gpg: Ignore personal_digest_prefs for ECDSA keys.

* g10/sign.c (hash_for): Simplify hash algo selection for ECDSA. -- GnuPG-bug-id: 5021 Signed-off-by: Werner Koch <wk@gnupg.org>
2020-08-13 11:19:22 +02:00 · 2020-08-13 11:19:22 +02:00 · 53d84f9815
parent d516ae685e
commit 53d84f9815
1 changed files with 7 additions and 3 deletions
--- a/g10/sign.c
+++ b/g10/sign.c
@ -597,7 +597,7 @@ openpgp_card_v1_p (PKT_public_key *pk)
 }


-
+/* Get a matching hash algorithm for DSA and ECDSA.  */
 static int
 match_dsa_hash (unsigned int qbytes)
 {
@ -674,9 +674,13 @@ hash_for (PKT_public_key *pk)
 	 160-bit hash unless --enable-dsa2 is set, in which case act
 	 like a new DSA key that just happens to have a 160-bit q
 	 (i.e. allow truncation).  If q is not 160, by definition it
-	 must be a new DSA key. */
+	 must be a new DSA key.  We ignore the personal_digest_prefs
+	 for ECDSA because they should always macth the curve and
+	 truncated hashes are not useful either.  Even worse,
+	 smartcards may reject non matching hash lengths for curves
+	 (e.g. using SHA-512 with brainpooolP385r1 on a Yubikey).  */

-      if (opt.personal_digest_prefs)
+      if (pk->pubkey_algo == PUBKEY_ALGO_DSA && opt.personal_digest_prefs)
 	{
 	  prefitem_t *prefs;