security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

* sign.c (hash_for): Add code to detect if the sk lives on a smart

Browse source 
card.  If it does, only allow 160-bit hashes, a la DSA.  This involves
passing the *sk in, so change all callers.  This is correct for today,
given the current 160-bit q in DSA, and the current SHA-1/RIPEMD160
support in the openpgp card.  It will almost certainly need changing
down the road.

* app-openpgp.c (do_sign): Give user error if hash algorithm is not
supported by the card.
This commit is contained in:
David Shaw 2006-01-01 17:48:54 +00:00
parent 74117cf4d3
commit cbc5c947d5
3 changed files with 44 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

6
g10/app-openpgp.c
View file

@ -2083,7 +2083,11 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
&& !memcmp (indata, rmd160_prefix, 15))
;
else
return gpg_error (GPG_ERR_INV_VALUE);
{
log_error(_("card does not support digest algorithm %s\n"),
digest_algo_to_string(hashalgo));
return gpg_error (GPG_ERR_INV_VALUE);
}
/* Check whether an OpenPGP card of any version has been requested. */
if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))