security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-22 14:57:02 +01:00
Code Activity

* sign.c (hash_for): If --digest-algo is not set, but

Browse Source 
--personal-digest-preferences is, then use the first hash algorithm in the
personal list.  If the signing algorithm is DSA, then use the first
160-bit hash algorithm in the personal list. If --pgp2 is set and it's a
v3 RSA key, use MD5.
This commit is contained in:
David Shaw 2002-11-25 04:06:04 +00:00
parent ce4ddd144c
commit 8b9e9d33c1
2 changed files with 38 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
g10/ChangeLog
View File

@ -1,5 +1,11 @@
2002-11-24 David Shaw <dshaw@jabberwocky.com> 2002-11-24 David Shaw <dshaw@jabberwocky.com>
* sign.c (hash_for): If --digest-algo is not set, but
--personal-digest-preferences is, then use the first hash
algorithm in the personal list. If the signing algorithm is DSA,
then use the first 160-bit hash algorithm in the personal list.
If --pgp2 is set and it's a v3 RSA key, use MD5.
* g10.c (main), keydb.c (keydb_add_resource, * g10.c (main), keydb.c (keydb_add_resource,
keydb_locate_writable): Rename --default-keyring as keydb_locate_writable): Rename --default-keyring as
--primary-keyring. Stefan wins the naming contest. --primary-keyring. Stefan wins the naming contest.

40
g10/sign.c
View File

@ -332,14 +332,38 @@ complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md )
static int static int
hash_for(int pubkey_algo, int packet_version ) hash_for(int pubkey_algo, int packet_version )
{ {
if( opt.def_digest_algo ) if( opt.def_digest_algo )
return opt.def_digest_algo; return opt.def_digest_algo;
if( recipient_digest_algo ) else if( recipient_digest_algo )
return recipient_digest_algo; return recipient_digest_algo;
if( pubkey_algo == PUBKEY_ALGO_DSA ) else if(opt.pgp2 && pubkey_algo == PUBKEY_ALGO_RSA && packet_version < 4 )
return DIGEST_ALGO_SHA1; {
if( pubkey_algo == PUBKEY_ALGO_RSA && packet_version < 4 ) /* Old-style PGP only understands MD5 */
return DIGEST_ALGO_MD5; return DIGEST_ALGO_MD5;
}
else if( pubkey_algo == PUBKEY_ALGO_DSA )
{
/* We need a 160-bit hash for DSA, so we can't just take the first
in the pref list */
if(opt.personal_digest_prefs)
{
prefitem_t *prefs;
for(prefs=opt.personal_digest_prefs;prefs->type;prefs++)
if(md_digest_length(prefs->value)==20)
return prefs->value;
}
return DIGEST_ALGO_SHA1;
}
else if( opt.personal_digest_prefs )
{
/* It's not DSA, so we can use whatever the first hash algorithm
is in the pref list */
return opt.personal_digest_prefs[0].value;
}
else
return DEFAULT_DIGEST_ALGO; return DEFAULT_DIGEST_ALGO;
} }