[git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.19-9-gae61f01

by Werner Koch cvs at cvs.gnupg.org
Tue Sep 1 07:50:02 CEST 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, STABLE-BRANCH-1-4 has been updated
       via  ae61f01523fc68fbd3dbac5f2ba761a7b8b117dd (commit)
      from  ae38cbbca493725305c4131fbcafa716ae0c6109 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit ae61f01523fc68fbd3dbac5f2ba761a7b8b117dd
Author: Werner Koch <wk at gnupg.org>
Date:   Mon Aug 31 23:55:16 2015 +0200

    Obsolete option --no-sig-create-check.
    
    * cipher/rsa.c (rsa_sign): Verify after sign.
    * g10/gpg.c (opts): Make --no-sig-create-check a NOP.
    * g10/options.h (opt): Remove field "no_sig_create_check".
    * g10/sign.c (do_sign): Do check only for DSA.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/rsa.c b/cipher/rsa.c
index c4d5161..5efab1d 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -452,6 +452,9 @@ int
 rsa_sign( int algo, MPI *resarr, MPI data, MPI *skey )
 {
     RSA_secret_key sk;
+    RSA_public_key pk;
+    MPI cres;
+    int rc;
 
     if( algo != 1 && algo != 3 )
 	return G10ERR_PUBKEY_ALGO;
@@ -465,7 +468,15 @@ rsa_sign( int algo, MPI *resarr, MPI data, MPI *skey )
     resarr[0] = mpi_alloc( mpi_get_nlimbs( sk.n ) );
     secret( resarr[0], data, &sk );
 
-    return 0;
+    /* Check for a failure in secret().  */
+    cres = mpi_alloc ( mpi_nlimb_hint_from_nbits (160) );
+    pk.n = sk.n;
+    pk.e = sk.e;
+    public (cres, resarr[0], &pk);
+    rc = mpi_cmp (cres, data)? G10ERR_BAD_SIGN : 0;
+    mpi_free (cres);
+
+    return rc;
 }
 
 int
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 2797fff..27ae18c 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1625,12 +1625,7 @@ can be done if someone else has write access to your public keyring.
 
 @item --no-sig-create-check
 @opindex no-sig-create-check
-GnuPG normally verifies each signature right after creation to protect
-against bugs and hardware malfunctions which could leak out bits from
-the secret key. This extra verification needs some time (about 115%
-for DSA keys), and so this option can be used to disable it.
-However, due to the fact that the signature creation needs manual
-interaction, this performance penalty does not matter in most settings.
+This options is obsolete.  It has no function.
 
 @item --auto-check-trustdb
 @itemx --no-auto-check-trustdb
diff --git a/g10/gpg.c b/g10/gpg.c
index 544c576..3f0d305 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -336,7 +336,6 @@ enum cmd_and_opt_values
     oNoExpensiveTrustChecks,
     oFixedListMode,
     oNoSigCache,
-    oNoSigCreateCheck,
     oAutoCheckTrustDB,
     oNoAutoCheckTrustDB,
     oPreservePermissions,
@@ -673,7 +672,7 @@ static ARGPARSE_OPTS opts[] = {
     { oAutoKeyRetrieve, "auto-key-retrieve", 0, "@" },
     { oNoAutoKeyRetrieve, "no-auto-key-retrieve", 0, "@" },
     { oNoSigCache,         "no-sig-cache", 0, "@" },
-    { oNoSigCreateCheck,   "no-sig-create-check", 0, "@" },
+    { oNoop,               "no-sig-create-check", 0, "@" },
     { oAutoCheckTrustDB, "auto-check-trustdb", 0, "@"},
     { oNoAutoCheckTrustDB, "no-auto-check-trustdb", 0, "@"},
     { oMergeOnly,	  "merge-only", 0, "@" },
@@ -2716,7 +2715,6 @@ main (int argc, char **argv )
 		disable_pubkey_algo( string_to_pubkey_algo(pargs.r.ret_str) );
 		break;
           case oNoSigCache: opt.no_sig_cache = 1; break;
-          case oNoSigCreateCheck: opt.no_sig_create_check = 1; break;
 	  case oAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid = 1; break;
 	  case oNoAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid=0; break;
 	  case oAllowFreeformUID: opt.allow_freeform_uid = 1; break;
diff --git a/g10/options.h b/g10/options.h
index dad5980..f3543b1 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -194,7 +194,6 @@ struct
   int try_all_secrets;
   int no_expensive_trust_checks;
   int no_sig_cache;
-  int no_sig_create_check;
   int no_auto_check_trustdb;
   int preserve_permissions;
   int no_homedir_creation;
diff --git a/g10/sign.c b/g10/sign.c
index 6587a60..ed8ac73 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -291,10 +291,11 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
         mpi_free(frame);
       }
 
-    if (!rc && !opt.no_sig_create_check) {
-        /* check that the signature verification worked and nothing is
-         * fooling us e.g. by a bug in the signature create
-         * code or by deliberately introduced faults. */
+    if (!rc && is_DSA (sk->pubkey_algo)) {
+        /* Check that the signature verification worked and nothing is
+         * fooling us e.g. by a bug in the signature create code or by
+         * deliberately introduced faults.  We don't do this for RSA
+         * because that is done at a lower layer.  */
         PKT_public_key *pk = xmalloc_clear (sizeof *pk);
 
         if( get_pubkey( pk, sig->keyid ) )

-----------------------------------------------------------------------

Summary of changes:
 cipher/rsa.c  | 13 ++++++++++++-
 doc/gpg.texi  |  7 +------
 g10/gpg.c     |  4 +---
 g10/options.h |  1 -
 g10/sign.c    |  9 +++++----
 5 files changed, 19 insertions(+), 15 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list