* sig-check.c (signature_check2): Sanity check that the md has a context

for the hash that the sig is expecting.  This can happen if a onepass sig
header does not match the actual sig, and also if the clearsign "Hash:"
header is missing or does not match the actual sig.

2 files changed, 17 insertions, 1 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 3ab1403f9..422c2ca1f 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,5 +1,11 @@
 2002-08-07  David Shaw  <[email protected]>
 
+	* sig-check.c (signature_check2): Sanity check that the md has a
+	context for the hash that the sig is expecting.  This can happen
+	if a onepass sig header does not match the actual sig, and also if
+	the clearsign "Hash:" header is missing or does not match the
+	actual sig.
+
 	* keyedit.c (menu_revsig): Properly show a uid is revoked without
 	restarting gpg.  This is Debian bug 124219, though their supplied
 	patch will not do the right thing.
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 243099796..8dce3cbe9 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -63,7 +63,17 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest,
     int rc=0;
 
     *r_expiredate = 0;
-    if( get_pubkey( pk, sig->keyid ) )
+
+    /* Sanity check that the md has a context for the hash that the
+       sig is expecting.  This can happen if a onepass sig header does
+       not match the actual sig, and also if the clearsign "Hash:"
+       header is missing or does not match the actual sig. */
+
+    if(!md_algo_present(digest,sig->digest_algo)) {
+        log_info(_("WARNING: signature digest conflict in message\n"));
+	rc=G10ERR_BAD_SIGN;
+    }
+    else if( get_pubkey( pk, sig->keyid ) )
 	rc = G10ERR_NO_PUBKEY;
     else if(!pk->is_valid &&
 	    (pk->main_keyid[0]!=pk->keyid[0] ||