gpg: Reject signatures made with MD5.

* g10/gpg.c: Add option --allow-weak-digest-algos.
(main): Set option also in PGP2 mode.
* g10/options.h (struct opt): Add flags.allow_weak_digest_algos.
* g10/sig-check.c (do_check): Reject MD5 signatures.
* tests/openpgp/defs.inc: Add allow_weak_digest_algos to gpg.conf.

1 files changed, 16 insertions, 0 deletions

diff --git a/g10/sig-check.c b/g10/sig-check.c
index a3075337c..0cbb7f2cc 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -266,6 +266,22 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
     if( (rc=do_check_messages(pk,sig,r_expired,r_revoked)) )
         return rc;
 
+    if (sig->digest_algo == GCRY_MD_MD5
+        && !opt.flags.allow_weak_digest_algos)
+      {
+        static int shown;
+
+        if (!shown)
+          {
+            log_info
+              (_("Note: signatures using the %s algorithm are rejected\n"),
+               "MD5");
+            shown = 1;
+          }
+
+        return GPG_ERR_DIGEST_ALGO;
+      }
+
     /* Make sure the digest algo is enabled (in case of a detached
        signature).  */
     gcry_md_enable (digest, sig->digest_algo);