GnuPG's ElGamal signing keys compromised
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message
Hi,
David Shaw wrote a patch against GnuPG 1.2.3 to disable the ability to
create signatures using the ElGamal sign+encrypt (type 20) keys as
well as to remove the option to create such keys.
This patch will go into the next release; if you feel better with
those flawed features disabled, you may want to apply this patch.
Thanks,
Werner
Index: getkey.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/getkey.c,v
retrieving revision 1.78.2.20
diff -u -r1.78.2.20 getkey.c
--- getkey.c 21 Jul 2003 14:55:00 -0000 1.78.2.20
+++ getkey.c 27 Nov 2003 00:32:30 -0000
@@ -1655,6 +1655,11 @@
if ( x ) /* mask it down to the actual allowed usage */
key_usage &= x;
}
+
+ /* Type 20 Elgamal keys are not usable. */
+ if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+ key_usage=0;
+
pk->pubkey_usage = key_usage;
if ( !key_expire_seen ) {
@@ -1869,6 +1874,13 @@
if ( x ) /* mask it down to the actual allowed usage */
key_usage &= x;
}
+
+ /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are
+ not usable. */
+ if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
+ || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+ key_usage=0;
+
subpk->pubkey_usage = key_usage;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
Index: keygen.c
===================================================================
RCS file: /cvs/gnupg/gnupg/g10/keygen.c,v
retrieving revision 1.90.2.11
diff -u -r1.90.2.11 keygen.c
--- keygen.c 16 Jul 2003 03:09:15 -0000 1.90.2.11
+++ keygen.c 27 Nov 2003 00:32:31 -0000
@@ -958,8 +958,6 @@
tty_printf( _(" (%d) DSA (sign only)\n"), 2 );
if( addmode )
tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 );
- if (opt.expert)
- tty_printf( _(" (%d) ElGamal (sign and encrypt)\n"), 4 );
tty_printf( _(" (%d) RSA (sign only)\n"), 5 );
if (addmode)
tty_printf( _(" (%d) RSA (encrypt only)\n"), 6 );
@@ -989,21 +987,6 @@
algo = PUBKEY_ALGO_RSA;
*r_usage = PUBKEY_USAGE_SIG;
break;
- }
- else if( algo == 4 && opt.expert)
- {
- tty_printf(_(
-"The use of this algorithm is only supported by GnuPG. You will not be\n"
-"able to use this key to communicate with PGP users. This algorithm is also\n"
-"very slow, and may not be as secure as the other choices.\n"));
-
- if( cpr_get_answer_is_yes("keygen.algo.elg_se",
- _("Create anyway? ")))
- {
- algo = PUBKEY_ALGO_ELGAMAL;
- *r_usage = PUBKEY_USAGE_ENC | PUBKEY_USAGE_SIG;
- break;
- }
}
else if( algo == 3 && addmode ) {
algo = PUBKEY_ALGO_ELGAMAL_E;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/xa20aLeriVdUjc0RAvXcAKCIxQR0JbaxfX/EFpI4NLcb4vUI2ACZAQTx
zfX4QUrn7HnluPP4Pfoofdk=
=OtPO
-----END PGP SIGNATURE-----