diff options
| author | NIIBE Yutaka <[email protected]> | 2016-07-09 01:20:02 +0000 |
|---|---|---|
| committer | NIIBE Yutaka <[email protected]> | 2016-07-09 01:38:25 +0000 |
| commit | b531f2fd75be3f616073cba714d73324525fd3e4 (patch) | |
| tree | 5f117a32c0ad0d59e270c75400ed1bf9a2b83830 | |
| parent | g10: Fix keysize with --expert. (diff) | |
| download | gnupg-b531f2fd75be3f616073cba714d73324525fd3e4.tar.gz gnupg-b531f2fd75be3f616073cba714d73324525fd3e4.zip | |
gpgv: Tweak default options for extra security.
* g10/gpgv.c (main): Set opt.no_sig _cache, so that it doesn't depend on
cached status. Similarly, set opt.flags.require_cross_cert for backsig
validation for subkey signature.
--
(backport of master
commit e32c575e0f3704e7563048eea6d26844bdfc494b)
It is common that an organization distributes binary keyrings with
signature cache (Tag 12, Trust Packet) and people use gpgv to validate
signature with such keyrings. In such a use case, it is possible that
the key validation itself is skipped.
For the purpose of gpgv validation of signatures, we should not depend
on signature cache in keyrings (if any), but we should validate the key
by its self signature for primary key, and back signature for subkey.
Signed-off-by: NIIBE Yutaka <[email protected]>
| -rw-r--r-- | g10/gpgv.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/g10/gpgv.c b/g10/gpgv.c index b700f17ac..3b48a0e66 100644 --- a/g10/gpgv.c +++ b/g10/gpgv.c @@ -163,6 +163,8 @@ main( int argc, char **argv ) opt.pgp2_workarounds = 1; opt.keyserver_options.options|=KEYSERVER_AUTO_KEY_RETRIEVE; opt.trust_model = TM_ALWAYS; + opt.no_sig_cache = 1; + opt.flags.require_cross_cert = 1; opt.batch = 1; opt.homedir = default_homedir (); |