[git] GnuPG - branch, master, updated. gnupg-2.1.21-64-g3621dbe
by Werner Koch
cvs at cvs.gnupg.org
Mon Jun 19 20:32:59 CEST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 3621dbe52584bc8b417f61b5370ebaa5598db956 (commit)
via 6cc4702767eec5506a974aa942868066a40cf54c (commit)
from 61ef43546ba9f0209692a1569d2f033436566a02 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3621dbe52584bc8b417f61b5370ebaa5598db956
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jun 19 17:50:02 2017 +0200
gpg,gpgsm: Fix compliance check for DSA and avoid an assert.
* common/compliance.c (gnupg_pk_is_compliant): Swap P and Q for DSA
check. Explicitly check for allowed ECC algos.
(gnupg_pk_is_allowed): Swap P and Q for DSA check.
* g10/mainproc.c (proc_encrypted): Simplify SYMKEYS check. Replace
assert by debug message.
--
Note that in mainproc.c SYMKEYS is unsigned and thus a greater than 0
condition is surprising because it leads to the assumption SYMKEYS
could be negative. Better use a boolean test.
The assert could have lead to a regression for no good reason. Not
being compliant is better than breaking existing users.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/common/compliance.c b/common/compliance.c
index 3c43fd8..8b91677 100644
--- a/common/compliance.c
+++ b/common/compliance.c
@@ -154,10 +154,10 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,
case is_dsa:
if (key)
{
- size_t L = gcry_mpi_get_nbits (key[0] /* p */);
- size_t N = gcry_mpi_get_nbits (key[1] /* q */);
- result = (L == 256
- && (N == 2048 || N == 3072));
+ size_t P = gcry_mpi_get_nbits (key[0]);
+ size_t Q = gcry_mpi_get_nbits (key[1]);
+ result = (Q == 256
+ && (P == 2048 || P == 3072));
}
break;
@@ -171,7 +171,8 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,
}
result = (curvename
- && algo != PUBKEY_ALGO_EDDSA
+ && (algo == PUBKEY_ALGO_ECDH
+ || algo == PUBKEY_ALGO_ECDSA)
&& (!strcmp (curvename, "brainpoolP256r1")
|| !strcmp (curvename, "brainpoolP384r1")
|| !strcmp (curvename, "brainpoolP512r1")));
@@ -238,13 +239,13 @@ gnupg_pk_is_allowed (enum gnupg_compliance_mode compliance,
case PUBKEY_ALGO_DSA:
if (key)
{
- size_t L = gcry_mpi_get_nbits (key[0] /* p */);
- size_t N = gcry_mpi_get_nbits (key[1] /* q */);
+ size_t P = gcry_mpi_get_nbits (key[0]);
+ size_t Q = gcry_mpi_get_nbits (key[1]);
return ((use == PK_USE_SIGNING
- && L == 256
- && (N == 2048 || N == 3072))
+ && Q == 256
+ && (P == 2048 || P == 3072))
|| (use == PK_USE_VERIFICATION
- && N < 2048));
+ && P < 2048));
}
else
return 0;
diff --git a/common/compliance.h b/common/compliance.h
index 183f142..d55bbf3 100644
--- a/common/compliance.h
+++ b/common/compliance.h
@@ -57,14 +57,17 @@ int gnupg_pk_is_allowed (enum gnupg_compliance_mode compliance,
int gnupg_cipher_is_compliant (enum gnupg_compliance_mode compliance,
cipher_algo_t cipher,
enum gcry_cipher_modes mode);
-int gnupg_cipher_is_allowed (enum gnupg_compliance_mode compliance, int producer,
+int gnupg_cipher_is_allowed (enum gnupg_compliance_mode compliance,
+ int producer,
cipher_algo_t cipher,
enum gcry_cipher_modes mode);
int gnupg_digest_is_compliant (enum gnupg_compliance_mode compliance,
digest_algo_t digest);
-int gnupg_digest_is_allowed (enum gnupg_compliance_mode compliance, int producer,
+int gnupg_digest_is_allowed (enum gnupg_compliance_mode compliance,
+ int producer,
digest_algo_t digest);
-const char *gnupg_status_compliance_flag (enum gnupg_compliance_mode compliance);
+const char *gnupg_status_compliance_flag (enum gnupg_compliance_mode
+ compliance);
struct gnupg_compliance_option
{
@@ -76,7 +79,8 @@ int gnupg_parse_compliance_option (const char *string,
struct gnupg_compliance_option options[],
size_t length,
int quiet);
-const char *gnupg_compliance_option_string (enum gnupg_compliance_mode compliance);
+const char *gnupg_compliance_option_string (enum gnupg_compliance_mode
+ compliance);
#endif /*GNUPG_COMMON_COMPLIANCE_H*/
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 2db8de1..c57925c 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -94,7 +94,7 @@ struct mainproc_context
kbnode_t list; /* The current list of packets. */
iobuf_t iobuf; /* Used to get the filename etc. */
int trustletter; /* Temporary usage in list_node. */
- ulong symkeys;
+ ulong symkeys; /* Number of symmetrically encrypted session keys. */
struct kidlist_item *pkenc_list; /* List of encryption packets. */
struct {
unsigned int sig_seen:1; /* Set to true if a signature packet
@@ -603,18 +603,19 @@ proc_encrypted (CTX c, PACKET *pkt)
/* Compute compliance with CO_DE_VS. */
if (!result && is_status_enabled ()
/* Symmetric encryption and asymmetric encryption voids compliance. */
- && ((c->symkeys > 0) != (c->pkenc_list != NULL))
+ && (c->symkeys != !!c->pkenc_list )
/* Overriding session key voids compliance. */
- && opt.override_session_key == NULL
+ && !opt.override_session_key
/* Check symmetric cipher. */
- && gnupg_cipher_is_compliant (CO_DE_VS, c->dek->algo, GCRY_CIPHER_MODE_CFB))
+ && gnupg_cipher_is_compliant (CO_DE_VS, c->dek->algo,
+ GCRY_CIPHER_MODE_CFB))
{
struct kidlist_item *i;
int compliant = 1;
PKT_public_key *pk = xmalloc (sizeof *pk);
- log_assert (c->pkenc_list || c->symkeys
- || !"where else did the session key come from!?");
+ if ( !(c->pkenc_list || c->symkeys) )
+ log_debug ("%s: where else did the session key come from?\n", __func__);
/* Now check that every key used to encrypt the session key is
* compliant. */
diff --git a/sm/decrypt.c b/sm/decrypt.c
index 7d43405..16181df 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -493,9 +493,10 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
}
/* Check that all certs are compliant with CO_DE_VS. */
- is_de_vs = (is_de_vs
- && gnupg_pk_is_compliant (CO_DE_VS, pk_algo, NULL,
- nbits, NULL));
+ is_de_vs =
+ (is_de_vs
+ && gnupg_pk_is_compliant (CO_DE_VS, pk_algo, NULL,
+ nbits, NULL));
}
oops:
commit 6cc4702767eec5506a974aa942868066a40cf54c
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jun 19 17:42:50 2017 +0200
indent: Always use "_(" and not "_ (" to mark translatable strings.
--
This makes greping much easier and we have done that since ever.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/common/compliance.c b/common/compliance.c
index 5702471..3c43fd8 100644
--- a/common/compliance.c
+++ b/common/compliance.c
@@ -397,7 +397,8 @@ gnupg_cipher_is_allowed (enum gnupg_compliance_mode compliance, int producer,
/* Return true if DIGEST is compliant to the given COMPLIANCE mode. */
int
-gnupg_digest_is_compliant (enum gnupg_compliance_mode compliance, digest_algo_t digest)
+gnupg_digest_is_compliant (enum gnupg_compliance_mode compliance,
+ digest_algo_t digest)
{
if (! initialized)
return 0;
@@ -499,7 +500,7 @@ gnupg_parse_compliance_option (const char *string,
if (! ascii_strcasecmp (string, "help"))
{
- log_info (_ ("valid values for option '%s':\n"), "--compliance");
+ log_info (_("valid values for option '%s':\n"), "--compliance");
for (i = 0; i < length; i++)
log_info (" %s\n", options[i].keyword);
return -1;
@@ -509,9 +510,9 @@ gnupg_parse_compliance_option (const char *string,
if (! ascii_strcasecmp (string, options[i].keyword))
return options[i].value;
- log_error (_ ("invalid value for option '%s'\n"), "--compliance");
+ log_error (_("invalid value for option '%s'\n"), "--compliance");
if (! quiet)
- log_info (_ ("(use \"help\" to list choices)\n"));
+ log_info (_("(use \"help\" to list choices)\n"));
return -1;
}
diff --git a/g10/decrypt-data.c b/g10/decrypt-data.c
index 7023301..77681d1 100644
--- a/g10/decrypt-data.c
+++ b/g10/decrypt-data.c
@@ -101,8 +101,8 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek)
/* Check compliance. */
if (! gnupg_cipher_is_allowed (opt.compliance, 0, dek->algo, GCRY_CIPHER_MODE_CFB))
{
- log_error (_ ("you may not use cipher algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use cipher algorithm '%s'"
+ " while in %s mode\n"),
openpgp_cipher_algo_name (dek->algo),
gnupg_compliance_option_string (opt.compliance));
rc = gpg_error (GPG_ERR_CIPHER_ALGO);
diff --git a/g10/encrypt.c b/g10/encrypt.c
index ee2f078..b92a4f0 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -617,8 +617,8 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
if (! gnupg_cipher_is_allowed (opt.compliance, 1, cfx.dek->algo,
GCRY_CIPHER_MODE_CFB))
{
- log_error (_ ("you may not use cipher algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use cipher algorithm '%s'"
+ " while in %s mode\n"),
openpgp_cipher_algo_name (cfx.dek->algo),
gnupg_compliance_option_string (opt.compliance));
rc = gpg_error (GPG_ERR_CIPHER_ALGO);
diff --git a/g10/gpg.c b/g10/gpg.c
index d129769..3e15373 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -3883,8 +3883,8 @@ main (int argc, char **argv)
|| cmd == aSignEncrSym,
opt.def_cipher_algo,
GCRY_CIPHER_MODE_NONE))
- log_error (_ ("you may not use cipher algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use cipher algorithm '%s'"
+ " while in %s mode\n"),
openpgp_cipher_algo_name (opt.def_cipher_algo),
gnupg_compliance_option_string (opt.compliance));
@@ -3896,8 +3896,8 @@ main (int argc, char **argv)
|| cmd == aSignSym
|| cmd == aClearsign,
opt.def_digest_algo))
- log_error (_ ("you may not use digest algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use digest algorithm '%s'"
+ " while in %s mode\n"),
gcry_md_algo_name (opt.def_digest_algo),
gnupg_compliance_option_string (opt.compliance));
diff --git a/g10/sig-check.c b/g10/sig-check.c
index d0e27ea..9123179 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -136,8 +136,8 @@ check_signature2 (ctrl_t ctrl,
else if (! gnupg_digest_is_allowed (opt.compliance, 0, sig->digest_algo))
{
/* Compliance failure. */
- log_info (_ ("you may not use digest algorithm '%s'"
- " while in %s mode\n"),
+ log_info (_("you may not use digest algorithm '%s'"
+ " while in %s mode\n"),
gcry_md_algo_name (sig->digest_algo),
gnupg_compliance_option_string (opt.compliance));
rc = gpg_error (GPG_ERR_DIGEST_ALGO);
diff --git a/g10/sign.c b/g10/sign.c
index 024dd06..71b0408 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -281,8 +281,8 @@ do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
/* Check compliance. */
if (! gnupg_digest_is_allowed (opt.compliance, 1, mdalgo))
{
- log_error (_ ("you may not use digest algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use digest algorithm '%s'"
+ " while in %s mode\n"),
gcry_md_algo_name (mdalgo),
gnupg_compliance_option_string (opt.compliance));
err = gpg_error (GPG_ERR_DIGEST_ALGO);
diff --git a/sm/decrypt.c b/sm/decrypt.c
index 6909b15..7d43405 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -361,8 +361,8 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
/* Check compliance. */
if (! gnupg_cipher_is_allowed (opt.compliance, 0, algo, mode))
{
- log_error (_ ("you may not use cipher algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use cipher algorithm '%s'"
+ " while in %s mode\n"),
gcry_cipher_algo_name (algo),
gnupg_compliance_option_string (opt.compliance));
rc = gpg_error (GPG_ERR_CIPHER_ALGO);
diff --git a/sm/encrypt.c b/sm/encrypt.c
index 45860a8..9957bb9 100644
--- a/sm/encrypt.c
+++ b/sm/encrypt.c
@@ -411,8 +411,8 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
gcry_cipher_map_name (opt.def_cipher_algoid),
gcry_cipher_mode_from_oid (opt.def_cipher_algoid)))
{
- log_error (_ ("you may not use cipher algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use cipher algorithm '%s'"
+ " while in %s mode\n"),
opt.def_cipher_algoid,
gnupg_compliance_option_string (opt.compliance));
rc = gpg_error (GPG_ERR_CIPHER_ALGO);
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index c462544..5277140 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -1627,8 +1627,8 @@ main ( int argc, char **argv)
cmd == aEncr || cmd == aSignEncr,
gcry_cipher_mode_from_oid (opt.def_cipher_algoid),
GCRY_CIPHER_MODE_NONE))
- log_error (_ ("you may not use cipher algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use cipher algorithm '%s'"
+ " while in %s mode\n"),
opt.def_cipher_algoid, gnupg_compliance_option_string (opt.compliance));
if (forced_digest_algo
@@ -1637,8 +1637,8 @@ main ( int argc, char **argv)
|| cmd == aSignEncr
|| cmd == aClearsign,
opt.forced_digest_algo))
- log_error (_ ("you may not use digest algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use digest algorithm '%s'"
+ " while in %s mode\n"),
forced_digest_algo, gnupg_compliance_option_string (opt.compliance));
if (extra_digest_algo
@@ -1647,8 +1647,8 @@ main ( int argc, char **argv)
|| cmd == aSignEncr
|| cmd == aClearsign,
opt.extra_digest_algo))
- log_error (_ ("you may not use digest algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use digest algorithm '%s'"
+ " while in %s mode\n"),
forced_digest_algo, gnupg_compliance_option_string (opt.compliance));
if (log_get_errorcount(0))
diff --git a/sm/sign.c b/sm/sign.c
index 2fbee75..7ba2319 100644
--- a/sm/sign.c
+++ b/sm/sign.c
@@ -464,8 +464,8 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
/* Check compliance. */
if (! gnupg_digest_is_allowed (opt.compliance, 1, cl->hash_algo))
{
- log_error (_ ("you may not use digest algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use digest algorithm '%s'"
+ " while in %s mode\n"),
gcry_md_algo_name (cl->hash_algo),
gnupg_compliance_option_string (opt.compliance));
err = gpg_error (GPG_ERR_DIGEST_ALGO);
diff --git a/sm/verify.c b/sm/verify.c
index 89f06ef..f79c0ae 100644
--- a/sm/verify.c
+++ b/sm/verify.c
@@ -467,8 +467,8 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
if (! gnupg_digest_is_allowed (opt.compliance, 0, sigval_hash_algo))
{
- log_error (_ ("you may not use digest algorithm '%s'"
- " while in %s mode\n"),
+ log_error (_("you may not use digest algorithm '%s'"
+ " while in %s mode\n"),
gcry_md_algo_name (sigval_hash_algo),
gnupg_compliance_option_string (opt.compliance));
goto next_signer;
-----------------------------------------------------------------------
Summary of changes:
common/compliance.c | 30 ++++++++++++++++--------------
common/compliance.h | 12 ++++++++----
g10/decrypt-data.c | 4 ++--
g10/encrypt.c | 4 ++--
g10/gpg.c | 8 ++++----
g10/mainproc.c | 13 +++++++------
g10/sig-check.c | 4 ++--
g10/sign.c | 4 ++--
sm/decrypt.c | 11 ++++++-----
sm/encrypt.c | 4 ++--
sm/gpgsm.c | 12 ++++++------
sm/sign.c | 4 ++--
sm/verify.c | 4 ++--
13 files changed, 61 insertions(+), 53 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list