diff options
| author | Daniel Kahn Gillmor <[email protected]> | 2015-10-19 14:41:23 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2015-10-19 15:33:07 +0000 |
| commit | b98939812abf6c643c752ce7c325f98039a1a9e2 (patch) | |
| tree | 9921a16ce042780839d05d9ce0bc473832e1a095 | |
| parent | gpg: Add option --weak-digest to gpg and gpgv. (diff) | |
| download | gnupg-b98939812abf6c643c752ce7c325f98039a1a9e2.tar.gz gnupg-b98939812abf6c643c752ce7c325f98039a1a9e2.zip | |
gpg: Print warning when rejecting weak digests
* g10/misc.c (print_md5_rejected_note): Rename to ..
(print_digest_rejected_note): this. Parameterize function to take an
enum gcry_md_algos.
* g10/sig-check.c: Use print_digest_rejected_note() when rejecting
signatures.
--
76afaed65e3b0ddfa4923cb577ada43217dd4b18 allowed extra --weak-digests,
but removed the one call to print_md5_rejected_note(). This replaces
and generalizes that warning.
Signed-Off-By: Daniel Kahn Gillmor <[email protected]>
Diffstat (limited to '')
| -rw-r--r-- | g10/main.h | 2 | ||||
| -rw-r--r-- | g10/misc.c | 4 | ||||
| -rw-r--r-- | g10/sig-check.c | 10 |
3 files changed, 11 insertions, 5 deletions
diff --git a/g10/main.h b/g10/main.h index 0226c6418..601a9526c 100644 --- a/g10/main.h +++ b/g10/main.h @@ -87,7 +87,7 @@ extern int g10_errors_seen; void print_pubkey_algo_note (pubkey_algo_t algo); void print_cipher_algo_note (cipher_algo_t algo); void print_digest_algo_note (digest_algo_t algo); -void print_md5_rejected_note (void); +void print_digest_rejected_note (enum gcry_md_algos algo); void additional_weak_digest (const char* digestname); /*-- armor.c --*/ diff --git a/g10/misc.c b/g10/misc.c index c135059d8..93ddaa042 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -339,7 +339,7 @@ print_digest_algo_note (digest_algo_t algo) void -print_md5_rejected_note (void) +print_digest_rejected_note (enum gcry_md_algos algo) { static int shown; @@ -348,7 +348,7 @@ print_md5_rejected_note (void) es_fflush (es_stdout); log_info (_("Note: signatures using the %s algorithm are rejected\n"), - "MD5"); + gcry_md_algo_name(algo)); shown = 1; } } diff --git a/g10/sig-check.c b/g10/sig-check.c index 84930d615..23f42b9cd 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -282,10 +282,16 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest, if (!opt.flags.allow_weak_digest_algos) { if (sig->digest_algo == GCRY_MD_MD5) - return GPG_ERR_DIGEST_ALGO; + { + print_digest_rejected_note(sig->digest_algo); + return GPG_ERR_DIGEST_ALGO; + } for (weak = opt.additional_weak_digests; weak; weak = weak->next) if (sig->digest_algo == weak->algo) - return GPG_ERR_DIGEST_ALGO; + { + print_digest_rejected_note(sig->digest_algo); + return GPG_ERR_DIGEST_ALGO; + } } /* Make sure the digest algo is enabled (in case of a detached |