gpg: Remove option --no-sig-create-check.

* g10/gpg.c (opts): Remove --no-sig-create-check.
* g10/options.h (struct opt): Remove field no_sig_create_check.
* g10/sign.c (do_sign): Always check unless it is RSA and we are using
Libgcrypt 1.7.

Signed-off-by: Werner Koch <[email protected]>

4 files changed, 7 insertions, 15 deletions

diff --git a/doc/gpg.texi b/doc/gpg.texi
index a5cbafd6b..9d62afb7f 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1629,15 +1629,6 @@ modifications, you can use this option to disable the caching. It
 probably does not make sense to disable it because all kind of damage
 can be done if someone else has write access to your public keyring.
 
-@item --no-sig-create-check
-@opindex no-sig-create-check
-GnuPG normally verifies each signature right after creation to protect
-against bugs and hardware malfunctions which could leak out bits from
-the secret key. This extra verification needs some time (about 115%
-for DSA keys), and so this option can be used to disable it.
-However, due to the fact that the signature creation needs manual
-interaction, this performance penalty does not matter in most settings.
-
 @item --auto-check-trustdb
 @itemx --no-auto-check-trustdb
 @opindex auto-check-trustdb
diff --git a/g10/gpg.c b/g10/gpg.c
index e6fb42ef9..9454b5309 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -337,7 +337,6 @@ enum cmd_and_opt_values
     oFixedListMode,
     oLegacyListMode,
     oNoSigCache,
-    oNoSigCreateCheck,
     oAutoCheckTrustDB,
     oNoAutoCheckTrustDB,
     oPreservePermissions,
@@ -727,7 +726,6 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oAutoKeyRetrieve, "auto-key-retrieve", "@"),
   ARGPARSE_s_n (oNoAutoKeyRetrieve, "no-auto-key-retrieve", "@"),
   ARGPARSE_s_n (oNoSigCache,         "no-sig-cache", "@"),
-  ARGPARSE_s_n (oNoSigCreateCheck,   "no-sig-create-check", "@"),
   ARGPARSE_s_n (oMergeOnly,	  "merge-only", "@" ),
   ARGPARSE_s_n (oAllowSecretKeyImport, "allow-secret-key-import", "@"),
   ARGPARSE_s_n (oTryAllSecrets,  "try-all-secrets", "@"),
@@ -2990,7 +2988,6 @@ main (int argc, char **argv)
             }
             break;
           case oNoSigCache: opt.no_sig_cache = 1; break;
-          case oNoSigCreateCheck: opt.no_sig_create_check = 1; break;
 	  case oAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid = 1; break;
 	  case oNoAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid=0; break;
 	  case oAllowFreeformUID: opt.allow_freeform_uid = 1; break;
diff --git a/g10/options.h b/g10/options.h
index 465c5b215..fd2f4a2f6 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -191,7 +191,6 @@ struct
   int try_all_secrets;
   int no_expensive_trust_checks;
   int no_sig_cache;
-  int no_sig_create_check;
   int no_auto_check_trustdb;
   int preserve_permissions;
   int no_homedir_creation;
diff --git a/g10/sign.c b/g10/sign.c
index afc117e7d..7a8d6978e 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -294,8 +294,13 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig,
 
   /* Check that the signature verification worked and nothing is
    * fooling us e.g. by a bug in the signature create code or by
-   * deliberately introduced faults.  */
-  if (!err && !opt.no_sig_create_check)
+   * deliberately introduced faults.  Because Libgcrypt 1.7 does this
+   * for RSA internally there is no need to do it here again.  */
+  if (!err
+#if GCRYPT_VERSION_NUMBER >= 0x010700 /* Libgcrypt >= 1.7 */
+        && !is_RSA (pksk->pubkey_algo)
+#endif /* Libgcrypt >= 1.7 */
+      )
     {
       PKT_public_key *pk = xmalloc_clear (sizeof *pk);