mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Allo RMD160 signatures
This commit is contained in:
parent
6b19366e4e
commit
79f749fec9
2
NEWS
2
NEWS
@ -11,6 +11,8 @@ Noteworthy changes in version 1.9.21
|
||||
* [gpgsm] Kludge to allow use of Bundesnetzagentur issued
|
||||
certificates.
|
||||
|
||||
* [scdaemon] Added --hash=xxx option to the PKSIGN command.
|
||||
|
||||
|
||||
Noteworthy changes in version 1.9.20 (2005-12-20)
|
||||
-------------------------------------------------
|
||||
|
1
TODO
1
TODO
@ -3,6 +3,7 @@
|
||||
* src/base64
|
||||
** Make parsing more robust
|
||||
Currently we don't cope with overlong lines in the best way.
|
||||
** Check that we really release the ksba reader/writer objects.
|
||||
|
||||
* sm/call-agent.c
|
||||
** The protocol uses an incomplete S-expression
|
||||
|
@ -444,7 +444,14 @@ hex notation. The actual signing is done using the command
|
||||
@end example
|
||||
|
||||
where @var{keyid} is the hexified ID of the key to be used. The key id
|
||||
may have been retrieved using the command @code{LEARN}.
|
||||
may have been retrieved using the command @code{LEARN}. If another
|
||||
hash algorithm than SHA-1 is used, that algorithm may be given like:
|
||||
|
||||
@example
|
||||
PKSIGN --hash=@var{algoname} @var{keyid}
|
||||
@end example
|
||||
|
||||
With @var{algoname} are one of @code{sha1}, @code{rmd160} or @code{md5}.
|
||||
|
||||
|
||||
@node Scdaemon PKDECRYPT
|
||||
|
@ -1,3 +1,7 @@
|
||||
2006-03-21 Werner Koch <wk@g10code.com>
|
||||
|
||||
* command.c (cmd_pksign): Add --hash option.
|
||||
|
||||
2006-03-01 Werner Koch <wk@g10code.com>
|
||||
|
||||
* command.c (status_file_update_lock): New.
|
||||
|
@ -708,7 +708,9 @@ pin_cb (void *opaque, const char *info, char **retstr)
|
||||
}
|
||||
|
||||
|
||||
/* PKSIGN <hexified_id>
|
||||
/* PKSIGN [--hash=[rmd160|sha1|md5]] <hexified_id>
|
||||
|
||||
The --hash option is optional; the default is SHA1.
|
||||
|
||||
*/
|
||||
static int
|
||||
@ -719,6 +721,26 @@ cmd_pksign (assuan_context_t ctx, char *line)
|
||||
unsigned char *outdata;
|
||||
size_t outdatalen;
|
||||
char *keyidstr;
|
||||
int hash_algo;
|
||||
|
||||
if (has_option (line, "--hash=rmd160"))
|
||||
hash_algo = GCRY_MD_RMD160;
|
||||
else if (has_option (line, "--hash=sha1"))
|
||||
hash_algo = GCRY_MD_SHA1;
|
||||
else if (has_option (line, "--hash=md5"))
|
||||
hash_algo = GCRY_MD_MD5;
|
||||
else if (!strstr (line, "--"))
|
||||
hash_algo = GCRY_MD_SHA1;
|
||||
else
|
||||
return set_error (Parameter_Error, "invalid hash algorithm");
|
||||
/* Skip over options. */
|
||||
while ( *line == '-' && line[1] == '-' )
|
||||
{
|
||||
while (*line && !spacep (line))
|
||||
line++;
|
||||
while (spacep (line))
|
||||
line++;
|
||||
}
|
||||
|
||||
if ( IS_LOCKED (ctrl) )
|
||||
return gpg_error (GPG_ERR_LOCKED);
|
||||
@ -734,7 +756,7 @@ cmd_pksign (assuan_context_t ctx, char *line)
|
||||
return ASSUAN_Out_Of_Core;
|
||||
|
||||
rc = app_sign (ctrl->app_ctx,
|
||||
keyidstr, GCRY_MD_SHA1,
|
||||
keyidstr, hash_algo,
|
||||
pin_cb, ctx,
|
||||
ctrl->in_data.value, ctrl->in_data.valuelen,
|
||||
&outdata, &outdatalen);
|
||||
@ -777,7 +799,7 @@ cmd_pkauth (assuan_context_t ctx, char *line)
|
||||
if (!ctrl->app_ctx)
|
||||
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
|
||||
|
||||
/* We have to use a copy of the key ID because the function may use
|
||||
/* We have to use a copy of the key ID because the function may use
|
||||
the pin_cb which in turn uses the assuan line buffer and thus
|
||||
overwriting the original line with the keyid */
|
||||
keyidstr = xtrystrdup (line);
|
||||
|
Loading…
x
Reference in New Issue
Block a user