gpg: Remove all support for v3 keys and always create v4-signatures.

* g10/build-packet.c (do_key): Remove support for building v3 keys.
* g10/parse-packet.c (read_protected_v3_mpi): Remove.
(parse_key): Remove support for v3-keys.  Add dedicated warnings for
v3-key packets.
* g10/keyid.c (hash_public_key): Remove v3-key support.
(keyid_from_pk): Ditto.
(fingerprint_from_pk): Ditto.

* g10/options.h (opt): Remove fields force_v3_sigs and force_v4_certs.
* g10/gpg.c (cmd_and_opt_values): Remove oForceV3Sigs, oNoForceV3Sigs,
oForceV4Certs, oNoForceV4Certs.
(opts): Turn --force-v3-sigs, --no-force-v3-sigs, --force-v4-certs,
--no-force-v4-certs int dummy options.
(main): Remove setting of the force_v3_sigs force_v4_certs flags.
* g10/revoke.c (gen_revoke, create_revocation): Always create v4 certs.
* g10/sign.c (hash_uid): Remove support for v3-signatures
(hash_sigversion_to_magic): Ditto.
(only_old_style): Remove this v3-key function.
(write_signature_packets): Remove support for creating v3-signatures.
(sign_file): Ditto.
(sign_symencrypt_file): Ditto.
(clearsign_file): Ditto.  Remove code to emit no Hash armor line if
only v3-keys are used.
(make_keysig_packet): Remove arg SIGVERSION and force using
v4-signatures.  Change all callers to not pass a value for this arg.
Remove all v3-key related code.
(update_keysig_packet): Remove v3-signature support.
* g10/keyedit.c (sign_uids): Always create v4-signatures.

* g10/textfilter.c (copy_clearsig_text): Remove arg pgp2mode and
change caller.
--

v3 keys are deprecated for about 15 years and due the severe
weaknesses of MD5 it does not make any sense to keep code around to
use these old and broken keys.  Users who need to decrypt old messages
should use gpg 1.4 and best re-encrypt them to modern standards.
verification of old (i.e. PGP2) created signatures is thus also not
anymore possible but such signatures have no values anyway - MD5 is
just too broken.

We have also kept support for v3 signatures until now.  With the
removal of support for v3 keys it is questionable whether it makes any
sense to keep support for v3-signatures.  What we do now is to keep
support for verification of v3-signatures but we force the use of
v4-signatures.  The latter makes the --pgp6 and --pgp7 switch a bit
obsolete because those PGP versions require v3-signatures for
messages.  These versions of PGP are also really old and not anymore
maintained so they have not received any bug fixes and should not be
used anyway.

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 27 insertions, 90 deletions

diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index f7b2079b0..50da17cb9 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -1901,53 +1901,6 @@ parse_onepass_sig (IOBUF inp, int pkttype, unsigned long pktlen,
 }
 
 
-static gcry_mpi_t
-read_protected_v3_mpi (IOBUF inp, unsigned long *length)
-{
-  int c;
-  unsigned int nbits, nbytes;
-  unsigned char *buf, *p;
-  gcry_mpi_t val;
-
-  if (*length < 2)
-    {
-      log_error ("mpi too small\n");
-      return NULL;
-    }
-
-  if ((c = iobuf_get (inp)) == -1)
-    return NULL;
-  --*length;
-  nbits = c << 8;
-  if ((c = iobuf_get (inp)) == -1)
-    return NULL;
-  --*length;
-  nbits |= c;
-
-  if (nbits > 16384)
-    {
-      log_error ("mpi too large (%u bits)\n", nbits);
-      return NULL;
-    }
-  nbytes = (nbits + 7) / 8;
-  buf = p = xmalloc (2 + nbytes);
-  *p++ = nbits >> 8;
-  *p++ = nbits;
-  for (; nbytes && *length; nbytes--, --*length)
-    *p++ = iobuf_get (inp);
-  if (nbytes)
-    {
-      log_error ("packet shorter than mpi\n");
-      xfree (buf);
-      return NULL;
-    }
-
-  /* Convert buffer into an opaque MPI.  */
-  val = gcry_mpi_set_opaque (NULL, buf, (p - buf) * 8);
-  return val;
-}
-
-
 static int
 parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
 	   byte * hdr, int hdrlen, PACKET * pkt)
@@ -1956,7 +1909,6 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
   int i, version, algorithm;
   unsigned long timestamp, expiredate, max_expiredate;
   int npkey, nskey;
-  int is_v4 = 0;
   int rc = 0;
   u32 keyid[2];
   PKT_public_key *pk;
@@ -1991,8 +1943,19 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
       return 0;
     }
   else if (version == 4)
-    is_v4 = 1;
-  else if (version != 2 && version != 3)
+    {
+      /* The only supported version.  Use an older gpg
+         versions (i.e. gpg 1.4 to parse v3 packets).  */
+    }
+  else if (version == 2 || version == 3)
+    {
+      log_info ("packet(%d) with obsolete version %d\n", pkttype, version);
+      if (list_mode)
+        es_fprintf (listfp, ":key packet: [obsolete version %d]\n", version);
+      err = gpg_error (GPG_ERR_INV_PACKET);
+      goto leave;
+    }
+  else
     {
       log_error ("packet(%d) with unknown version %d\n", pkttype, version);
       if (list_mode)
@@ -2012,23 +1975,8 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
 
   timestamp = read_32 (inp);
   pktlen -= 4;
-  if (is_v4)
-    {
-      expiredate = 0;		/* have to get it from the selfsignature */
-      max_expiredate = 0;
-    }
-  else
-    {
-      unsigned short ndays;
-      ndays = read_16 (inp);
-      pktlen -= 2;
-      if (ndays)
-	expiredate = timestamp + ndays * 86400L;
-      else
-	expiredate = 0;
-
-      max_expiredate = expiredate;
-    }
+  expiredate = 0;		/* have to get it from the selfsignature */
+  max_expiredate = 0;
   algorithm = iobuf_get_noeof (inp);
   pktlen--;
   if (list_mode)
@@ -2145,7 +2093,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
 	      ski->s2k.hash_algo = iobuf_get_noeof (inp);
 	      pktlen--;
 	      /* Check for the special GNU extension.  */
-	      if (is_v4 && ski->s2k.mode == 101)
+	      if (ski->s2k.mode == 101)
 		{
 		  for (i = 0; i < 4 && pktlen; i++, pktlen--)
 		    temp[i] = iobuf_get_noeof (inp);
@@ -2312,7 +2260,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
 						 10 * 8);
 	  pktlen = 0;
 	}
-      else if (is_v4 && ski->is_protected)
+      else if (ski->is_protected)
 	{
 	  /* Ugly: The length is encrypted too, so we read all stuff
 	   * up to the end of the packet into the first SKEY
@@ -2331,29 +2279,18 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
 	}
       else
 	{
-          /* The v3 method: The mpi length is not encrypted.  */
+          /* Not encrypted.  */
 	  for (i = npkey; i < nskey; i++)
 	    {
-	      if (ski->is_protected)
-		{
-		  pk->pkey[i] = read_protected_v3_mpi (inp, &pktlen);
-                  if (pk->pkey[i])
-                    gcry_mpi_set_flag (pk->pkey[i], GCRYMPI_FLAG_USER1);
-		  if (list_mode)
-		    es_fprintf (listfp, "\tskey[%d]: [v3 protected]\n", i);
-		}
-	      else
-		{
-		  unsigned int n = pktlen;
-		  pk->pkey[i] = mpi_read (inp, &n, 0);
-		  pktlen -= n;
-		  if (list_mode)
-		    {
-		      es_fprintf (listfp, "\tskey[%d]: ", i);
-		      mpi_print (listfp, pk->pkey[i], mpi_print_mode);
-		      es_putc ('\n', listfp);
-		    }
-		}
+              unsigned int n = pktlen;
+              pk->pkey[i] = mpi_read (inp, &n, 0);
+              pktlen -= n;
+              if (list_mode)
+                {
+                  es_fprintf (listfp, "\tskey[%d]: ", i);
+                  mpi_print (listfp, pk->pkey[i], mpi_print_mode);
+                  es_putc ('\n', listfp);
+                }
 
 	      if (!pk->pkey[i])
 		err = gpg_error (GPG_ERR_INV_PACKET);