diff options
| author | David Shaw <[email protected]> | 2003-12-04 04:34:08 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2003-12-04 04:34:08 +0000 |
| commit | 3c40fd65d6efc2e1e6c505b52cb3655c3643464f (patch) | |
| tree | 9f33e86b80a8282d84453269a26a7a95138fbc72 | |
| parent | * NEWS: Note --disable-rsa. (diff) | |
| download | gnupg-3c40fd65d6efc2e1e6c505b52cb3655c3643464f.tar.gz gnupg-3c40fd65d6efc2e1e6c505b52cb3655c3643464f.zip | |
* options.h, g10.c (main), main.h, seskey.c (do_encode_md,
encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove
--emulate-md-encode-bug as it only applied to Elgamal signatures, which
are going away.
Diffstat (limited to '')
| -rw-r--r-- | g10/ChangeLog | 7 | ||||
| -rw-r--r-- | g10/g10.c | 5 | ||||
| -rw-r--r-- | g10/main.h | 4 | ||||
| -rw-r--r-- | g10/options.h | 4 | ||||
| -rw-r--r-- | g10/seskey.c | 12 | ||||
| -rw-r--r-- | g10/sig-check.c | 17 | ||||
| -rw-r--r-- | g10/sign.c | 4 |
7 files changed, 18 insertions, 35 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 48544d2ad..2289b8ad6 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,10 @@ +2003-12-03 David Shaw <[email protected]> + + * options.h, g10.c (main), main.h, seskey.c (do_encode_md, + encode_md_value), sig-check.c (do_check), sign.c (do_sign): Remove + --emulate-md-encode-bug as it only applied to Elgamal signatures, + which are going away. + 2003-11-30 David Shaw <[email protected]> * mainproc.c (proc_symkey_enc, proc_encrypted): Add ability to use @@ -317,7 +317,6 @@ enum cmd_and_opt_values oPersonalCipherPreferences, oPersonalDigestPreferences, oPersonalCompressPreferences, - oEmuMDEncodeBug, oDisplay, oTTYname, oTTYtype, @@ -642,7 +641,6 @@ static ARGPARSE_OPTS opts[] = { { oPersonalCipherPreferences, "personal-cipher-prefs", 2, "@"}, { oPersonalDigestPreferences, "personal-digest-prefs", 2, "@"}, { oPersonalCompressPreferences, "personal-compress-prefs", 2, "@"}, - { oEmuMDEncodeBug, "emulate-md-encode-bug", 0, "@"}, { oDisplay, "display", 2, "@" }, { oTTYname, "ttyname", 2, "@" }, { oTTYtype, "ttytype", 2, "@" }, @@ -662,11 +660,9 @@ static ARGPARSE_OPTS opts[] = { { opcscDriver, "pcsc-driver", 2, "@"}, { oDisableCCID, "disable-ccid", 0, "@"}, - {0} }; - int g10_errors_seen = 0; static int utf8_strings = 0; @@ -1673,7 +1669,6 @@ main( int argc, char **argv ) case oPGP7: opt.compliance = CO_PGP7; break; case oPGP8: opt.compliance = CO_PGP8; break; case oGnuPG: opt.compliance = CO_GNUPG; break; - case oEmuMDEncodeBug: opt.emulate_bugs |= EMUBUG_MDENCODE; break; case oCompressSigs: opt.compress_sigs = 1; break; case oRunAsShmCP: #ifndef __riscos__ diff --git a/g10/main.h b/g10/main.h index 8afde1104..b3504907f 100644 --- a/g10/main.h +++ b/g10/main.h @@ -169,8 +169,8 @@ void try_make_homedir( const char *fname ); /*-- seskey.c --*/ void make_session_key( DEK *dek ); MPI encode_session_key( DEK *dek, unsigned nbits ); -MPI encode_md_value( int pubkey_algo, MD_HANDLE md, - int hash_algo, unsigned nbits, int v3compathack ); +MPI encode_md_value( int pubkey_algo, MD_HANDLE md, + int hash_algo, unsigned nbits ); /*-- comment.c --*/ KBNODE make_comment_node( const char *s ); diff --git a/g10/options.h b/g10/options.h index f7b3a8f7e..7f7585f55 100644 --- a/g10/options.h +++ b/g10/options.h @@ -103,7 +103,6 @@ struct { CO_GNUPG=0, CO_RFC2440, CO_RFC1991, CO_PGP2, CO_PGP6, CO_PGP7, CO_PGP8 } compliance; int pgp2_workarounds; - unsigned int emulate_bugs; /* bug emulation flags EMUBUG_xxxx */ int shm_coprocess; const char *set_filename; STRLIST comments; @@ -196,9 +195,6 @@ struct { } opt; - -#define EMUBUG_MDENCODE 4 - #define DBG_PACKET_VALUE 1 /* debug packet reading/writing */ #define DBG_MPI_VALUE 2 /* debug mpi details */ #define DBG_CIPHER_VALUE 4 /* debug cipher handling */ diff --git a/g10/seskey.c b/g10/seskey.c index 881dd2c04..664508be0 100644 --- a/g10/seskey.c +++ b/g10/seskey.c @@ -142,7 +142,7 @@ encode_session_key( DEK *dek, unsigned nbits ) static MPI do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits, - const byte *asn, size_t asnlen, int v3compathack ) + const byte *asn, size_t asnlen ) { int nframe = (nbits+7) / 8; byte *frame; @@ -155,14 +155,14 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits, /* We encode the MD in this way: * - * 0 A PAD(n bytes) 0 ASN(asnlen bytes) MD(len bytes) + * 0 1 PAD(n bytes) 0 ASN(asnlen bytes) MD(len bytes) * * PAD consists of FF bytes. */ frame = md_is_secure(md)? m_alloc_secure( nframe ) : m_alloc( nframe ); n = 0; frame[n++] = 0; - frame[n++] = v3compathack? algo : 1; /* block type */ + frame[n++] = 1; /* block type */ i = nframe - len - asnlen -3 ; assert( i > 1 ); memset( frame+n, 0xff, i ); n += i; @@ -196,8 +196,8 @@ do_encode_md( MD_HANDLE md, int algo, size_t len, unsigned nbits, * the encoded value. Setting this flag forces the old behaviour. */ MPI -encode_md_value( int pubkey_algo, MD_HANDLE md, int hash_algo, - unsigned nbits, int v3compathack ) +encode_md_value( int pubkey_algo, MD_HANDLE md, + int hash_algo, unsigned nbits ) { int algo = hash_algo? hash_algo : md_get_algo(md); const byte *asn; @@ -220,7 +220,7 @@ encode_md_value( int pubkey_algo, MD_HANDLE md, int hash_algo, } else { asn = md_asn_oid( algo, &asnlen, &mdlen ); - frame = do_encode_md( md, algo, mdlen, nbits, asn, asnlen, v3compathack); + frame = do_encode_md( md, algo, mdlen, nbits, asn, asnlen ); } return frame; } diff --git a/g10/sig-check.c b/g10/sig-check.c index 699153959..403d07d95 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -324,7 +324,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest, md_final( digest ); result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo, - mpi_get_nbits(pk->pkey[0]), 0 ); + mpi_get_nbits(pk->pkey[0]) ); if (!result) return G10ERR_GENERAL; ctx.sig = sig; @@ -332,21 +332,6 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest, rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey, cmp_help, &ctx ); mpi_free( result ); - if( (opt.emulate_bugs & EMUBUG_MDENCODE) - && rc == G10ERR_BAD_SIGN && is_ELGAMAL(pk->pubkey_algo) ) { - /* In this case we try again because old GnuPG versions didn't encode - * the hash right. There is no problem with DSA however */ - result = encode_md_value( pk->pubkey_algo, digest, sig->digest_algo, - mpi_get_nbits(pk->pkey[0]), (sig->version < 5) ); - if (!result) - rc = G10ERR_GENERAL; - else { - ctx.sig = sig; - ctx.md = digest; - rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey, - cmp_help, &ctx ); - } - } if( !rc && sig->flags.unknown_critical ) { log_info(_("assuming bad signature from key %08lX due to an unknown critical bit\n"),(ulong)keyid_from_pk(pk,NULL)); diff --git a/g10/sign.c b/g10/sign.c index 55ed2f198..340b5774a 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -334,7 +334,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig, else { frame = encode_md_value( sk->pubkey_algo, md, - digest_algo, mpi_get_nbits(sk->skey[0]), 0 ); + digest_algo, mpi_get_nbits(sk->skey[0]) ); if (!frame) return G10ERR_GENERAL; rc = pubkey_sign( sk->pubkey_algo, sig->data, frame, sk->skey ); @@ -352,7 +352,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig, else { frame = encode_md_value (pk->pubkey_algo, md, sig->digest_algo, - mpi_get_nbits(pk->pkey[0]), 0); + mpi_get_nbits(pk->pkey[0]) ); if (!frame) rc = G10ERR_GENERAL; else |