mirror of
git://git.gnupg.org/gnupg.git
synced 2024-05-31 22:18:03 +02:00
6466db10fb
* agent/pksign.c (rfc6979_hash_algo_string): New. (do_encode_dsa) [Libgcrypt >= 1.6]: Make use of RFC-6979. -- Now that we have a good (and not NSA/NIST demanded ;-) specification on how to use DSA without a random nonce, we take advantage of it and thus avoid pitfalls related to a misbehaving RNG during signature creation. Note that OpenPGP has the option of using a longer hash algorithm but truncated to what is suitable for the used DSA key size. The hash used as input to RFC-6979 will also be one with an appropriate digest length but not a truncated one. This is allowed by RFC-6979. Signed-off-by: Werner Koch <wk@gnupg.org> |
||
---|---|---|
.. | ||
agent.h | ||
cache.c | ||
call-pinentry.c | ||
call-scd.c | ||
ChangeLog-2011 | ||
command-ssh.c | ||
command.c | ||
cvt-openpgp.c | ||
cvt-openpgp.h | ||
divert-scd.c | ||
findkey.c | ||
genkey.c | ||
gpg-agent-w32info.rc | ||
gpg-agent.c | ||
keyformat.txt | ||
learncard.c | ||
Makefile.am | ||
pkdecrypt.c | ||
pksign.c | ||
preset-passphrase.c | ||
protect-tool.c | ||
protect.c | ||
t-protect.c | ||
trans.c | ||
trustlist.c | ||
w32main.c | ||
w32main.h |