Avoid recipient-compatibility SHA1
wk at gnupg.org
Mon Nov 2 13:49:36 CET 2020
On Fri, 30 Oct 2020 00:10, Phil Pennock said:
> I just sent a message to N recipients, and I think one of them probably
> has some preference algorithm in their key details, because this one
> mail was signed using SHA1, not my defaults.
Author: Werner Koch <wk at gnupg.org>
Date: Mon Nov 2 13:39:58 2020 +0100
gpg: Do not use weak digest algos if selected by recipient prefs.
* g10/misc.c (is_weak_digest): New.
(print_digest_algo_note): Use it here.
* g10/sig-check.c (check_signature_end_simple): Use it.
* g10/sign.c (hash_for): Do not use recipient_digest_algo if it is in
the least of weak digest algorithm.
If a message is signed and encrypted to several recipients, the to be
used digest algorithm is deduced from the preferences of the
recipient. This is so that all recipients are able to check the the
signature. However, if the sender has a declared an algorithm as
week, that algorithm shall not be used - in this case we fallback to
the standard way of selecting an algorithm.
Note that a smarter way of selecting the algo is to check this while
figuring out the algorithm - this needs more testing and thus we do it
the simple way.
or in short if any of the preferences would lead to a weak algo the
feature of selecting the digest algo from the preferences is disabled.
I intend to put this also in to 2.2.24.
> recipient. That's fine. I'd rather create pressure for people to fix
> their systems to use modern cryptography than cater to their brokenness
> with sensitive messages.
People won't update their keys - that just does not work. Ignoring the
preferences is a better way here.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 227 bytes
Desc: not available
More information about the Gnupg-users