gnupg-2.4.5-revert-rfc4880bis.patch (6701B)
1 https://lwn.net/Articles/953797/ 2 https://security.stackexchange.com/questions/275883/should-one-really-disable-aead-for-recent-gnupg-created-pgp-keys 3 https://lists.gnupg.org/pipermail/librepgp-discuss/2023/000001.html 4 https://bugs.gentoo.org/926186 5 6 From 1e4f1550996334d2a631a5d769e937d29ace47bb Mon Sep 17 00:00:00 2001 7 From: Jakub Jelen <jjelen@redhat.com> 8 Date: Thu, 9 Feb 2023 16:38:58 +0100 9 Subject: [PATCH gnupg] Revert the introduction of the RFC4880bis draft into 10 defaults 11 12 This reverts commit 4583f4fe2 (gpg: Merge --rfc4880bis features into 13 --gnupg, 2022-10-31). 14 --- a/g10/gpg.c 15 +++ b/g10/gpg.c 16 @@ -247,6 +247,7 @@ enum cmd_and_opt_values 17 oGnuPG, 18 oRFC2440, 19 oRFC4880, 20 + oRFC4880bis, 21 oOpenPGP, 22 oPGP7, 23 oPGP8, 24 @@ -636,6 +637,7 @@ static gpgrt_opt_t opts[] = { 25 ARGPARSE_s_n (oGnuPG, "no-pgp8", "@"), 26 ARGPARSE_s_n (oRFC2440, "rfc2440", "@"), 27 ARGPARSE_s_n (oRFC4880, "rfc4880", "@"), 28 + ARGPARSE_s_n (oRFC4880bis, "rfc4880bis", "@"), 29 ARGPARSE_s_n (oOpenPGP, "openpgp", N_("use strict OpenPGP behavior")), 30 ARGPARSE_s_n (oPGP7, "pgp6", "@"), 31 ARGPARSE_s_n (oPGP7, "pgp7", "@"), 32 @@ -978,7 +980,6 @@ static gpgrt_opt_t opts[] = { 33 ARGPARSE_s_n (oNoop, "no-allow-multiple-messages", "@"), 34 ARGPARSE_s_s (oNoop, "aead-algo", "@"), 35 ARGPARSE_s_s (oNoop, "personal-aead-preferences","@"), 36 - ARGPARSE_s_n (oNoop, "rfc4880bis", "@"), 37 ARGPARSE_s_n (oNoop, "override-compliance-check", "@"), 38 39 40 @@ -2227,7 +2228,7 @@ static struct gnupg_compliance_option compliance_options[] = 41 { 42 { "gnupg", oGnuPG }, 43 { "openpgp", oOpenPGP }, 44 - { "rfc4880bis", oGnuPG }, 45 + { "rfc4880bis", oRFC4880bis }, 46 { "rfc4880", oRFC4880 }, 47 { "rfc2440", oRFC2440 }, 48 { "pgp6", oPGP7 }, 49 @@ -2243,8 +2244,28 @@ static struct gnupg_compliance_option compliance_options[] = 50 static void 51 set_compliance_option (enum cmd_and_opt_values option) 52 { 53 + opt.flags.rfc4880bis = 0; /* Clear because it is initially set. */ 54 + 55 switch (option) 56 { 57 + case oRFC4880bis: 58 + opt.flags.rfc4880bis = 1; 59 + opt.compliance = CO_RFC4880; 60 + opt.flags.dsa2 = 1; 61 + opt.flags.require_cross_cert = 1; 62 + opt.rfc2440_text = 0; 63 + opt.allow_non_selfsigned_uid = 1; 64 + opt.allow_freeform_uid = 1; 65 + opt.escape_from = 1; 66 + opt.not_dash_escaped = 0; 67 + opt.def_cipher_algo = 0; 68 + opt.def_digest_algo = 0; 69 + opt.cert_digest_algo = 0; 70 + opt.compress_algo = -1; 71 + opt.s2k_mode = 3; /* iterated+salted */ 72 + opt.s2k_digest_algo = DIGEST_ALGO_SHA256; 73 + opt.s2k_cipher_algo = CIPHER_ALGO_AES256; 74 + break; 75 case oOpenPGP: 76 case oRFC4880: 77 /* This is effectively the same as RFC2440, but with 78 @@ -2288,6 +2309,7 @@ set_compliance_option (enum cmd_and_opt_values option) 79 case oPGP8: opt.compliance = CO_PGP8; break; 80 case oGnuPG: 81 opt.compliance = CO_GNUPG; 82 + opt.flags.rfc4880bis = 1; 83 break; 84 85 case oDE_VS: 86 @@ -2491,6 +2513,7 @@ main (int argc, char **argv) 87 opt.emit_version = 0; 88 opt.weak_digests = NULL; 89 opt.compliance = CO_GNUPG; 90 + opt.flags.rfc4880bis = 1; 91 92 /* Check special options given on the command line. */ 93 orig_argc = argc; 94 @@ -3033,6 +3056,7 @@ main (int argc, char **argv) 95 case oOpenPGP: 96 case oRFC2440: 97 case oRFC4880: 98 + case oRFC4880bis: 99 case oPGP7: 100 case oPGP8: 101 case oGnuPG: 102 @@ -3862,6 +3886,11 @@ main (int argc, char **argv) 103 if( may_coredump && !opt.quiet ) 104 log_info(_("WARNING: program may create a core file!\n")); 105 106 + if (!opt.flags.rfc4880bis) 107 + { 108 + opt.mimemode = 0; /* This will use text mode instead. */ 109 + } 110 + 111 if (eyes_only) { 112 if (opt.set_filename) 113 log_info(_("WARNING: %s overrides %s\n"), 114 @@ -4078,7 +4107,7 @@ main (int argc, char **argv) 115 /* Check our chosen algorithms against the list of legal 116 algorithms. */ 117 118 - if(!GNUPG) 119 + if(!GNUPG && !opt.flags.rfc4880bis) 120 { 121 const char *badalg=NULL; 122 preftype_t badtype=PREFTYPE_NONE; 123 --- a/g10/keygen.c 124 +++ b/g10/keygen.c 125 @@ -404,7 +404,7 @@ keygen_set_std_prefs (const char *string,int personal) 126 strcat(dummy_string,"S7 "); 127 strcat(dummy_string,"S2 "); /* 3DES */ 128 129 - if (!openpgp_aead_test_algo (AEAD_ALGO_OCB)) 130 + if (opt.flags.rfc4880bis && !openpgp_aead_test_algo (AEAD_ALGO_OCB)) 131 strcat(dummy_string,"A2 "); 132 133 if (personal) 134 @@ -889,7 +889,7 @@ keygen_upd_std_prefs (PKT_signature *sig, void *opaque) 135 /* Make sure that the MDC feature flag is set if needed. */ 136 add_feature_mdc (sig,mdc_available); 137 add_feature_aead (sig, aead_available); 138 - add_feature_v5 (sig, 1); 139 + add_feature_v5 (sig, opt.flags.rfc4880bis); 140 add_keyserver_modify (sig,ks_modify); 141 keygen_add_keyserver_url(sig,NULL); 142 143 @@ -3382,7 +3382,10 @@ parse_key_parameter_part (ctrl_t ctrl, 144 } 145 } 146 else if (!ascii_strcasecmp (s, "v5")) 147 - keyversion = 5; 148 + { 149 + if (opt.flags.rfc4880bis) 150 + keyversion = 5; 151 + } 152 else if (!ascii_strcasecmp (s, "v4")) 153 keyversion = 4; 154 else 155 @@ -3641,7 +3644,7 @@ parse_key_parameter_part (ctrl_t ctrl, 156 * ecdsa := Use algorithm ECDSA. 157 * eddsa := Use algorithm EdDSA. 158 * ecdh := Use algorithm ECDH. 159 - * v5 := Create version 5 key 160 + * v5 := Create version 5 key (requires option --rfc4880bis) 161 * 162 * There are several defaults and fallbacks depending on the 163 * algorithm. PART can be used to select which part of STRING is 164 @@ -4513,9 +4516,9 @@ read_parameter_file (ctrl_t ctrl, const char *fname ) 165 } 166 } 167 168 - if ((keywords[i].key == pVERSION 169 - || keywords[i].key == pSUBVERSION)) 170 - ; /* Ignore version. */ 171 + if (!opt.flags.rfc4880bis && (keywords[i].key == pVERSION 172 + || keywords[i].key == pSUBVERSION)) 173 + ; /* Ignore version unless --rfc4880bis is active. */ 174 else 175 { 176 r = xmalloc_clear( sizeof *r + strlen( value ) ); 177 @@ -4610,11 +4613,14 @@ quickgen_set_para (struct para_data_s *para, int for_subkey, 178 para = r; 179 } 180 181 - r = xmalloc_clear (sizeof *r + 20); 182 - r->key = for_subkey? pSUBVERSION : pVERSION; 183 - snprintf (r->u.value, 20, "%d", version); 184 - r->next = para; 185 - para = r; 186 + if (opt.flags.rfc4880bis) 187 + { 188 + r = xmalloc_clear (sizeof *r + 20); 189 + r->key = for_subkey? pSUBVERSION : pVERSION; 190 + snprintf (r->u.value, 20, "%d", version); 191 + r->next = para; 192 + para = r; 193 + } 194 195 if (keytime) 196 {