--pgp2 option
David Shaw
dshaw at jabberwocky.com
Fri Nov 23 18:48:02 CET 2001
On Mon, Nov 19, 2001 at 12:26:21PM +0200, disastry at saiknes.lv.NO.SPaM.NET wrote:
> > David Shaw wrote:
> > Here's a --pgp2 command line option. With all of the repeated
> > questions on various mailing lists and people getting confused, I
> > think this should help reduce the number of times the PGP 2 question
> > gets asked.
> >
> > The big difference between this and the "--rfc1991 --cipher-algo idea
> > --compress-algo 1"
>
> it should include also "--digest-algo md5"
Hmm. I only planned on covering encryption in --pgp2, but you're
right - this is better.
Here's the latest revision of the patch. It does this:
1) When encrypting, it uses "--rfc1991 --cipher-algo idea
--compress-algo 1", and requires that the public key you are
encrypting to is RSA and <= 2048 bits and that you encrypt using a
file (and not stdin).
Note that you can encrypt to a V4 (sub)key if it meets the RSA <=
2048 bit test. This is to make things easier to encrypt to
multiple keys at once (some V3 and some V4).
2) When signing or clearsigning a document, it requires that the
secret key you are signing with is V3. It sets "--digest-algo
md5", and generates a V3 signature.
3) Signing and encrypting at the same time is disallowed.
The patch does not do anything special for key signatures as PGP 2.x
does not blow up with v4 or non-RSA key signatures (it complains, but
still works).
General question for the group: is it better to warn, rather than
prevent the user from doing something that will blow up PGP2? Also,
I'm not a big user of the symmetric-only encryption features in GnuPG
or PGP 2.x. Is there something that needs to happen for symmetric
encryption to be compatible between the two?
David
--
David Shaw | dshaw at jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
-------------- next part --------------
Index: ChangeLog
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/ChangeLog,v
retrieving revision 1.162.2.170
diff -u -r1.162.2.170 ChangeLog
--- ChangeLog 2001/11/09 09:36:22 1.162.2.170
+++ ChangeLog 2001/11/23 17:42:46
@@ -1,3 +1,19 @@
+2001-11-23 David Shaw <dshaw at jabberwocky.com>
+
+ * sign.c (sign_file, clearsign_file): When using --pgp2, require
+ the signature is made with a v3 key, and make a v3 sig.
+
+2001-11-16 David Shaw <dshaw at jabberwocky.com>
+
+ * g10.c, options.h: New option --pgp2. This is identical to
+ "--rfc1991 --cipher-algo idea --compress-algo 1" with the addition
+ of an error to force the user not to use a pipe (which would break
+ pgp2 compatibility).
+
+ * encode.c (encode_crypt): fail if the user tries to encrypt to
+ any key that is not RSA and <= 2048 bits when the --pgp2 option is
+ used.
+
2001-11-09 Werner Koch <wk at gnupg.org>
* export.c (do_export_stream): Put all given names into a search
Index: encode.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/encode.c,v
retrieving revision 1.47.2.10
diff -u -r1.47.2.10 encode.c
--- encode.c 2001/08/30 16:39:22 1.47.2.10
+++ encode.c 2001/11/23 17:42:49
@@ -250,7 +250,7 @@
armor_filter_context_t afx;
compress_filter_context_t zfx;
text_filter_context_t tfx;
- PK_LIST pk_list;
+ PK_LIST pk_list,work_list;
int do_compress = opt.compress && !opt.rfc1991;
@@ -262,6 +262,16 @@
if( (rc=build_pk_list( remusr, &pk_list, PUBKEY_USAGE_ENC)) )
return rc;
+
+ if(opt.pgp2)
+ for(work_list=pk_list;work_list->next!=NULL;work_list=work_list->next)
+ if(!(is_RSA(work_list->pk->pubkey_algo) &&
+ nbits_from_pk(work_list->pk)<=2048))
+ {
+ log_error(_("You can only encrypt to RSA keys of 2048 bits or less in --pgp2 mode\n"));
+ rc=G10ERR_WR_PUBKEY_ALGO;
+ goto leave;
+ }
/* prepare iobufs */
if( !(inp = iobuf_open(filename)) ) {
Index: g10.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/Attic/g10.c,v
retrieving revision 1.129.2.58
diff -u -r1.129.2.58 g10.c
--- g10.c 2001/11/08 13:25:48 1.129.2.58
+++ g10.c 2001/11/23 17:42:52
@@ -142,6 +142,7 @@
oLoadExtension,
oRFC1991,
oOpenPGP,
+ oPGP2,
oCipherAlgo,
oDigestAlgo,
oCompressAlgo,
@@ -343,6 +344,7 @@
{ oLoadExtension, "load-extension" ,2, N_("|FILE|load extension module FILE")},
{ oRFC1991, "rfc1991", 0, N_("emulate the mode described in RFC1991")},
{ oOpenPGP, "openpgp", 0, N_("set all packet, cipher and digest options to OpenPGP behavior")},
+ { oPGP2, "pgp2", 0, N_("set all packet, cipher and digest options to PGP 2.x behavior")},
{ oS2KMode, "s2k-mode", 1, N_("|N|use passphrase mode N")},
{ oS2KDigest, "s2k-digest-algo",2,
N_("|NAME|use message digest algorithm NAME for passphrases")},
@@ -981,6 +983,9 @@
opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
opt.s2k_cipher_algo = CIPHER_ALGO_CAST5;
break;
+ case oPGP2:
+ opt.pgp2 = 1;
+ break;
case oEmuChecksumBug: opt.emulate_bugs |= EMUBUG_GPGCHKSUM; break;
case oEmu3DESS2KBug: opt.emulate_bugs |= EMUBUG_3DESS2K; break;
case oEmuMDEncodeBug: opt.emulate_bugs |= EMUBUG_MDENCODE; break;
@@ -1233,6 +1238,19 @@
g10_opt_verbose = opt.verbose;
}
+ /* Do this after the switch(), so it can override these
+ settings. */
+ if(opt.pgp2)
+ {
+ opt.force_v3_sigs = 1;
+ opt.pgp2_workarounds = 1;
+ opt.rfc1991 = 1;
+ opt.def_cipher_algo = CIPHER_ALGO_IDEA;
+ opt.def_compress_algo = 1;
+ if( check_cipher_algo(CIPHER_ALGO_IDEA) )
+ log_error(_("--pgp2 mode requires the IDEA module to be present\n"));
+ opt.def_digest_algo = DIGEST_ALGO_MD5;
+ }
/* kludge to let -sat generate a clear text signature */
if( opt.textmode == 2 && !detached_sig && opt.armor && cmd == aSign )
@@ -1319,6 +1337,11 @@
break;
case aEncr: /* encrypt the given file */
+ if( argc == 0 && opt.pgp2 ) {
+ log_error(_("You must use files when encrypting with --pgp2 enabled.\n"));
+ break;
+ }
+
if( argc > 1 )
wrong_args(_("--encrypt [filename]"));
if( (rc = encode_crypt(fname,remusr)) )
@@ -1347,6 +1370,10 @@
case aSignEncr: /* sign and encrypt the given file */
if( argc > 1 )
wrong_args(_("--sign --encrypt [filename]"));
+ if(opt.pgp2) {
+ log_error(_("You can't sign and encrypt at the same time while in --pgp2 mode\n"));
+ break;
+ }
if( argc ) {
sl = m_alloc_clear( sizeof *sl + strlen(fname));
strcpy(sl->d, fname);
Index: options.h
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/options.h,v
retrieving revision 1.51.2.31
diff -u -r1.51.2.31 options.h
--- options.h 2001/11/08 13:25:48 1.51.2.31
+++ options.h 2001/11/23 17:43:07
@@ -74,6 +74,7 @@
int compress_keys;
int compress_sigs;
int always_trust;
+ int pgp2;
int rfc1991;
int rfc2440;
int pgp2_workarounds;
Index: sign.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/sign.c,v
retrieving revision 1.75.2.26
diff -u -r1.75.2.26 sign.c
--- sign.c 2001/11/09 09:36:22 1.75.2.26
+++ sign.c 2001/11/23 17:43:15
@@ -541,9 +541,17 @@
if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
goto leave;
- if( !old_style )
+ if( !old_style || opt.pgp2 )
old_style = only_old_style( sk_list );
+ if(!old_style && opt.pgp2)
+ {
+ log_error(_("You can only sign with PGP2.x style keys "
+ "while in --pgp2 mode\n"));
+ rc=G10ERR_WR_PUBKEY_ALGO;
+ goto leave;
+ }
+
if( encryptflag ) {
if( (rc=build_pk_list( remusr, &pk_list, PUBKEY_USAGE_ENC )) )
goto leave;
@@ -705,8 +713,16 @@
if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
goto leave;
- if( !old_style )
+ if( !old_style || opt.pgp2 )
old_style = only_old_style( sk_list );
+
+ if(!old_style && opt.pgp2)
+ {
+ log_error(_("You can only clearsign with PGP2.x style keys "
+ "while in --pgp2 mode\n"));
+ rc=G10ERR_WR_PUBKEY_ALGO;
+ goto leave;
+ }
/* prepare iobufs */
if( !(inp = iobuf_open(fname)) ) {
More information about the Gnupg-devel
mailing list