diff options
| author | Werner Koch <[email protected]> | 2015-08-31 21:55:16 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2015-09-01 05:47:14 +0000 |
| commit | ae61f01523fc68fbd3dbac5f2ba761a7b8b117dd (patch) | |
| tree | b420cd40495e6c7b0c8aa669effeafec43a21fee | |
| parent | g10: Fix a race condition initially creating trustdb. (diff) | |
| download | gnupg-ae61f01523fc68fbd3dbac5f2ba761a7b8b117dd.tar.gz gnupg-ae61f01523fc68fbd3dbac5f2ba761a7b8b117dd.zip | |
Obsolete option --no-sig-create-check.
* cipher/rsa.c (rsa_sign): Verify after sign.
* g10/gpg.c (opts): Make --no-sig-create-check a NOP.
* g10/options.h (opt): Remove field "no_sig_create_check".
* g10/sign.c (do_sign): Do check only for DSA.
Signed-off-by: Werner Koch <[email protected]>
| -rw-r--r-- | cipher/rsa.c | 13 | ||||
| -rw-r--r-- | doc/gpg.texi | 7 | ||||
| -rw-r--r-- | g10/gpg.c | 4 | ||||
| -rw-r--r-- | g10/options.h | 1 | ||||
| -rw-r--r-- | g10/sign.c | 9 |
5 files changed, 19 insertions, 15 deletions
diff --git a/cipher/rsa.c b/cipher/rsa.c index c4d5161cf..5efab1d6f 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -452,6 +452,9 @@ int rsa_sign( int algo, MPI *resarr, MPI data, MPI *skey ) { RSA_secret_key sk; + RSA_public_key pk; + MPI cres; + int rc; if( algo != 1 && algo != 3 ) return G10ERR_PUBKEY_ALGO; @@ -465,7 +468,15 @@ rsa_sign( int algo, MPI *resarr, MPI data, MPI *skey ) resarr[0] = mpi_alloc( mpi_get_nlimbs( sk.n ) ); secret( resarr[0], data, &sk ); - return 0; + /* Check for a failure in secret(). */ + cres = mpi_alloc ( mpi_nlimb_hint_from_nbits (160) ); + pk.n = sk.n; + pk.e = sk.e; + public (cres, resarr[0], &pk); + rc = mpi_cmp (cres, data)? G10ERR_BAD_SIGN : 0; + mpi_free (cres); + + return rc; } int diff --git a/doc/gpg.texi b/doc/gpg.texi index 2797fffc0..27ae18c76 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1625,12 +1625,7 @@ can be done if someone else has write access to your public keyring. @item --no-sig-create-check @opindex no-sig-create-check -GnuPG normally verifies each signature right after creation to protect -against bugs and hardware malfunctions which could leak out bits from -the secret key. This extra verification needs some time (about 115% -for DSA keys), and so this option can be used to disable it. -However, due to the fact that the signature creation needs manual -interaction, this performance penalty does not matter in most settings. +This options is obsolete. It has no function. @item --auto-check-trustdb @itemx --no-auto-check-trustdb @@ -336,7 +336,6 @@ enum cmd_and_opt_values oNoExpensiveTrustChecks, oFixedListMode, oNoSigCache, - oNoSigCreateCheck, oAutoCheckTrustDB, oNoAutoCheckTrustDB, oPreservePermissions, @@ -673,7 +672,7 @@ static ARGPARSE_OPTS opts[] = { { oAutoKeyRetrieve, "auto-key-retrieve", 0, "@" }, { oNoAutoKeyRetrieve, "no-auto-key-retrieve", 0, "@" }, { oNoSigCache, "no-sig-cache", 0, "@" }, - { oNoSigCreateCheck, "no-sig-create-check", 0, "@" }, + { oNoop, "no-sig-create-check", 0, "@" }, { oAutoCheckTrustDB, "auto-check-trustdb", 0, "@"}, { oNoAutoCheckTrustDB, "no-auto-check-trustdb", 0, "@"}, { oMergeOnly, "merge-only", 0, "@" }, @@ -2716,7 +2715,6 @@ main (int argc, char **argv ) disable_pubkey_algo( string_to_pubkey_algo(pargs.r.ret_str) ); break; case oNoSigCache: opt.no_sig_cache = 1; break; - case oNoSigCreateCheck: opt.no_sig_create_check = 1; break; case oAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid = 1; break; case oNoAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid=0; break; case oAllowFreeformUID: opt.allow_freeform_uid = 1; break; diff --git a/g10/options.h b/g10/options.h index dad598050..f3543b18a 100644 --- a/g10/options.h +++ b/g10/options.h @@ -194,7 +194,6 @@ struct int try_all_secrets; int no_expensive_trust_checks; int no_sig_cache; - int no_sig_create_check; int no_auto_check_trustdb; int preserve_permissions; int no_homedir_creation; diff --git a/g10/sign.c b/g10/sign.c index 6587a6070..ed8ac7328 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -291,10 +291,11 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig, mpi_free(frame); } - if (!rc && !opt.no_sig_create_check) { - /* check that the signature verification worked and nothing is - * fooling us e.g. by a bug in the signature create - * code or by deliberately introduced faults. */ + if (!rc && is_DSA (sk->pubkey_algo)) { + /* Check that the signature verification worked and nothing is + * fooling us e.g. by a bug in the signature create code or by + * deliberately introduced faults. We don't do this for RSA + * because that is done at a lower layer. */ PKT_public_key *pk = xmalloc_clear (sizeof *pk); if( get_pubkey( pk, sig->keyid ) ) |