security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

gpg: Fix the encrypt+sign hash algo preference selection for ECDSA.

Browse source 
* g10/keydb.h (pref_hint): Change from union to struct and add field
'exact'.  Adjust callers.
* g10/pkclist.c (algo_available): Take care of the exact hint.
* g10/sign.c (sign_file): Rework the hash detection from
recipient prefs.
--

This fixes a encrypt+sign case like: One recipient key has SHA512 as
highest ranked hash preference but the the signing key is a 256 bit
curve.  Because we don't want to use a truncated hash with ECDSA, we
need to have an exact match - this is in particular important for
smartcard which check that the hash matches the curves.

Signed-off-by: Werner Koch <wk@gnupg.org>

Ported-from-stable: aeed0b93ff
This commit is contained in:
Werner Koch 2020-11-13 15:43:30 +01:00
parent e546cc78b7
commit e37c2e1844
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
4 changed files with 58 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

1
doc/HACKING
View file

@ -229,6 +229,7 @@ Note that such a comment will be removed if the git commit option
- Proofread-by :: Sometimes used by translation commits.
- Signed-off-by :: Name or mail address of the developer.
- Backported-from-master :: Value is the commit id of the original patch.
- Ported-from-stable :: Value is the commit id of the original patch.
* Windows
** How to build an installer for Windows