2023-09-25 12:24:20 +02:00
|
|
|
From 4583f4fe2e11b3dd070066628c3f16776cc74f72 Mon Sep 17 00:00:00 2001
|
|
|
|
|
From: Werner Koch <wk@gnupg.org>
|
|
|
|
|
Date: Mon, 31 Oct 2022 16:14:18 +0100
|
|
|
|
|
Subject: [PATCH GnuPG] gpg: Merge --rfc4880bis features into --gnupg
|
|
|
|
|
|
|
|
|
|
* g10/gpg.c (oRFC4880bis): Remove.
|
|
|
|
|
(opts): Make --rfc4880bis a Noop.
|
|
|
|
|
(compliance_options): Make rfc4880bis to gnupg.
|
|
|
|
|
(set_compliance_option): Remove rfc4880bis stuff.
|
|
|
|
|
(main): Ditto. Note that this now activates the --mimemode option.
|
|
|
|
|
* g10/keygen.c (keygen_set_std_prefs): Remove rfc4880bis protection.
|
|
|
|
|
(keygen_upd_std_prefs): Always announce support for v5 keys.
|
|
|
|
|
(read_parameter_file): Activate the v4 and v5 keywords.
|
|
|
|
|
--
|
|
|
|
|
|
2023-10-10 17:00:55 +02:00
|
|
|
Index: gnupg-2.4.1/g10/gpg.c
|
2023-09-25 12:24:20 +02:00
|
|
|
===================================================================
|
2023-10-10 17:00:55 +02:00
|
|
|
--- gnupg-2.4.1.orig/g10/gpg.c
|
|
|
|
|
+++ gnupg-2.4.1/g10/gpg.c
|
|
|
|
|
@@ -247,6 +247,7 @@ enum cmd_and_opt_values
|
2023-09-25 12:24:20 +02:00
|
|
|
oGnuPG,
|
|
|
|
|
oRFC2440,
|
|
|
|
|
oRFC4880,
|
|
|
|
|
+ oRFC4880bis,
|
|
|
|
|
oOpenPGP,
|
|
|
|
|
oPGP7,
|
|
|
|
|
oPGP8,
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -636,6 +637,7 @@ static gpgrt_opt_t opts[] = {
|
2023-09-25 12:24:20 +02:00
|
|
|
ARGPARSE_s_n (oGnuPG, "no-pgp8", "@"),
|
|
|
|
|
ARGPARSE_s_n (oRFC2440, "rfc2440", "@"),
|
|
|
|
|
ARGPARSE_s_n (oRFC4880, "rfc4880", "@"),
|
|
|
|
|
+ ARGPARSE_s_n (oRFC4880bis, "rfc4880bis", "@"),
|
|
|
|
|
ARGPARSE_s_n (oOpenPGP, "openpgp", N_("use strict OpenPGP behavior")),
|
|
|
|
|
ARGPARSE_s_n (oPGP7, "pgp6", "@"),
|
|
|
|
|
ARGPARSE_s_n (oPGP7, "pgp7", "@"),
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -978,7 +980,6 @@ static gpgrt_opt_t opts[] = {
|
2023-09-25 12:24:20 +02:00
|
|
|
ARGPARSE_s_n (oNoop, "no-allow-multiple-messages", "@"),
|
|
|
|
|
ARGPARSE_s_s (oNoop, "aead-algo", "@"),
|
|
|
|
|
ARGPARSE_s_s (oNoop, "personal-aead-preferences","@"),
|
|
|
|
|
- ARGPARSE_s_n (oNoop, "rfc4880bis", "@"),
|
2023-10-10 17:00:55 +02:00
|
|
|
ARGPARSE_s_n (oNoop, "override-compliance-check", "@"),
|
2023-09-25 12:24:20 +02:00
|
|
|
|
|
|
|
|
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -2227,7 +2228,7 @@ static struct gnupg_compliance_option co
|
2023-09-25 12:24:20 +02:00
|
|
|
{
|
|
|
|
|
{ "gnupg", oGnuPG },
|
|
|
|
|
{ "openpgp", oOpenPGP },
|
|
|
|
|
- { "rfc4880bis", oGnuPG },
|
|
|
|
|
+ { "rfc4880bis", oRFC4880bis },
|
|
|
|
|
{ "rfc4880", oRFC4880 },
|
|
|
|
|
{ "rfc2440", oRFC2440 },
|
|
|
|
|
{ "pgp6", oPGP7 },
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -2243,8 +2244,28 @@ static struct gnupg_compliance_option co
|
2023-09-25 12:24:20 +02:00
|
|
|
static void
|
|
|
|
|
set_compliance_option (enum cmd_and_opt_values option)
|
|
|
|
|
{
|
|
|
|
|
+ opt.flags.rfc4880bis = 0; /* Clear because it is initially set. */
|
|
|
|
|
+
|
|
|
|
|
switch (option)
|
|
|
|
|
{
|
|
|
|
|
+ case oRFC4880bis:
|
|
|
|
|
+ opt.flags.rfc4880bis = 1;
|
|
|
|
|
+ opt.compliance = CO_RFC4880;
|
|
|
|
|
+ opt.flags.dsa2 = 1;
|
|
|
|
|
+ opt.flags.require_cross_cert = 1;
|
|
|
|
|
+ opt.rfc2440_text = 0;
|
|
|
|
|
+ opt.allow_non_selfsigned_uid = 1;
|
|
|
|
|
+ opt.allow_freeform_uid = 1;
|
|
|
|
|
+ opt.escape_from = 1;
|
|
|
|
|
+ opt.not_dash_escaped = 0;
|
|
|
|
|
+ opt.def_cipher_algo = 0;
|
|
|
|
|
+ opt.def_digest_algo = 0;
|
|
|
|
|
+ opt.cert_digest_algo = 0;
|
|
|
|
|
+ opt.compress_algo = -1;
|
|
|
|
|
+ opt.s2k_mode = 3; /* iterated+salted */
|
|
|
|
|
+ opt.s2k_digest_algo = DIGEST_ALGO_SHA256;
|
|
|
|
|
+ opt.s2k_cipher_algo = CIPHER_ALGO_AES256;
|
|
|
|
|
+ break;
|
|
|
|
|
case oOpenPGP:
|
|
|
|
|
case oRFC4880:
|
|
|
|
|
/* This is effectively the same as RFC2440, but with
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -2288,6 +2309,7 @@ set_compliance_option (enum cmd_and_opt_
|
2023-09-25 12:24:20 +02:00
|
|
|
case oPGP8: opt.compliance = CO_PGP8; break;
|
|
|
|
|
case oGnuPG:
|
|
|
|
|
opt.compliance = CO_GNUPG;
|
|
|
|
|
+ opt.flags.rfc4880bis = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case oDE_VS:
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -2490,6 +2512,7 @@ main (int argc, char **argv)
|
2023-09-25 12:24:20 +02:00
|
|
|
opt.emit_version = 0;
|
|
|
|
|
opt.weak_digests = NULL;
|
|
|
|
|
opt.compliance = CO_GNUPG;
|
|
|
|
|
+ opt.flags.rfc4880bis = 1;
|
|
|
|
|
|
|
|
|
|
/* Check special options given on the command line. */
|
|
|
|
|
orig_argc = argc;
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -3032,6 +3055,7 @@ main (int argc, char **argv)
|
2023-09-25 12:24:20 +02:00
|
|
|
case oOpenPGP:
|
|
|
|
|
case oRFC2440:
|
|
|
|
|
case oRFC4880:
|
|
|
|
|
+ case oRFC4880bis:
|
|
|
|
|
case oPGP7:
|
|
|
|
|
case oPGP8:
|
|
|
|
|
case oGnuPG:
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -3868,6 +3892,11 @@ main (int argc, char **argv)
|
2023-09-25 12:24:20 +02:00
|
|
|
if( may_coredump && !opt.quiet )
|
|
|
|
|
log_info(_("WARNING: program may create a core file!\n"));
|
|
|
|
|
|
|
|
|
|
+ if (!opt.flags.rfc4880bis)
|
|
|
|
|
+ {
|
|
|
|
|
+ opt.mimemode = 0; /* This will use text mode instead. */
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
if (eyes_only) {
|
|
|
|
|
if (opt.set_filename)
|
|
|
|
|
log_info(_("WARNING: %s overrides %s\n"),
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -4084,7 +4113,7 @@ main (int argc, char **argv)
|
2023-09-25 12:24:20 +02:00
|
|
|
/* Check our chosen algorithms against the list of legal
|
|
|
|
|
algorithms. */
|
|
|
|
|
|
|
|
|
|
- if(!GNUPG)
|
|
|
|
|
+ if(!GNUPG && !opt.flags.rfc4880bis)
|
|
|
|
|
{
|
|
|
|
|
const char *badalg=NULL;
|
|
|
|
|
preftype_t badtype=PREFTYPE_NONE;
|
2023-10-10 17:00:55 +02:00
|
|
|
Index: gnupg-2.4.1/g10/keygen.c
|
2023-09-25 12:24:20 +02:00
|
|
|
===================================================================
|
2023-10-10 17:00:55 +02:00
|
|
|
--- gnupg-2.4.1.orig/g10/keygen.c
|
|
|
|
|
+++ gnupg-2.4.1/g10/keygen.c
|
|
|
|
|
@@ -404,7 +404,7 @@ keygen_set_std_prefs (const char *string
|
2023-09-25 12:24:20 +02:00
|
|
|
strcat(dummy_string,"S7 ");
|
|
|
|
|
strcat(dummy_string,"S2 "); /* 3DES */
|
|
|
|
|
|
|
|
|
|
- if (!openpgp_aead_test_algo (AEAD_ALGO_OCB))
|
|
|
|
|
+ if (opt.flags.rfc4880bis && !openpgp_aead_test_algo (AEAD_ALGO_OCB))
|
|
|
|
|
strcat(dummy_string,"A2 ");
|
|
|
|
|
|
|
|
|
|
if (personal)
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -889,7 +889,7 @@ keygen_upd_std_prefs (PKT_signature *sig
|
2023-09-25 12:24:20 +02:00
|
|
|
/* Make sure that the MDC feature flag is set if needed. */
|
|
|
|
|
add_feature_mdc (sig,mdc_available);
|
|
|
|
|
add_feature_aead (sig, aead_available);
|
|
|
|
|
- add_feature_v5 (sig, 1);
|
|
|
|
|
+ add_feature_v5 (sig, opt.flags.rfc4880bis);
|
|
|
|
|
add_keyserver_modify (sig,ks_modify);
|
|
|
|
|
keygen_add_keyserver_url(sig,NULL);
|
|
|
|
|
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -3382,7 +3382,10 @@ parse_key_parameter_part (ctrl_t ctrl,
|
2023-09-25 12:24:20 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (!ascii_strcasecmp (s, "v5"))
|
|
|
|
|
- keyversion = 5;
|
|
|
|
|
+ {
|
|
|
|
|
+ if (opt.flags.rfc4880bis)
|
|
|
|
|
+ keyversion = 5;
|
|
|
|
|
+ }
|
|
|
|
|
else if (!ascii_strcasecmp (s, "v4"))
|
|
|
|
|
keyversion = 4;
|
|
|
|
|
else
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -3641,7 +3644,7 @@ parse_key_parameter_part (ctrl_t ctrl,
|
2023-09-25 12:24:20 +02:00
|
|
|
* ecdsa := Use algorithm ECDSA.
|
|
|
|
|
* eddsa := Use algorithm EdDSA.
|
|
|
|
|
* ecdh := Use algorithm ECDH.
|
|
|
|
|
- * v5 := Create version 5 key
|
|
|
|
|
+ * v5 := Create version 5 key (requires option --rfc4880bis)
|
|
|
|
|
*
|
|
|
|
|
* There are several defaults and fallbacks depending on the
|
|
|
|
|
* algorithm. PART can be used to select which part of STRING is
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -4513,9 +4516,9 @@ read_parameter_file (ctrl_t ctrl, const
|
2023-09-25 12:24:20 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
- if ((keywords[i].key == pVERSION
|
|
|
|
|
- || keywords[i].key == pSUBVERSION))
|
|
|
|
|
- ; /* Ignore version. */
|
|
|
|
|
+ if (!opt.flags.rfc4880bis && (keywords[i].key == pVERSION
|
|
|
|
|
+ || keywords[i].key == pSUBVERSION))
|
|
|
|
|
+ ; /* Ignore version unless --rfc4880bis is active. */
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
r = xmalloc_clear( sizeof *r + strlen( value ) );
|
2023-10-10 17:00:55 +02:00
|
|
|
@@ -4610,11 +4613,14 @@ quickgen_set_para (struct para_data_s *p
|
2023-09-25 12:24:20 +02:00
|
|
|
para = r;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
- r = xmalloc_clear (sizeof *r + 20);
|
|
|
|
|
- r->key = for_subkey? pSUBVERSION : pVERSION;
|
|
|
|
|
- snprintf (r->u.value, 20, "%d", version);
|
|
|
|
|
- r->next = para;
|
|
|
|
|
- para = r;
|
|
|
|
|
+ if (opt.flags.rfc4880bis)
|
|
|
|
|
+ {
|
|
|
|
|
+ r = xmalloc_clear (sizeof *r + 20);
|
|
|
|
|
+ r->key = for_subkey? pSUBVERSION : pVERSION;
|
|
|
|
|
+ snprintf (r->u.value, 20, "%d", version);
|
|
|
|
|
+ r->next = para;
|
|
|
|
|
+ para = r;
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
|
|
if (keytime)
|
|
|
|
|
{
|
