diff options
Diffstat (limited to 'sm')
| -rw-r--r-- | sm/ChangeLog | 7 | ||||
| -rw-r--r-- | sm/gpgsm.c | 14 | ||||
| -rw-r--r-- | sm/gpgsm.h | 5 | ||||
| -rw-r--r-- | sm/sign.c | 14 |
4 files changed, 29 insertions, 11 deletions
diff --git a/sm/ChangeLog b/sm/ChangeLog index 0905159ce..9f926cfc7 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,5 +1,12 @@ 2009-03-26 Werner Koch <[email protected]> + * gpgsm.c (main): s/def_digest_string/forced_digest_algo/ and + activate the --digest-algo option. + * gpgsm.h (struct opt): s/def_digest_algo/forced_digest_algo/. + * sign.c (gpgsm_sign): Implement --digest-algo. + + * sign.c (MAX_DIGEST_LEN): Change to 64. + * call-agent.c (gpgsm_agent_marktrusted): Format the issuer name. 2009-03-25 Werner Koch <[email protected]> diff --git a/sm/gpgsm.c b/sm/gpgsm.c index f49b742c2..8a2a1c0b9 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -843,8 +843,8 @@ main ( int argc, char **argv) int use_random_seed = 1; int no_common_certs_import = 0; int with_fpr = 0; - char *def_digest_string = NULL; - char *extra_digest_algo = NULL; + const char *forced_digest_algo = NULL; + const char *extra_digest_algo = NULL; enum cmd_and_opt_values cmd = 0; struct server_control_s ctrl; certlist_t recplist = NULL; @@ -1301,7 +1301,7 @@ main ( int argc, char **argv) break; case oDigestAlgo: - /* Dummy for now. */ + forced_digest_algo = pargs.r.ret_str; break; case oExtraDigestAlgo: @@ -1460,12 +1460,10 @@ main ( int argc, char **argv) || !gcry_cipher_mode_from_oid (opt.def_cipher_algoid)) log_error (_("selected cipher algorithm is invalid\n")); - if (def_digest_string) + if (forced_digest_algo) { - opt.def_digest_algo = gcry_md_map_name (def_digest_string); - xfree (def_digest_string); - def_digest_string = NULL; - if (our_md_test_algo(opt.def_digest_algo) ) + opt.forced_digest_algo = gcry_md_map_name (forced_digest_algo); + if (our_md_test_algo(opt.forced_digest_algo) ) log_error (_("selected digest algorithm is invalid\n")); } if (extra_digest_algo) diff --git a/sm/gpgsm.h b/sm/gpgsm.h index e9327d217..781561a71 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -33,7 +33,7 @@ #include "../common/estream.h" #include "../common/audit.h" -#define MAX_DIGEST_LEN 24 +#define MAX_DIGEST_LEN 64 struct keyserver_spec { @@ -92,9 +92,10 @@ struct const char *def_cipher_algoid; /* cipher algorithm to use if nothing else is specified */ - int def_digest_algo; /* Ditto for hash algorithm */ int def_compress_algo; /* Ditto for compress algorithm */ + int forced_digest_algo; /* User forced hash algorithm. */ + char *def_recipient; /* userID of the default recipient */ int def_recipient_self; /* The default recipient is the default key */ @@ -399,11 +399,22 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, /* Figure out the hash algorithm to use. We do not want to use the one for the certificate but if possible an OID for the plain algorithm. */ + if (opt.forced_digest_algo && opt.verbose) + log_info ("user requested hash algorithm %d\n", opt.forced_digest_algo); for (i=0, cl=signerlist; cl; cl = cl->next, i++) { const char *oid = ksba_cert_get_digest_algo (cl->cert); - cl->hash_algo = oid ? gcry_md_map_name (oid) : 0; + if (opt.forced_digest_algo) + { + oid = NULL; + cl->hash_algo = opt.forced_digest_algo; + } + else + { + oid = ksba_cert_get_digest_algo (cl->cert); + cl->hash_algo = oid ? gcry_md_map_name (oid) : 0; + } switch (cl->hash_algo) { case GCRY_MD_SHA1: oid = "1.3.14.3.2.26"; break; @@ -427,6 +438,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, } cl->hash_algo_oid = oid; } + if (opt.verbose) { for (i=0, cl=signerlist; cl; cl = cl->next, i++) |