aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2014-09-27 13:21:02 +0000
committerWerner Koch <[email protected]>2014-09-27 13:36:02 +0000
commit36179da032fa43d82042b3d31ed175d17b8e9bc4 (patch)
treef2f82ea4bd5f5fa96995bf38e37100d8e6fd6794
parentdoc: Update the file OpenPGP (diff)
downloadgnupg-36179da032fa43d82042b3d31ed175d17b8e9bc4.tar.gz
gnupg-36179da032fa43d82042b3d31ed175d17b8e9bc4.zip
gpg: Default to SHA-256 for all signature types on RSA keys.
* g10/main.h (DEFAULT_DIGEST_ALGO): Use SHA256 in --gnupg and SHA1 in strict RFC or PGP modes. * g10/sign.c (make_keysig_packet): Use DEFAULT_DIGEST_ALGO also for RSA key signatures. -- (Backported from commit d33246700578cddd1cb8ed8164cfbba50aba4ef3)
Diffstat
-rw-r--r--g10/main.h2
-rw-r--r--g10/sign.c2
2 files changed, 2 insertions, 2 deletions
diff --git a/g10/main.h b/g10/main.h
index 226898d29..4cf2cc788 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -33,7 +33,7 @@
issues of speed and size come into play here. */
#define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5
-#define DEFAULT_DIGEST_ALGO DIGEST_ALGO_SHA1
+#define DEFAULT_DIGEST_ALGO ((GNUPG)? DIGEST_ALGO_SHA256:DIGEST_ALGO_SHA1)
#define DEFAULT_COMPRESS_ALGO COMPRESS_ALGO_ZIP
#define DEFAULT_S2K_DIGEST_ALGO DIGEST_ALGO_SHA1
diff --git a/g10/sign.c b/g10/sign.c
index 0de3321be..e7e79cc21 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1425,7 +1425,7 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
else if(sk->pubkey_algo==PUBKEY_ALGO_DSA)
digest_algo = match_dsa_hash (gcry_mpi_get_nbits (sk->skey[1])/8);
else
- digest_algo = DIGEST_ALGO_SHA1;
+ digest_algo = DEFAULT_DIGEST_ALGO;
}
if ( gcry_md_open (&md, digest_algo, 0 ) )
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 03:04:18 +0000