diff options
| author | David Shaw <[email protected]> | 2007-07-18 17:43:14 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2007-07-18 17:43:14 +0000 |
| commit | ab20b58ecde4f74ffc9e42432c8c2977930f29a8 (patch) | |
| tree | 1dd3cb8c81efc4df88a47f5fdbed62356b190c32 | |
| parent | * armor.c (is_armor_tag): New. Detect if an armor header matches (diff) | |
| download | gnupg-ab20b58ecde4f74ffc9e42432c8c2977930f29a8.tar.gz gnupg-ab20b58ecde4f74ffc9e42432c8c2977930f29a8.zip | |
* defs.inc (all_hash_algos): See "all_cipher_algos", below.
* sigs.test: Use it here, and also test with >=160 bit hashes for
DSA2.
| -rw-r--r-- | checks/ChangeLog | 7 | ||||
| -rwxr-xr-x | checks/defs.inc | 4 | ||||
| -rwxr-xr-x | checks/sigs.test | 53 |
3 files changed, 30 insertions, 34 deletions
diff --git a/checks/ChangeLog b/checks/ChangeLog index 906fe2773..ab3318ba3 100644 --- a/checks/ChangeLog +++ b/checks/ChangeLog @@ -1,3 +1,10 @@ +2007-07-18 David Shaw <[email protected]> + + * defs.inc (all_hash_algos): See "all_cipher_algos", below. + + * sigs.test: Use it here, and also test with >=160 bit hashes for + DSA2. + 2007-05-14 David Shaw <[email protected]> * defs.inc (all_cipher_algos): New function to return all ciphers diff --git a/checks/defs.inc b/checks/defs.inc index bf4de8227..50fca9424 100755 --- a/checks/defs.inc +++ b/checks/defs.inc @@ -134,6 +134,10 @@ all_cipher_algos () { ../g10/gpg --homedir . --version | grep "Cipher" | sed 's/^Cipher: //; s/,//g' } +all_hash_algos () { + ../g10/gpg --homedir . --version | grep "Hash" | sed 's/^Hash: //; s/,//g' +} + set -e pgmname=`basename $0` #trap cleanup SIGHUP SIGINT SIGQUIT diff --git a/checks/sigs.test b/checks/sigs.test index 2c3be5cf5..aec00043a 100755 --- a/checks/sigs.test +++ b/checks/sigs.test @@ -2,45 +2,17 @@ . $srcdir/defs.inc || exit 3 -#info Checking signatures for i in $plain_files $data_files; do echo "$usrpass1" | $GPG --passphrase-fd 0 -s -o x --yes $i $GPG -o y --yes x cmp $i y || error "$i: mismatch" done -# Using the DSA sig key - only 160 bit hashes -for da in ripemd160 sha1 ; do - for i in $plain_files; do - echo "$usrpass1" | $GPG --passphrase-fd 0 --digest-algo $da \ - -s -o x --yes $i - $GPG -o y --yes x - cmp $i y || error "$i: mismatch" - # process only the first one - break - done -done - -# TODO: add the new SHAs here once we allow them to be used in new -# documents. - -if have_pubkey_algo "RSA"; then - # Using the RSA sig key - all hashes - hash_algo_list="ripemd160 sha1 md5" - if have_hash_algo "SHA224"; then - hash_algo_list="$hash_algo_list sha224" - fi - if have_hash_algo "SHA256"; then - hash_algo_list="$hash_algo_list sha256" - fi - if have_hash_algo "SHA384"; then - hash_algo_list="$hash_algo_list sha384" - fi - if have_hash_algo "SHA512"; then - hash_algo_list="$hash_algo_list sha512" - fi +for da in `all_hash_algos` ; do + echo_n "$da " - for da in $hash_algo_list ; do + # RSA key, so any hash is okay + if have_pubkey_algo "RSA"; then for i in $plain_files; do $GPG -u $usrname3 --digest-algo $da -s -o x --yes $i $GPG -o y --yes x @@ -48,5 +20,18 @@ if have_pubkey_algo "RSA"; then # process only the first one break done - done -fi + fi + + # Using the DSA sig key - only 160 bit or larger hashes + if test $da != "MD5"; then + for i in $plain_files; do + echo "$usrpass1" | $GPG --passphrase-fd 0 --digest-algo $da \ + -s -o x --yes $i + $GPG -o y --yes x + cmp $i y || error "$i: mismatch" + # process only the first one + break + done + fi +done +echo_n "| " |