packages/gnupg2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!13 update version to 2.2.21

Browse Source 
Merge pull request !13 from 杨壮壮/master
This commit is contained in:
openeuler-ci-bot 2020-07-27 11:40:18 +08:00 committed by Gitee
commit 69a091a2d0
18 changed files with 932 additions and 445 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

99
fix-CVE-2019-14855-0-Ignore-all-SHA-1-3rd-party-key-sig.patch
View File

@ -1,99 +0,0 @@
From 7d9aad63c4f1aefe97da61baf5acd96c12c0278e Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 3 Oct 2019 18:20:59 +0200
Subject: [PATCH] gpg: Ignore all SHA-1 signatures in 3rd party key signatures.
* g10/sig-check.c (check_signature_over_key_or_uid): No cut-off date
and remove debug output.
--
With 2.2 we do not not support SHA-1 key signatures anymore even if
that means that the WoT shrinks.
Signed-off-by: Werner Koch <wk@gnupg.org>
---
g10/sig-check.c | 40 +++++++++++++++++++++++++---------------
1 file changed, 25 insertions(+), 15 deletions(-)
diff --git a/g10/sig-check.c b/g10/sig-check.c
index a93b496..c1498ef 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -824,6 +824,10 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
PKT_public_key *pripk = kb->pkt->pkt.public_key;
gcry_md_hd_t md;
int signer_alloced = 0;
+ int stub_is_selfsig;
+
+ if (!is_selfsig)
+ is_selfsig = &stub_is_selfsig;
rc = openpgp_pk_test_algo (sig->pubkey_algo);
if (rc)
@@ -857,14 +861,11 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
if (signer)
{
- if (is_selfsig)
- {
- if (signer->keyid[0] == pripk->keyid[0]
- && signer->keyid[1] == pripk->keyid[1])
- *is_selfsig = 1;
- else
- *is_selfsig = 0;
- }
+ if (signer->keyid[0] == pripk->keyid[0]
+ && signer->keyid[1] == pripk->keyid[1])
+ *is_selfsig = 1;
+ else
+ *is_selfsig = 0;
}
else
{
@@ -874,8 +875,7 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
{
/* Issued by the primary key. */
signer = pripk;
- if (is_selfsig)
- *is_selfsig = 1;
+ *is_selfsig = 1;
}
else
{
@@ -904,8 +904,7 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
if (! signer)
{
/* Signer by some other key. */
- if (is_selfsig)
- *is_selfsig = 0;
+ *is_selfsig = 0;
if (ret_pk)
{
signer = ret_pk;
@@ -966,9 +965,20 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
else if (IS_UID_SIG (sig) || IS_UID_REV (sig))
{
log_assert (packet->pkttype == PKT_USER_ID);
- hash_public_key (md, pripk);
- hash_uid_packet (packet->pkt.user_id, md, sig);
- rc = check_signature_end_simple (signer, sig, md);
+ if (sig->digest_algo == DIGEST_ALGO_SHA1 && !*is_selfsig)
+ {
+ /* If the signature was created using SHA-1 we consider this
+ * signature invalid because it makes it possible to mount a
+ * chosen-prefix collision. We don't do this for
+ * self-signatures, though. */
+ rc = gpg_error (GPG_ERR_DIGEST_ALGO);
+ }
+ else
+ {
+ hash_public_key (md, pripk);
+ hash_uid_packet (packet->pkt.user_id, md, sig);
+ rc = check_signature_end_simple (signer, sig, md);
+ }
}
else
{
--
2.19.1

178
fix-CVE-2019-14855-1-Add-option-allow-weak-key-signatures.patch
View File

@ -1,178 +0,0 @@
From e624c41dbafd33af82c1153188d14de72fcc7cd8 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 7 Nov 2019 10:36:17 +0100
Subject: [PATCH] gpg: Add option --allow-weak-key-signatures.
* g10/gpg.c (oAllowWeakKeySignatures): New.
(opts): Add --allow-weak-key-signatures.
(main): Set it.
* g10/options.h (struct opt): Add flags.allow_weak_key_signatures.
* g10/misc.c (print_sha1_keysig_rejected_note): New.
* g10/sig-check.c (check_signature_over_key_or_uid): Print note and
act on new option.
Signed-off-by: Werner Koch <wk@gnupg.org>
---
doc/gpg.texi | 19 ++++++++++++++-----
g10/gpg.c | 8 ++++++++
g10/main.h | 1 +
g10/misc.c | 18 ++++++++++++++++++
g10/options.h | 1 +
g10/sig-check.c | 4 +++-
6 files changed, 45 insertions(+), 6 deletions(-)
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 8a88b11..093c309 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -113,9 +113,12 @@ only one command is allowed. Generally speaking, irrelevant options
are silently ignored, and may not be checked for correctness.
@command{@gpgname} may be run with no commands. In this case it will
-perform a reasonable action depending on the type of file it is given
-as input (an encrypted message is decrypted, a signature is verified,
-a file containing keys is listed, etc.).
+print a warning perform a reasonable action depending on the type of
+file it is given as input (an encrypted message is decrypted, a
+signature is verified, a file containing keys is listed, etc.).
+
+If you run into any problems, please add the option @option{--verbose}
+to the invocation to see more diagnostics.
@menu
@@ -2355,10 +2358,10 @@ opposite meaning. The options are:
@item self-sigs-only
Accept only self-signatures while importing a key. All other
- key-signatures are skipped at an early import stage. This option
+ key signatures are skipped at an early import stage. This option
can be used with @code{keyserver-options} to mitigate attempts to
flood a key with bogus signatures from a keyserver. The drawback is
- that all other valid key-signatures, as required by the Web of Trust
+ that all other valid key signatures, as required by the Web of Trust
are also not imported.
@item repair-keys
@@ -3262,6 +3265,12 @@ weak. See also @option{--allow-weak-digest-algos} to disable
rejection of weak digests. MD5 is always considered weak, and does
not need to be listed explicitly.
+@item --allow-weak-key-signatures
+@opindex allow-weak-key-signatures
+To avoid a minor risk of collision attacks on third-party key
+signatures made using SHA-1, those key signatures are considered
+invalid. This options allows to override this restriction.
+
@item --no-default-keyring
@opindex no-default-keyring
Do not add the default keyrings to the list of keyrings. Note that
diff --git a/g10/gpg.c b/g10/gpg.c
index 2c784d4..03540a1 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -407,6 +407,7 @@ enum cmd_and_opt_values
oAllowMultipleMessages,
oNoAllowMultipleMessages,
oAllowWeakDigestAlgos,
+ oAllowWeakKeySignatures,
oFakedSystemTime,
oNoAutostart,
oPrintPKARecords,
@@ -867,6 +868,9 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"),
ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"),
+ /* Options to override new security defaults. */
+ ARGPARSE_s_n (oAllowWeakKeySignatures, "allow-weak-key-signatures", "@"),
+
ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"),
/* These two are aliases to help users of the PGP command line
@@ -3550,6 +3554,10 @@ main (int argc, char **argv)
opt.flags.allow_weak_digest_algos = 1;
break;
+ case oAllowWeakKeySignatures:
+ opt.flags.allow_weak_key_signatures = 1;
+ break;
+
case oFakedSystemTime:
{
size_t len = strlen (pargs.r.ret_str);
diff --git a/g10/main.h b/g10/main.h
index 9136e4c..90e164f 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -91,6 +91,7 @@ void print_pubkey_algo_note (pubkey_algo_t algo);
void print_cipher_algo_note (cipher_algo_t algo);
void print_digest_algo_note (digest_algo_t algo);
void print_digest_rejected_note (enum gcry_md_algos algo);
+void print_sha1_keysig_rejected_note (void);
void print_reported_error (gpg_error_t err, gpg_err_code_t skip_if_ec);
void print_further_info (const char *format, ...) GPGRT_ATTR_PRINTF(1,2);
void additional_weak_digest (const char* digestname);
diff --git a/g10/misc.c b/g10/misc.c
index 6d525a8..291d36f 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -357,6 +357,24 @@ print_digest_rejected_note (enum gcry_md_algos algo)
}
+void
+print_sha1_keysig_rejected_note (void)
+{
+ static int shown;
+
+ if (shown)
+ return;
+
+ shown = 1;
+ es_fflush (es_stdout);
+ log_info (_("Note: third-party key signatures using"
+ " the %s algorithm are rejected\n"),
+ gcry_md_algo_name (GCRY_MD_SHA1));
+ print_further_info ("use option \"%s\" to override",
+ "--allow-weak-key-signatures");
+}
+
+
/* Print a message
* "(reported error: %s)\n
* in verbose mode to further explain an error. If the error code has
diff --git a/g10/options.h b/g10/options.h
index 0f007c1..ffeecaa 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -237,6 +237,7 @@ struct
unsigned int dsa2:1;
unsigned int allow_multiple_messages:1;
unsigned int allow_weak_digest_algos:1;
+ unsigned int allow_weak_key_signatures:1;
unsigned int large_rsa:1;
unsigned int disable_signer_uid:1;
/* Flag to enable experimental features from RFC4880bis. */
diff --git a/g10/sig-check.c b/g10/sig-check.c
index a4e0df1..f48f0cd 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -965,12 +965,14 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
else if (IS_UID_SIG (sig) || IS_UID_REV (sig))
{
log_assert (packet->pkttype == PKT_USER_ID);
- if (sig->digest_algo == DIGEST_ALGO_SHA1 && !*is_selfsig)
+ if (sig->digest_algo == DIGEST_ALGO_SHA1 && !*is_selfsig
+ && !opt.flags.allow_weak_key_signatures)
{
/* If the signature was created using SHA-1 we consider this
* signature invalid because it makes it possible to mount a
* chosen-prefix collision. We don't do this for
* self-signatures, though. */
+ print_sha1_keysig_rejected_note ();
rc = gpg_error (GPG_ERR_DIGEST_ALGO);
}
else
--
1.8.3.1

162
fix-CVE-2019-14855-2-Forbid-creation-of-SHA-1-3rd-party-key-sig.patch
View File

@ -1,162 +0,0 @@
From 754a03f5a279964af62025d11d92391e650fddb7 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 11 Nov 2019 11:41:00 +0100
Subject: [PATCH] gpg: Forbid the creation of SHA-1 third-party key
signatures.
* g10/sign.c (SIGNHINT_KEYSIG, SIGNHINT_SELFSIG): New.
(do_sign): Add arg signhints and inhibit SHA-1 signatures. Change
callers to pass 0.
(complete_sig): Add arg signhints and pass on.
(make_keysig_packet, update_keysig_packet): Set signhints.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
---
g10/sign.c | 52 +++++++++++++++++++++++++++++++++++++++++++++-------
1 file changed, 45 insertions(+), 7 deletions(-)
diff --git a/g10/sign.c b/g10/sign.c
index 92ff361..543e1a7 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -49,8 +49,15 @@
#define LF "\n"
#endif
+/* Bitflags to convey hints on what kind of signayire is created. */
+#define SIGNHINT_KEYSIG 1
+#define SIGNHINT_SELFSIG 2
+
+
+/* Hack */
static int recipient_digest_algo=0;
+
/****************
* Create notations and other stuff. It is assumed that the stings in
* STRLIST are already checked to contain only printable data and have
@@ -252,10 +259,12 @@ hash_sigversion_to_magic (gcry_md_hd_t md, const PKT_signature *sig)
/* Perform the sign operation. If CACHE_NONCE is given the agent is
- advised to use that cached passphrase for the key. */
+ * advised to use that cached passphrase for the key. SIGNHINTS has
+ * hints so that we can do some additional checks. */
static int
do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
- gcry_md_hd_t md, int mdalgo, const char *cache_nonce)
+ gcry_md_hd_t md, int mdalgo,
+ const char *cache_nonce, unsigned int signhints)
{
gpg_error_t err;
byte *dp;
@@ -278,6 +287,19 @@ do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
if (!mdalgo)
mdalgo = gcry_md_get_algo (md);
+ if ((signhints & SIGNHINT_KEYSIG) && !(signhints & SIGNHINT_SELFSIG)
+ && mdalgo == GCRY_MD_SHA1
+ && !opt.flags.allow_weak_key_signatures)
+ {
+ /* We do not allow the creation of third-party key signatures
+ * using SHA-1 because we also reject them when verifying. Note
+ * that this will render dsa1024 keys unsuitable for such
+ * keysigs and in turn the WoT. */
+ print_sha1_keysig_rejected_note ();
+ err = gpg_error (GPG_ERR_DIGEST_ALGO);
+ goto leave;
+ }
+
/* Check compliance. */
if (! gnupg_digest_is_allowed (opt.compliance, 1, mdalgo))
{
@@ -374,12 +396,12 @@ do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
static int
complete_sig (ctrl_t ctrl,
PKT_signature *sig, PKT_public_key *pksk, gcry_md_hd_t md,
- const char *cache_nonce)
+ const char *cache_nonce, unsigned int signhints)
{
int rc;
/* if (!(rc = check_secret_key (pksk, 0))) */
- rc = do_sign (ctrl, pksk, sig, md, 0, cache_nonce);
+ rc = do_sign (ctrl, pksk, sig, md, 0, cache_nonce, signhints);
return rc;
}
@@ -753,7 +775,7 @@ write_signature_packets (ctrl_t ctrl,
hash_sigversion_to_magic (md, sig);
gcry_md_final (md);
- rc = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce);
+ rc = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce, 0);
gcry_md_close (md);
if (!rc)
{
@@ -1468,6 +1490,8 @@ make_keysig_packet (ctrl_t ctrl,
int rc=0;
int sigversion;
gcry_md_hd_t md;
+ u32 pk_keyid[2], pksk_keyid[2];
+ unsigned int signhints;
log_assert ((sigclass >= 0x10 && sigclass <= 0x13) || sigclass == 0x1F
|| sigclass == 0x20 || sigclass == 0x18 || sigclass == 0x19
@@ -1504,6 +1528,12 @@ make_keysig_packet (ctrl_t ctrl,
digest_algo = DEFAULT_DIGEST_ALGO;
}
+ signhints = SIGNHINT_KEYSIG;
+ keyid_from_pk (pk, pk_keyid);
+ keyid_from_pk (pksk, pksk_keyid);
+ if (pk_keyid[0] == pksk_keyid[0] && pk_keyid[1] == pksk_keyid[1])
+ signhints |= SIGNHINT_SELFSIG;
+
if ( gcry_md_open (&md, digest_algo, 0 ) )
BUG ();
@@ -1549,7 +1579,7 @@ make_keysig_packet (ctrl_t ctrl,
hash_sigversion_to_magic (md, sig);
gcry_md_final (md);
- rc = complete_sig (ctrl, sig, pksk, md, cache_nonce);
+ rc = complete_sig (ctrl, sig, pksk, md, cache_nonce, signhints);
}
gcry_md_close (md);
@@ -1585,6 +1615,8 @@ update_keysig_packet (ctrl_t ctrl,
gpg_error_t rc = 0;
int digest_algo;
gcry_md_hd_t md;
+ u32 pk_keyid[2], pksk_keyid[2];
+ unsigned int signhints;
if ((!orig_sig || !pk || !pksk)
|| (orig_sig->sig_class >= 0x10 && orig_sig->sig_class <= 0x13 && !uid)
@@ -1603,6 +1635,12 @@ update_keysig_packet (ctrl_t ctrl,
else
digest_algo = orig_sig->digest_algo;
+ signhints = SIGNHINT_KEYSIG;
+ keyid_from_pk (pk, pk_keyid);
+ keyid_from_pk (pksk, pksk_keyid);
+ if (pk_keyid[0] == pksk_keyid[0] && pk_keyid[1] == pksk_keyid[1])
+ signhints |= SIGNHINT_SELFSIG;
+
if ( gcry_md_open (&md, digest_algo, 0 ) )
BUG ();
@@ -1656,7 +1694,7 @@ update_keysig_packet (ctrl_t ctrl,
hash_sigversion_to_magic (md, sig);
gcry_md_final (md);
- rc = complete_sig (ctrl, sig, pksk, md, NULL);
+ rc = complete_sig (ctrl, sig, pksk, md, NULL, signhints);
}
leave:
--
1.8.3.1

13
gnupg-2.1.1-fips-algo.patch Normal file
View File

@ -0,0 +1,13 @@
diff -up gnupg-2.1.1/g10/mainproc.c.fips gnupg-2.1.1/g10/mainproc.c
--- gnupg-2.1.1/g10/mainproc.c.fips 2015-01-29 17:19:49.266031504 +0100
+++ gnupg-2.1.1/g10/mainproc.c 2015-01-29 17:27:13.938088122 +0100
@@ -719,7 +719,8 @@ proc_plaintext( CTX c, PACKET *pkt )
according to 2440, so hopefully it won't come up that often.
There is no good way to specify what algorithms to use in
that case, so these there are the historical answer. */
- gcry_md_enable (c->mfx.md, DIGEST_ALGO_RMD160);
+ if (!gcry_fips_mode_active())
+ gcry_md_enable (c->mfx.md, DIGEST_ALGO_RMD160);
gcry_md_enable (c->mfx.md, DIGEST_ALGO_SHA1);
}
if (DBG_HASHING)

33
gnupg-2.1.10-secmem.patch Normal file
View File

@ -0,0 +1,33 @@
diff -up gnupg-2.1.10/g10/gpg.c.secmem gnupg-2.1.10/g10/gpg.c
--- gnupg-2.1.10/g10/gpg.c.secmem 2015-12-04 10:53:27.000000000 +0100
+++ gnupg-2.1.10/g10/gpg.c 2015-12-07 15:32:38.922812652 +0100
@@ -889,7 +889,7 @@ make_libversion (const char *libname, co
if (maybe_setuid)
{
- gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
+ gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */
maybe_setuid = 0;
}
s = getfnc (NULL);
@@ -1041,7 +1041,7 @@ build_list (const char *text, char lette
char *string;
if (maybe_setuid)
- gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
+ gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */
indent = utf8_charcount (text, -1);
len = 0;
diff -up gnupg-2.1.10/sm/gpgsm.c.secmem gnupg-2.1.10/sm/gpgsm.c
--- gnupg-2.1.10/sm/gpgsm.c.secmem 2015-11-30 17:39:52.000000000 +0100
+++ gnupg-2.1.10/sm/gpgsm.c 2015-12-07 15:31:17.226884207 +0100
@@ -530,7 +530,7 @@ make_libversion (const char *libname, co
if (maybe_setuid)
{
- gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
+ gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */
maybe_setuid = 0;
}
s = getfnc (NULL);

62
gnupg-2.1.21-insttools.patch Normal file
View File

@ -0,0 +1,62 @@
diff -up gnupg-2.1.21/tools/Makefile.am.insttools gnupg-2.1.21/tools/Makefile.am
--- gnupg-2.1.21/tools/Makefile.am.insttools 2017-04-03 17:13:56.000000000 +0200
+++ gnupg-2.1.21/tools/Makefile.am 2017-07-18 12:10:59.431729640 +0200
@@ -35,8 +35,8 @@ AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ER
sbin_SCRIPTS = addgnupghome applygnupgdefaults
if HAVE_USTAR
-# bin_SCRIPTS += gpg-zip
-noinst_SCRIPTS = gpg-zip
+bin_PROGRAMS += gpg-zip
+#noinst_SCRIPTS = gpg-zip
endif
if BUILD_SYMCRYPTRUN
@@ -53,7 +53,7 @@ endif
libexec_PROGRAMS = gpg-wks-client
-bin_PROGRAMS = gpgconf gpg-connect-agent ${symcryptrun}
+bin_PROGRAMS = gpgconf gpg-connect-agent ${symcryptrun} gpgsplit
if !HAVE_W32_SYSTEM
bin_PROGRAMS += watchgnupg gpgparsemail ${gpg_wks_server}
endif
@@ -63,7 +63,7 @@ libexec_PROGRAMS += gpg-check-pattern
endif
if !HAVE_W32CE_SYSTEM
-noinst_PROGRAMS = clean-sat make-dns-cert gpgsplit
+noinst_PROGRAMS = clean-sat make-dns-cert
endif
if !HAVE_W32CE_SYSTEM
diff -up gnupg-2.1.21/tools/Makefile.in.insttools gnupg-2.1.21/tools/Makefile.in
--- gnupg-2.1.21/tools/Makefile.in.insttools 2017-05-15 16:15:04.000000000 +0200
+++ gnupg-2.1.21/tools/Makefile.in 2017-07-18 12:12:17.907734745 +0200
@@ -137,13 +137,13 @@ DIST_COMMON = $(top_srcdir)/am/cmacros.a
@GNUPG_DIRMNGR_LDAP_PGM_TRUE@am__append_7 = -DGNUPG_DEFAULT_DIRMNGR_LDAP="\"@GNUPG_DIRMNGR_LDAP_PGM@\""
@HAVE_W32_SYSTEM_TRUE@am__append_8 = gpg-connect-agent-w32info.o
libexec_PROGRAMS = gpg-wks-client$(EXEEXT) $(am__EXEEXT_5)
-bin_PROGRAMS = gpgconf$(EXEEXT) gpg-connect-agent$(EXEEXT) \
+bin_PROGRAMS = gpgconf$(EXEEXT) gpg-connect-agent$(EXEEXT) gpgsplit$(EXEEXT) \
$(am__EXEEXT_1) $(am__EXEEXT_3) $(am__EXEEXT_4)
@HAVE_W32_SYSTEM_FALSE@am__append_9 = watchgnupg gpgparsemail ${gpg_wks_server}
@DISABLE_REGEX_FALSE@am__append_10 = gpg-check-pattern
@HAVE_W32CE_SYSTEM_FALSE@noinst_PROGRAMS = clean-sat$(EXEEXT) \
@HAVE_W32CE_SYSTEM_FALSE@ make-dns-cert$(EXEEXT) \
-@HAVE_W32CE_SYSTEM_FALSE@ gpgsplit$(EXEEXT) $(am__EXEEXT_6)
+@HAVE_W32CE_SYSTEM_FALSE@ $(am__EXEEXT_6)
@BUILD_GPGTAR_TRUE@@HAVE_W32CE_SYSTEM_FALSE@am__append_11 = gpgtar
@BUILD_GPGTAR_FALSE@@HAVE_W32CE_SYSTEM_FALSE@am__append_12 = gpgtar
subdir = tools
@@ -582,8 +582,8 @@ libcommontlsnpth = ../common/libcommontl
AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS) $(LIBASSUAN_CFLAGS)
sbin_SCRIPTS = addgnupghome applygnupgdefaults
-# bin_SCRIPTS += gpg-zip
-@HAVE_USTAR_TRUE@noinst_SCRIPTS = gpg-zip
+@HAVE_USTAR_TRUE@bin_PROGRAMS += gpg-zip
+#@HAVE_USTAR_TRUE@noinst_SCRIPTS = gpg-zip
@BUILD_SYMCRYPTRUN_FALSE@symcryptrun =
@BUILD_SYMCRYPTRUN_TRUE@symcryptrun = symcryptrun
@BUILD_WKS_TOOLS_FALSE@gpg_wks_server =

12
gnupg-2.1.21-large-rsa.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up gnupg-2.1.21/g10/keygen.c.large-rsa gnupg-2.1.21/g10/keygen.c
--- gnupg-2.1.21/g10/keygen.c.large-rsa 2017-05-15 14:13:22.000000000 +0200
+++ gnupg-2.1.21/g10/keygen.c 2017-07-18 16:12:37.738895016 +0200
@@ -2091,7 +2091,7 @@ get_keysize_range (int algo, unsigned in
default:
*min = opt.compliance == CO_DE_VS ? 2048: 1024;
- *max = 4096;
+ *max = opt.flags.large_rsa == 1 ? 8192 : 4096;
def = 2048;
break;
}

17
gnupg-2.2.16-ocsp-keyusage.patch Normal file
View File

@ -0,0 +1,17 @@
diff -up gnupg-2.2.16/sm/certlist.c.keyusage gnupg-2.2.16/sm/certlist.c
--- gnupg-2.2.16/sm/certlist.c.keyusage 2019-07-01 17:17:06.925254065 +0200
+++ gnupg-2.2.16/sm/certlist.c 2019-07-01 17:24:15.665759322 +0200
@@ -147,10 +147,9 @@ cert_usage_p (ksba_cert_t cert, int mode
if (mode == 5)
{
- if (use != ~0
- && (have_ocsp_signing
- || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
- |KSBA_KEYUSAGE_CRL_SIGN))))
+ if (have_ocsp_signing
+ || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
+ |KSBA_KEYUSAGE_CRL_SIGN)))
return 0;
if (!silent)
log_info (_("certificate should not have "

BIN
gnupg-2.2.17.tar.bz2
View File

Binary file not shown.

BIN
gnupg-2.2.17.tar.bz2.sig
View File

Binary file not shown.

32
gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch Normal file
View File

@ -0,0 +1,32 @@
From: Vincent Breitmoser <look@my.amazin.horse>
Date: Thu, 13 Jun 2019 21:27:43 +0200
Subject: gpg: accept subkeys with a good revocation but no self-sig during
import
* g10/import.c (chk_self_sigs): Set the NODE_GOOD_SELFSIG flag when we
encounter a valid revocation signature. This allows import of subkey
revocation signatures, even in the absence of a corresponding subkey
binding signature.
--
This fixes the remaining test in import-incomplete.scm.
GnuPG-Bug-id: 4393
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
g10/import.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/g10/import.c b/g10/import.c
index f9acf95..9217911 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -3602,6 +3602,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
/* It's valid, so is it newer? */
if (sig->timestamp >= rsdate)
{
+ knode->flag |= NODE_GOOD_SELFSIG; /* Subkey is valid. */
if (rsnode)
{
/* Delete the last revocation sig since

106
gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.patch Normal file
View File

@ -0,0 +1,106 @@
From: Vincent Breitmoser <look@my.amazin.horse>
Date: Thu, 13 Jun 2019 21:27:42 +0200
Subject: gpg: allow import of previously known keys, even without UIDs
* g10/import.c (import_one): Accept an incoming OpenPGP certificate that
has no user id, as long as we already have a local variant of the cert
that matches the primary key.
--
This fixes two of the three broken tests in import-incomplete.scm.
GnuPG-Bug-id: 4393
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
g10/import.c | 44 +++++++++++---------------------------------
1 file changed, 11 insertions(+), 33 deletions(-)
diff --git a/g10/import.c b/g10/import.c
index 5d3162c..f9acf95 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1788,7 +1788,6 @@ import_one_real (ctrl_t ctrl,
size_t an;
char pkstrbuf[PUBKEY_STRING_SIZE];
int merge_keys_done = 0;
- int any_filter = 0;
KEYDB_HANDLE hd = NULL;
if (r_valid)
@@ -1825,14 +1824,6 @@ import_one_real (ctrl_t ctrl,
log_printf ("\n");
}
-
- if (!uidnode )
- {
- if (!silent)
- log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
- return 0;
- }
-
if (screener && screener (keyblock, screener_arg))
{
log_error (_("key %s: %s\n"), keystr_from_pk (pk),
@@ -1907,17 +1898,10 @@ import_one_real (ctrl_t ctrl,
}
}
- if (!delete_inv_parts (ctrl, keyblock, keyid, options ) )
- {
- if (!silent)
- {
- log_error( _("key %s: no valid user IDs\n"), keystr_from_pk(pk));
- if (!opt.quiet )
- log_info(_("this may be caused by a missing self-signature\n"));
- }
- stats->no_user_id++;
- return 0;
- }
+ /* Delete invalid parts, and note if we have any valid ones left.
+ * We will later abort import if this key is new but contains
+ * no valid uids. */
+ delete_inv_parts (ctrl, keyblock, keyid, options);
/* Get rid of deleted nodes. */
commit_kbnode (&keyblock);
@@ -1927,24 +1911,11 @@ import_one_real (ctrl_t ctrl,
{
apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
commit_kbnode (&keyblock);
- any_filter = 1;
}
if (import_filter.drop_sig)
{
apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig);
commit_kbnode (&keyblock);
- any_filter = 1;
- }
-
- /* If we ran any filter we need to check that at least one user id
- * is left in the keyring. Note that we do not use log_error in
- * this case. */
- if (any_filter && !any_uid_left (keyblock))
- {
- if (!opt.quiet )
- log_info ( _("key %s: no valid user IDs\n"), keystr_from_pk (pk));
- stats->no_user_id++;
- return 0;
}
/* The keyblock is valid and ready for real import. */
@@ -2002,6 +1973,13 @@ import_one_real (ctrl_t ctrl,
err = 0;
stats->skipped_new_keys++;
}
+ else if (err && !any_uid_left (keyblock))
+ {
+ if (!silent)
+ log_info( _("key %s: new key but contains no user ID - skipped\n"), keystr(keyid));
+ err = 0;
+ stats->no_user_id++;
+ }
else if (err) /* Insert this key. */
{
/* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY. */

201
gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch Normal file
View File

@ -0,0 +1,201 @@
From: Vincent Breitmoser <look@my.amazin.horse>
Date: Thu, 13 Jun 2019 21:27:41 +0200
Subject: tests: add test cases for import without uid
This commit adds a test case that does the following, in order:
- Import of a primary key plus user id
- Check that import of a subkey works, without a user id present in the
imported key
- Check that import of a subkey revocation works, without a user id or
subkey binding signature present in the imported key
- Check that import of a primary key revocation works, without a user id
present in the imported key
--
Note that this test currently fails. The following changesets will
fix gpg so that the tests pass.
GnuPG-Bug-id: 4393
Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
tests/openpgp/Makefile.am | 1 +
tests/openpgp/import-incomplete.scm | 68 ++++++++++++++++++++++
.../import-incomplete/primary+revocation.asc | 9 +++
.../primary+subkey+sub-revocation.asc | 10 ++++
.../import-incomplete/primary+subkey+sub-sig.asc | 10 ++++
.../openpgp/import-incomplete/primary+uid-sig.asc | 10 ++++
tests/openpgp/import-incomplete/primary+uid.asc | 10 ++++
7 files changed, 118 insertions(+)
create mode 100755 tests/openpgp/import-incomplete.scm
create mode 100644 tests/openpgp/import-incomplete/primary+revocation.asc
create mode 100644 tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc
create mode 100644 tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc
create mode 100644 tests/openpgp/import-incomplete/primary+uid-sig.asc
create mode 100644 tests/openpgp/import-incomplete/primary+uid.asc
diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am
index f6014c9..6423da1 100644
--- a/tests/openpgp/Makefile.am
+++ b/tests/openpgp/Makefile.am
@@ -78,6 +78,7 @@ XTESTS = \
gpgv-forged-keyring.scm \
armor.scm \
import.scm \
+ import-incomplete.scm \
import-revocation-certificate.scm \
ecc.scm \
4gb-packet.scm \
diff --git a/tests/openpgp/import-incomplete.scm b/tests/openpgp/import-incomplete.scm
new file mode 100755
index 0000000..727a027
--- /dev/null
+++ b/tests/openpgp/import-incomplete.scm
@@ -0,0 +1,68 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2016 g10 Code GmbH
+;;
+;; This file is part of GnuPG.
+;;
+;; GnuPG is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation; either version 3 of the License, or
+;; (at your option) any later version.
+;;
+;; GnuPG is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;; GNU General Public License for more details.
+;;
+;; You should have received a copy of the GNU General Public License
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+(load (in-srcdir "tests" "openpgp" "defs.scm"))
+(setup-environment)
+
+(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+uid.asc")))
+
+(info "Test import of new subkey, from a certificate without uid")
+(define keyid "573EA710367356BB")
+(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+subkey+sub-sig.asc")))
+(tr:do
+ (tr:pipe-do
+ (pipe:gpg `(--list-keys --with-colons ,keyid)))
+ (tr:call-with-content
+ (lambda (c)
+ ;; XXX we do not have a regexp library
+ (unless (any (lambda (line)
+ (and (string-prefix? line "sub:")
+ (string-contains? line "573EA710367356BB")))
+ (string-split-newlines c))
+ (exit 1)))))
+
+(info "Test import of a subkey revocation, from a certificate without uid")
+(define keyid "573EA710367356BB")
+(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+subkey+sub-revocation.asc")))
+(tr:do
+ (tr:pipe-do
+ (pipe:gpg `(--list-keys --with-colons ,keyid)))
+ (tr:call-with-content
+ (lambda (c)
+ ;; XXX we do not have a regexp library
+ (unless (any (lambda (line)
+ (and (string-prefix? line "sub:r:")
+ (string-contains? line "573EA710367356BB")))
+ (string-split-newlines c))
+ (exit 1)))))
+
+(info "Test import of revocation, from a certificate without uid")
+(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+revocation.asc")))
+(tr:do
+ (tr:pipe-do
+ (pipe:gpg `(--list-keys --with-colons ,keyid)))
+ (tr:call-with-content
+ (lambda (c)
+ ;; XXX we do not have a regexp library
+ (unless (any (lambda (line)
+ (and (string-prefix? line "pub:r:")
+ (string-contains? line "0843DA969AA8DAFB")))
+ (string-split-newlines c))
+ (exit 1)))))
+
diff --git a/tests/openpgp/import-incomplete/primary+revocation.asc b/tests/openpgp/import-incomplete/primary+revocation.asc
new file mode 100644
index 0000000..6b7b608
--- /dev/null
+++ b/tests/openpgp/import-incomplete/primary+revocation.asc
@@ -0,0 +1,9 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: [E] primary key, revocation signature over primary (no user ID)
+
+mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
+631VAN2IeAQgFggAIBYhBLRpj5W82H/gSMzKKQhD2paaqNr7BQJc2ZQZAh0AAAoJ
+EAhD2paaqNr7qAwA/2jBUpnN0BxwRO/4CrxvrLIsL+C9aSXJUOTv8XkP4lvtAQD3
+XsDFfFNgEueiTfF7HtOGt5LPmRqVvUpQSMVgJJW6CQ==
+=tM90
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc b/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc
new file mode 100644
index 0000000..83a51a5
--- /dev/null
+++ b/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc
@@ -0,0 +1,10 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: [D] primary key, subkey, subkey revocation (no user ID)
+
+mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
+631VAN24OARc2ZQhEgorBgEEAZdVAQUBAQdABsd5ha0AWXdXcSmfeiWIfrNcGqQK
+j++lwwWDAOlkVicDAQgHiHgEKBYIACAWIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC
+XNmnkAIdAgAKCRAIQ9qWmqja+ylaAQDmIKf86BJEq4OpDqU+V9D+wn2cyuxbyWVQ
+3r9LiL9qNwD/QAjyrhSN8L3Mfq+wdTHo5i0yB9ZCCpHLXSbhCqfWZwQ=
+=dwx2
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc b/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc
new file mode 100644
index 0000000..dc47a02
--- /dev/null
+++ b/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc
@@ -0,0 +1,10 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: [B] primary key, subkey, subkey binding sig (no user ID)
+
+mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
+631VAN24OARc2ZQhEgorBgEEAZdVAQUBAQdABsd5ha0AWXdXcSmfeiWIfrNcGqQK
+j++lwwWDAOlkVicDAQgHiHgEGBYIACAWIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC
+XNmUIQIbDAAKCRAIQ9qWmqja++vFAP98G1L+1/rWTGbsnxOAV2RocBYIroAvsbkR
+Ly6FdP8YNwEA7jOgT05CoKIe37MstpOz23mM80AK369Ca3JMmKKCQgg=
+=xuDu
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/openpgp/import-incomplete/primary+uid-sig.asc b/tests/openpgp/import-incomplete/primary+uid-sig.asc
new file mode 100644
index 0000000..134607d
--- /dev/null
+++ b/tests/openpgp/import-incomplete/primary+uid-sig.asc
@@ -0,0 +1,10 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: [C] primary key and self-sig expiring in 2024 (no user ID)
+
+mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
+631VAN2IlgQTFggAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBLRpj5W8
+2H/gSMzKKQhD2paaqNr7BQJc2ZR1BQkJZgHcAAoJEAhD2paaqNr79soA/0lWkUsu
+3NLwgbni6EzJxnTzgeNMpljqNpipHAwfix9hAP93AVtFdC8g7hdUZxawobl9lnSN
+9ohXOEBWvdJgVv2YAg==
+=KWIK
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/openpgp/import-incomplete/primary+uid.asc b/tests/openpgp/import-incomplete/primary+uid.asc
new file mode 100644
index 0000000..055f300
--- /dev/null
+++ b/tests/openpgp/import-incomplete/primary+uid.asc
@@ -0,0 +1,10 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: [A] primary key, user ID, and self-sig expiring in 2021
+
+mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
+631VAN20CHRlc3Qga2V5iJYEExYIAD4WIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC
+XNmUGQIbAwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAIQ9qWmqja
++0G1AQDdQiwhXxjXLMqoth+D4SigVHTJK8ORwifzsy3UE7mPGwD/aZ67XbAF/lgI
+kv2O1Jo0u9BL9RNNF+L0DM7rAFbfMAs=
+=1eII
+-----END PGP PUBLIC KEY BLOCK-----

191
gnupg-2.2.20-file-is-digest.patch Normal file
View File

@ -0,0 +1,191 @@
diff -up gnupg-2.2.20/g10/gpg.c.file-is-digest gnupg-2.2.20/g10/gpg.c
--- gnupg-2.2.20/g10/gpg.c.file-is-digest 2020-04-14 16:33:42.630269318 +0200
+++ gnupg-2.2.20/g10/gpg.c 2020-04-14 16:34:46.455100086 +0200
@@ -380,6 +380,7 @@ enum cmd_and_opt_values
oTTYtype,
oLCctype,
oLCmessages,
+ oFileIsDigest,
oXauthority,
oGroup,
oUnGroup,
@@ -831,6 +832,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oPersonalCompressPreferences,
"personal-compress-preferences", "@"),
ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
+ ARGPARSE_s_n (oFileIsDigest, "file-is-digest", "@"),
ARGPARSE_s_s (oWeakDigest, "weak-digest","@"),
ARGPARSE_s_n (oUnwrap, "unwrap", "@"),
ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"),
@@ -2419,6 +2421,7 @@ main (int argc, char **argv)
opt.keyid_format = KF_NONE;
opt.def_sig_expire = "0";
opt.def_cert_expire = "0";
+ opt.file_is_digest = 0;
gnupg_set_homedir (NULL);
opt.passphrase_repeat = 1;
opt.emit_version = 0;
@@ -2997,6 +3000,7 @@ main (int argc, char **argv)
opt.verify_options&=~VERIFY_SHOW_PHOTOS;
break;
case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
+ case oFileIsDigest: opt.file_is_digest = 1; break;
case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break;
case oIncludeKeyBlock: opt.flags.include_key_block = 1; break;
diff -up gnupg-2.2.20/g10/options.h.file-is-digest gnupg-2.2.20/g10/options.h
--- gnupg-2.2.20/g10/options.h.file-is-digest 2020-03-14 19:54:05.000000000 +0100
+++ gnupg-2.2.20/g10/options.h 2020-04-14 16:33:42.634269245 +0200
@@ -202,6 +202,7 @@ struct
int no_auto_check_trustdb;
int preserve_permissions;
int no_homedir_creation;
+ int file_is_digest;
struct groupitem *grouplist;
int mangle_dos_filenames;
int enable_progress_filter;
diff -up gnupg-2.2.20/g10/sign.c.file-is-digest gnupg-2.2.20/g10/sign.c
--- gnupg-2.2.20/g10/sign.c.file-is-digest 2020-03-14 19:35:46.000000000 +0100
+++ gnupg-2.2.20/g10/sign.c 2020-04-14 16:36:54.661751422 +0200
@@ -40,6 +40,7 @@
#include "pkglue.h"
#include "../common/sysutils.h"
#include "call-agent.h"
+#include "../common/host2net.h"
#include "../common/mbox-util.h"
#include "../common/compliance.h"
@@ -834,6 +835,8 @@ write_signature_packets (ctrl_t ctrl,
if (duration || opt.sig_policy_url
|| opt.sig_notations || opt.sig_keyserver_url)
sig->version = 4;
+ else if (opt.file_is_digest)
+ sig->version = 3;
else
sig->version = pk->version;
@@ -860,8 +863,11 @@ write_signature_packets (ctrl_t ctrl,
else
err = 0;
}
- hash_sigversion_to_magic (md, sig);
- gcry_md_final (md);
+
+ if (!opt.file_is_digest) {
+ hash_sigversion_to_magic (md, sig);
+ gcry_md_final (md);
+ }
if (!err)
err = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce, 0);
@@ -924,6 +930,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
SK_LIST sk_rover = NULL;
int multifile = 0;
u32 duration=0;
+ int sigclass = 0x00;
+ u32 timestamp = 0;
pfx = new_progress_context ();
afx = new_armor_context ();
@@ -941,7 +949,16 @@ sign_file (ctrl_t ctrl, strlist_t filena
fname = NULL;
if( fname && filenames->next && (!detached || encryptflag) )
- log_bug("multiple files can only be detached signed");
+ log_bug("multiple files can only be detached signed\n");
+
+ if (opt.file_is_digest && (multifile || !fname))
+ log_bug("file-is-digest only works with one file\n");
+ if (opt.file_is_digest && !detached)
+ log_bug("file-is-digest can only write detached signatures\n");
+ if (opt.file_is_digest && !opt.def_digest_algo)
+ log_bug("file-is-digest needs --digest-algo\n");
+ if (opt.file_is_digest && opt.textmode)
+ log_bug("file-is-digest doesn't work with --textmode\n");
if(encryptflag==2
&& (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek)))
@@ -962,7 +979,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
goto leave;
/* prepare iobufs */
- if( multifile ) /* have list of filenames */
+ if( multifile || opt.file_is_digest) /* have list of filenames */
inp = NULL; /* we do it later */
else {
inp = iobuf_open(fname);
@@ -1100,7 +1117,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
gcry_md_enable (mfx.md, hash_for (sk_rover->pk));
- if( !multifile )
+ if( !multifile && !opt.file_is_digest )
iobuf_push_filter( inp, md_filter, &mfx );
if( detached && !encryptflag)
@@ -1155,6 +1172,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
write_status_begin_signing (mfx.md);
+ sigclass = opt.textmode && !outfile? 0x01 : 0x00;
+
/* Setup the inner packet. */
if( detached ) {
if( multifile ) {
@@ -1195,6 +1214,45 @@ sign_file (ctrl_t ctrl, strlist_t filena
if( opt.verbose )
log_printf ("\n");
}
+ else if (opt.file_is_digest) {
+ byte *mdb, ts[5];
+ size_t mdlen;
+ const char *fp;
+ int c, d;
+
+ gcry_md_final(mfx.md);
+ /* this assumes gcry_md_read returns the same buffer */
+ mdb = gcry_md_read(mfx.md, opt.def_digest_algo);
+ mdlen = gcry_md_get_algo_dlen(opt.def_digest_algo);
+ if (strlen(fname) != mdlen * 2 + 11)
+ log_bug("digests must be %zu + @ + 5 bytes\n", mdlen);
+ d = -1;
+ for (fp = fname ; *fp; ) {
+ c = *fp++;
+ if (c >= '0' && c <= '9')
+ c -= '0';
+ else if (c >= 'a' && c <= 'f')
+ c -= 'a' - 10;
+ else if (c >= 'A' && c <= 'F')
+ c -= 'A' - 10;
+ else
+ log_bug("filename is not hex\n");
+ if (d >= 0) {
+ *mdb++ = d << 4 | c;
+ c = -1;
+ if (--mdlen == 0) {
+ mdb = ts;
+ if (*fp++ != '@')
+ log_bug("missing time separator\n");
+ }
+ }
+ d = c;
+ }
+ sigclass = ts[0];
+ if (sigclass != 0x00 && sigclass != 0x01)
+ log_bug("bad cipher class\n");
+ timestamp = buf32_to_u32(ts + 1);
+ }
else {
/* read, so that the filter can calculate the digest */
while( iobuf_get(inp) != -1 )
@@ -1213,8 +1271,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
/* write the signatures */
rc = write_signature_packets (ctrl, sk_list, out, mfx.md,
- opt.textmode && !outfile? 0x01 : 0x00,
- 0, duration, detached ? 'D':'S', NULL);
+ sigclass,
+ timestamp, duration, detached ? 'D':'S', NULL);
if( rc )
goto leave;

248
gnupg-2.2.21-coverity.patch Normal file
View File

@ -0,0 +1,248 @@
diff -up gnupg-2.2.21/common/server-help.c.coverity gnupg-2.2.21/common/server-help.c
--- gnupg-2.2.21/common/server-help.c.coverity 2019-02-11 10:59:34.000000000 +0100
+++ gnupg-2.2.21/common/server-help.c 2020-07-20 17:09:57.416148768 +0200
@@ -156,7 +156,7 @@ get_option_value (char *line, const char
*pend = 0;
*r_value = xtrystrdup (p);
*pend = c;
- if (!p)
+ if (!*r_value)
return my_error_from_syserror ();
return 0;
}
diff -up gnupg-2.2.21/dirmngr/domaininfo.c.coverity gnupg-2.2.21/dirmngr/domaininfo.c
--- gnupg-2.2.21/dirmngr/domaininfo.c.coverity 2019-07-09 11:08:45.000000000 +0200
+++ gnupg-2.2.21/dirmngr/domaininfo.c 2020-07-20 17:09:57.418148784 +0200
@@ -193,6 +193,7 @@ insert_or_update (const char *domain,
log_error ("domaininfo: error allocating helper array: %s\n",
gpg_strerror (gpg_err_code_from_syserror ()));
drop_extra = bucket;
+ xfree (di_new);
goto leave;
}
narray = 0;
@@ -258,6 +259,8 @@ insert_or_update (const char *domain,
* sensible strategy. */
drop_extra = domainbuckets[hash];
domainbuckets[hash] = keep;
+
+ xfree (array);
}
/* Insert */
diff -up gnupg-2.2.21/dirmngr/http.c.coverity gnupg-2.2.21/dirmngr/http.c
--- gnupg-2.2.21/dirmngr/http.c.coverity 2019-11-18 18:44:33.000000000 +0100
+++ gnupg-2.2.21/dirmngr/http.c 2020-07-20 17:09:57.419148793 +0200
@@ -3656,7 +3656,6 @@ http_prepare_redirect (http_redir_info_t
if (!newurl)
{
err = gpg_error_from_syserror ();
- http_release_parsed_uri (locuri);
return err;
}
}
@@ -3675,7 +3674,6 @@ http_prepare_redirect (http_redir_info_t
if (!newurl)
{
err = gpg_error_from_syserror ();
- http_release_parsed_uri (locuri);
return err;
}
}
diff -up gnupg-2.2.21/dirmngr/ks-engine-hkp.c.coverity gnupg-2.2.21/dirmngr/ks-engine-hkp.c
--- gnupg-2.2.21/dirmngr/ks-engine-hkp.c.coverity 2019-11-18 18:44:33.000000000 +0100
+++ gnupg-2.2.21/dirmngr/ks-engine-hkp.c 2020-07-20 17:09:57.419148793 +0200
@@ -1426,7 +1426,7 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t
int reselect;
unsigned int httpflags;
char *httphost = NULL;
- unsigned int http_status;
+ unsigned int http_status = 0;
unsigned int tries = SEND_REQUEST_RETRIES;
unsigned int extra_tries = SEND_REQUEST_EXTRA_RETRIES;
diff -up gnupg-2.2.21/g10/card-util.c.coverity gnupg-2.2.21/g10/card-util.c
--- gnupg-2.2.21/g10/card-util.c.coverity 2020-04-15 15:17:48.000000000 +0200
+++ gnupg-2.2.21/g10/card-util.c 2020-07-20 17:09:57.419148793 +0200
@@ -667,7 +667,7 @@ card_status (ctrl_t ctrl, estream_t fp,
{
int err;
strlist_t card_list, sl;
- char *serialno0, *serialno1;
+ char *serialno0, *serialno1 = NULL;
int all_cards = 0;
int any_card = 0;
@@ -712,6 +712,7 @@ card_status (ctrl_t ctrl, estream_t fp,
current_card_status (ctrl, fp, NULL, 0);
xfree (serialno1);
+ serialno1 = NULL;
if (!all_cards)
goto leave;
diff -up gnupg-2.2.21/g10/import.c.coverity gnupg-2.2.21/g10/import.c
--- gnupg-2.2.21/g10/import.c.coverity 2020-07-20 17:09:57.416148768 +0200
+++ gnupg-2.2.21/g10/import.c 2020-07-20 17:09:57.419148793 +0200
@@ -1888,7 +1888,7 @@ import_one_real (ctrl_t ctrl,
if (opt.interactive && !silent)
{
- if (is_status_enabled())
+ if (uidnode && is_status_enabled())
print_import_check (pk, uidnode->pkt->pkt.user_id);
merge_keys_and_selfsig (ctrl, keyblock);
tty_printf ("\n");
diff -up gnupg-2.2.21/g10/keygen.c.coverity gnupg-2.2.21/g10/keygen.c
--- gnupg-2.2.21/g10/keygen.c.coverity 2020-07-20 17:09:57.401148640 +0200
+++ gnupg-2.2.21/g10/keygen.c 2020-07-20 17:09:57.420148801 +0200
@@ -3075,7 +3075,7 @@ parse_key_parameter_part (ctrl_t ctrl,
char *endp;
const char *curve = NULL;
int ecdh_or_ecdsa = 0;
- unsigned int size;
+ unsigned int size = 0;
int keyuse;
int i;
const char *s;
@@ -5719,12 +5719,20 @@ gen_card_key (int keyno, int algo, int i
the self-signatures. */
err = agent_readkey (NULL, 1, keyid, &public);
if (err)
- return err;
+ {
+ xfree (pkt);
+ xfree (pk);
+ return err;
+ }
err = gcry_sexp_sscan (&s_key, NULL, public,
gcry_sexp_canon_len (public, 0, NULL, NULL));
xfree (public);
if (err)
- return err;
+ {
+ xfree (pkt);
+ xfree (pk);
+ return err;
+ }
if (algo == PUBKEY_ALGO_RSA)
err = key_from_sexp (pk->pkey, s_key, "public-key", "ne");
@@ -5739,6 +5747,7 @@ gen_card_key (int keyno, int algo, int i
if (err)
{
log_error ("key_from_sexp failed: %s\n", gpg_strerror (err) );
+ xfree (pkt);
free_public_key (pk);
return err;
}
diff -up gnupg-2.2.21/g10/sig-check.c.coverity gnupg-2.2.21/g10/sig-check.c
--- gnupg-2.2.21/g10/sig-check.c.coverity 2020-07-03 16:17:05.000000000 +0200
+++ gnupg-2.2.21/g10/sig-check.c 2020-07-20 17:09:57.420148801 +0200
@@ -902,6 +902,7 @@ check_signature_over_key_or_uid (ctrl_t
{
/* Issued by a subkey. */
signer = subk;
+ *is_selfsig = 1;
break;
}
}
diff -up gnupg-2.2.21/g10/sign.c.coverity gnupg-2.2.21/g10/sign.c
--- gnupg-2.2.21/g10/sign.c.coverity 2020-07-20 17:09:57.399148624 +0200
+++ gnupg-2.2.21/g10/sign.c 2020-07-20 17:09:57.420148801 +0200
@@ -824,7 +824,7 @@ write_signature_packets (ctrl_t ctrl,
PKT_public_key *pk;
PKT_signature *sig;
gcry_md_hd_t md;
- gpg_error_t err;
+ gpg_error_t err = 0;
pk = sk_rover->pk;
diff -up gnupg-2.2.21/kbx/keybox-dump.c.coverity gnupg-2.2.21/kbx/keybox-dump.c
--- gnupg-2.2.21/kbx/keybox-dump.c.coverity 2019-08-23 15:59:06.000000000 +0200
+++ gnupg-2.2.21/kbx/keybox-dump.c 2020-07-20 17:09:57.420148801 +0200
@@ -786,11 +786,15 @@ _keybox_dump_cut_records (const char *fi
while ( !(rc = _keybox_read_blob (&blob, fp, NULL)) )
{
if (recno > to)
- break; /* Ready. */
+ {
+ _keybox_release_blob (blob);
+ break; /* Ready. */
+ }
if (recno >= from)
{
if ((rc = _keybox_write_blob (blob, outfp)))
{
+ _keybox_release_blob (blob);
fprintf (stderr, "error writing output: %s\n",
gpg_strerror (rc));
goto leave;
diff -up gnupg-2.2.21/tools/gpg-wks-server.c.coverity gnupg-2.2.21/tools/gpg-wks-server.c
--- gnupg-2.2.21/tools/gpg-wks-server.c.coverity 2020-02-10 16:12:13.000000000 +0100
+++ gnupg-2.2.21/tools/gpg-wks-server.c 2020-07-20 17:09:57.420148801 +0200
@@ -890,15 +890,18 @@ store_key_as_pending (const char *dir, e
}
leave:
- if (err)
+ if (fname)
{
- es_fclose (outfp);
- gnupg_remove (fname);
- }
- else if (es_fclose (outfp))
- {
- err = gpg_error_from_syserror ();
- log_error ("error closing '%s': %s\n", fname, gpg_strerror (err));
+ if (err)
+ {
+ es_fclose (outfp);
+ gnupg_remove (fname);
+ }
+ else if (es_fclose (outfp))
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error closing '%s': %s\n", fname, gpg_strerror (err));
+ }
}
if (!err)
diff -up gnupg-2.2.21/tools/wks-util.c.coverity gnupg-2.2.21/tools/wks-util.c
--- gnupg-2.2.21/tools/wks-util.c.coverity 2019-11-23 13:50:21.000000000 +0100
+++ gnupg-2.2.21/tools/wks-util.c 2020-07-20 17:09:57.421148810 +0200
@@ -948,7 +948,7 @@ ensure_policy_file (const char *addrspec
static gpg_error_t
install_key_from_spec_file (const char *fname)
{
- gpg_error_t err;
+ gpg_error_t err = 0;
estream_t fp;
char *line = NULL;
size_t linelen = 0;
@@ -1195,10 +1195,8 @@ wks_cmd_print_wkd_hash (const char *user
char *addrspec, *fname;
err = wks_fname_from_userid (userid, 1, &fname, &addrspec);
- if (err)
- return err;
-
- es_printf ("%s %s\n", fname, addrspec);
+ if (!err)
+ es_printf ("%s %s\n", fname, addrspec);
xfree (fname);
xfree (addrspec);
@@ -1216,7 +1214,10 @@ wks_cmd_print_wkd_url (const char *useri
err = wks_fname_from_userid (userid, 1, &fname, &addrspec);
if (err)
- return err;
+ {
+ xfree (addrspec);
+ return err;
+ }
domain = strchr (addrspec, '@');
if (domain)

BIN
gnupg-2.2.21.tar.bz2 Normal file
View File

Binary file not shown.

BIN
gnupg-2.2.21.tar.bz2.sig Normal file
View File

Binary file not shown.

23
gnupg2.spec
View File

@ -1,16 +1,24 @@
Name: gnupg2
Version: 2.2.17
Release: 7
Version: 2.2.21
Release: 1
Summary: Utility for secure communication and data storage
License: GPLv3+
URL: https://gnupg.org/
Source0: https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2
Source1: https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig
Patch0: fix-CVE-2019-14855-0-Ignore-all-SHA-1-3rd-party-key-sig.patch
Patch1: fix-CVE-2019-14855-1-Add-option-allow-weak-key-signatures.patch
Patch2: fix-CVE-2019-14855-2-Forbid-creation-of-SHA-1-3rd-party-key-sig.patch
Patch3: fix-a-memory-leak-in-g10.patch
Patch0: fix-a-memory-leak-in-g10.patch
Patch1: gnupg-2.1.10-secmem.patch
Patch2: gnupg-2.1.1-fips-algo.patch
Patch3: gnupg-2.1.21-insttools.patch
Patch4: gnupg-2.1.21-large-rsa.patch
Patch5: gnupg-2.2.16-ocsp-keyusage.patch
Patch6: gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
Patch7: gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.patch
patch8: gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch
Patch9: gnupg-2.2.20-file-is-digest.patch
Patch10: gnupg-2.2.21-coverity.patch
BuildRequires: zlib-devel, npth-devel, gdb, texinfo
BuildRequires: libgpg-error-devel >= 1.31
@ -105,6 +113,9 @@ make check
%changelog
* Sat Jul 25 2020 yang_zhuang_zhuang <yangzhuangzhuang1@huawei.com> - 2.2.21-1
- update version to 2.2.21
* Wed Jun 3 2020 Anakin Zhang <nbztx@126.com> - 2.2.17-7
- fix a memory leak in g10