diff options
author | Werner Koch <[email protected]> | 2013-01-08 17:15:49 +0000 |
---|---|---|
committer | Werner Koch <[email protected]> | 2013-01-08 20:55:34 +0000 |
commit | b11f84b858bad867f1062977a7aba30299157e90 (patch) | |
tree | a40f5fa26be022241f22aaed901a065607387928 /common/stringhelp.c | |
parent | kbx: Update blob specification (diff) | |
download | gnupg-b11f84b858bad867f1062977a7aba30299157e90.tar.gz gnupg-b11f84b858bad867f1062977a7aba30299157e90.zip |
kbx: Switch from MD5 to SHA-1 for the checksum.
* kbx/keybox-blob.c (put_membuf): Use a NULL buf to store zero bytes.
(create_blob_finish): Write just the needed space.
(create_blob_finish): Switch to SHA-1.
* kbx/keybox-dump.c (print_checksum): New.
(_keybox_dump_blob): Print the checksum and the verification status.
--
The checksum was never used in the past. Due to fast SHA-1
computations in modern CPUs we now use SHA-1. Eventually we will
support a First blob flag to enable the use of a secret or public
HMAC-SHA1. The first may be used for authentication of keyblocks and
the latter to mitigate collission attacks on SHA-1. It is not clear
whether this will be useful at all.
Diffstat (limited to 'common/stringhelp.c')
0 files changed, 0 insertions, 0 deletions