3 files changed, 24 insertions, 0 deletions

diff --git a/g10/gpg.c b/g10/gpg.c
index 35b62c1f3..87ffe540f 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -367,6 +367,7 @@ enum cmd_and_opt_values
     oDisableDSA2,
     oAllowMultipleMessages,
     oNoAllowMultipleMessages,
+    oAllowWeakDigestAlgos,
 
     oNoop
   };
@@ -742,6 +743,7 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oDisableDSA2, "disable-dsa2", "@"),
   ARGPARSE_s_n (oAllowMultipleMessages,      "allow-multiple-messages", "@"),
   ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"),
+  ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"),
 
   /* These two are aliases to help users of the PGP command line
      product use gpg with minimal pain.  Many commands are common
@@ -2949,6 +2951,10 @@ main (int argc, char **argv)
 	    opt.flags.allow_multiple_messages=0;
 	    break;
 
+          case oAllowWeakDigestAlgos:
+            opt.flags.allow_weak_digest_algos = 1;
+            break;
+
 	  case oNoop: break;
 
 	  default:
@@ -3131,6 +3137,7 @@ main (int argc, char **argv)
 	    opt.pgp2_workarounds = 1;
 	    opt.ask_sig_expire = 0;
 	    opt.ask_cert_expire = 0;
+            opt.flags.allow_weak_digest_algos = 1;
 	    xfree(def_digest_string);
 	    def_digest_string = xstrdup("md5");
 	    xfree(s2k_digest_string);
diff --git a/g10/options.h b/g10/options.h
index 3c5b2c5a0..1a1384120 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -231,6 +231,7 @@ struct
     unsigned int utf8_filename:1;
     unsigned int dsa2:1;
     unsigned int allow_multiple_messages:1;
+    unsigned int allow_weak_digest_algos:1;
   } flags;
 
   /* Linked list of ways to find a key if the key isn't on the local
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 07a983621..ed4fa8978 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -269,6 +269,22 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
     if( (rc=do_check_messages(pk,sig,r_expired,r_revoked)) )
         return rc;
 
+    if (sig->digest_algo == GCRY_MD_MD5
+        && !opt.flags.allow_weak_digest_algos)
+      {
+        static int shown;
+
+        if (!shown)
+          {
+            log_info
+              (_("Note: signatures using the %s algorithm are rejected\n"),
+               "MD5");
+            shown = 1;
+          }
+
+        return GPG_ERR_DIGEST_ALGO;
+      }
+
     /* Make sure the digest algo is enabled (in case of a detached
        signature).  */
     gcry_md_enable (digest, sig->digest_algo);