diff options
Diffstat (limited to '')
| -rw-r--r-- | NEWS | 11 | ||||
| -rw-r--r-- | g10/ChangeLog | 11 | ||||
| -rw-r--r-- | g10/gpg.c | 5 | ||||
| -rw-r--r-- | g10/keygen.c | 47 |
4 files changed, 53 insertions, 21 deletions
@@ -1,14 +1,17 @@ Noteworthy changes in version 2.0.13 ------------------------------------------------- + * GPG now generates 2048 bit RSA keys by default. The default hash + algorithm preferences has changed to prefer SHA-256 over SHA-1. + 2048 bit DSA keys are now generated to use a 256 bit hash algorithm + * The envvars XMODIFIERS, GTK_IM_MODULE and QT_IM_MODULE are now passed to the Pinentry to make SCIM work. - * gpgsm --gen-key implements a --batch mode. - - * gpgsm --gen-key implements all features of gpgsm-gencert.sh. + * The GPGSM command --gen-key features a --batch mode and implements + all features of gpgsm-gencert.sh in standard mode. - * New option --re-import for gpgsm's IMPORT server command. + * New option --re-import for GPGSM's IMPORT server command. * Minor bug fixes. diff --git a/g10/ChangeLog b/g10/ChangeLog index ca1b53dd6..971d4880b 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,14 @@ +2009-07-09 Werner Koch <[email protected]> + + * gpg.c (main): Remove the SHA-1 default from the personal digest + list. This was used in the past as a hack to avoid preferring + RMD-160. + + * keygen.c (keygen_set_std_prefs): Remove RMD-160 from the list. + Change order to SHA-256, SHA-1, SHA-384, SHA-512, SHA-224. + (gen_dsa): Use a 256 bit Q for 2048 bit P. Runt to FIPS allowed + values in non-expert mode. + 2009-07-07 Werner Koch <[email protected]> * gpg.c (set_opt_session_env): New. @@ -3195,11 +3195,6 @@ main (int argc, char **argv) keygen_set_std_prefs(opt.def_preference_list,0)) log_error(_("invalid default preferences\n")); - /* We provide defaults for the personal digest list. This is - SHA-1. */ - if(!pers_digest_list) - pers_digest_list="h2"; - if(pers_cipher_list && keygen_set_std_prefs(pers_cipher_list,PREFTYPE_SYM)) log_error(_("invalid personal cipher preferences\n")); diff --git a/g10/keygen.c b/g10/keygen.c index 3b5bb44b5..17fff28b9 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -1,6 +1,6 @@ /* keygen.c - generate a key pair * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, - * 2006, 2007 Free Software Foundation, Inc. + * 2006, 2007, 2009 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -301,7 +301,7 @@ keygen_set_std_prefs (const char *string,int personal) byte sym[MAX_PREFS], hash[MAX_PREFS], zip[MAX_PREFS]; int nsym=0, nhash=0, nzip=0, val, rc=0; int mdc=1, modify=0; /* mdc defaults on, modify defaults off. */ - char dummy_string[45+1]; /* Enough for 15 items. */ + char dummy_string[20*4+1]; /* Enough for 20 items. */ if (!string || !ascii_strcasecmp (string, "default")) { @@ -345,15 +345,29 @@ keygen_set_std_prefs (const char *string,int personal) if ( !openpgp_cipher_test_algo (CIPHER_ALGO_IDEA) ) strcat(dummy_string,"S1 "); - /* SHA-1 */ - strcat(dummy_string,"H2 "); - if (!openpgp_md_test_algo(DIGEST_ALGO_SHA256)) - strcat(dummy_string,"H8 "); + /* The default hash algo order is: + SHA-256, SHA-1, SHA-384, SHA-512, SHA-224. + Ordering SHA-1 before SHA-384 might be viewed as a bit + strange; it is done because we expect that soon enough + SHA-3 will be available and at that point there should + be no more need for SHA-384 etc. Anyway this order is + just a default and can easily be changed by a config + option. */ + if (!openpgp_md_test_algo (DIGEST_ALGO_SHA256)) + strcat (dummy_string, "H8 "); + + strcat (dummy_string, "H2 "); /* SHA-1 */ + + if (!openpgp_md_test_algo (DIGEST_ALGO_SHA384)) + strcat (dummy_string, "H9 "); + + if (!openpgp_md_test_algo (DIGEST_ALGO_SHA512)) + strcat (dummy_string, "H10 "); + + if (!openpgp_md_test_algo (DIGEST_ALGO_SHA224)) + strcat (dummy_string, "H11 "); - /* RIPEMD160 */ - if (!openpgp_md_test_algo(DIGEST_ALGO_RMD160)) - strcat(dummy_string,"H3 "); /* ZLIB */ strcat(dummy_string,"Z2 "); @@ -507,7 +521,8 @@ keygen_set_std_prefs (const char *string,int personal) /* Return a fake user ID containing the preferences. Caller must free. */ -PKT_user_id *keygen_get_std_prefs(void) +PKT_user_id * +keygen_get_std_prefs(void) { int i,j=0; PKT_user_id *uid=xmalloc_clear(sizeof(PKT_user_id)); @@ -1280,6 +1295,14 @@ gen_dsa (unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, log_info(_("keysize rounded up to %u bits\n"), nbits ); } + /* To comply with FIPS rules we round up to the next value unless in + expert mode. */ + if (!opt.expert && nbits > 1024 && (nbits % 1024)) + { + nbits = ((nbits + 1023) / 1024) * 1024; + log_info(_("keysize rounded up to %u bits\n"), nbits ); + } + /* Figure out a q size based on the key size. FIPS 180-3 says: @@ -1291,11 +1314,11 @@ gen_dsa (unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, 2048/256 is an odd pair since there is also a 2048/224 and 3072/256. Matching sizes is not a very exact science. - We'll do 256 qbits for nbits over 2048, 224 for nbits over 1024 + We'll do 256 qbits for nbits over 2047, 224 for nbits over 1024 but less than 2048, and 160 for 1024 (DSA1). */ - if (nbits > 2048) + if (nbits > 2047) qbits = 256; else if ( nbits > 1024) qbits = 224; |