      pkr->pk->selfsigversion < 4 &&
+	      opt.pgp2 )
 	    mask[0] |= (1<<1); /* IDEA is implicitly there for v3 keys
-				  with v3 selfsigs (rfc2440:12.1).
-				  This doesn't mean it's actually
-				  available, of course. */
+				  with v3 selfsigs (rfc2440:12.1) if
+				  --pgp2 mode is on.  This doesn't
+				  mean it's actually available, of
+				  course. */
 	  else
 	    mask[0] |= (1<<2); /* 3DES is implicitly there for everyone else */
 	}
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index d08cd7c12..05ba85f85 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -46,14 +46,6 @@ is_algo_in_prefs ( KBNODE keyblock, preftype_t type, int algo )
     KBNODE k;
 
     for (k=keyblock; k; k=k->next) {
-      /* Fake IDEA preference for v3 keys with v3 selfsigs */
-        if (k->pkt->pkttype == PKT_PUBLIC_KEY &&
-	    k->pkt->pkt.public_key->version < 4 &&
-	    k->pkt->pkt.public_key->selfsigversion < 4 &&
-	    type==PREFTYPE_SYM &&
-	    algo==CIPHER_ALGO_IDEA)
-	  return 1;
-
         if (k->pkt->pkttype == PKT_USER_ID) {
             PKT_user_id *uid = k->pkt->pkt.user_id;
             prefitem_t *prefs = uid->prefs;
@@ -216,7 +208,8 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
             rc = -1;
 	    log_error("oops: public key not found for preference check\n");
         }
-	else if( dek->algo != CIPHER_ALGO_3DES
+	else if( pkb->pkt->pkt.public_key->selfsigversion > 3
+            && dek->algo != CIPHER_ALGO_3DES
 	    && !is_algo_in_prefs( pkb, PREFTYPE_SYM, dek->algo ) ) {
 	    /* Don't print a note while we are not on verbose mode,
 	     * the cipher is blowfish and the preferences have twofish