[PATCH] Make update_keysig_packet honour cert-digest-algo

J Cruickshanks cruicky at cruicky.co.uk
Sun May 10 17:09:02 CEST 2009


Apologies, I appear to have sent this to the wrong list.

J Cruickshanks wrote:
> Hi there,
> 
> Firstly, I should warn you this is the first set of patches I've
> submitted for any software ever, so please accept my apologies if
> something is out of order. :)
> 
> With all the recent SHA-1 related news, I decided to test gpg to ensure
> that updated self-signatures used the algorithm specified in
> cert-digest-algo. I discovered that gpg takes the digest algorithm from
> the previous self-signature. This patch allows this behaviour to be
> overridden by using the digest specified by cert-digest-algo. I will be
> honest and say that I haven't read the full PGP specification, so this
> might be against it so feedback on this would be welcome.
> 
> I have included 2 patches, one against 1.4.9 for people still using
> 1.4.9 who wish to patch, and a patch against the current SVN. Both
> patches have been tested to the point that they produce valid signatures
> using an RSA key that can be checked with --check-sigs. The patches were
> applied to the current source packages of gnupg and gnupg2 in Ubuntu
> Intrepid.
> 
> I welcome your feedback on these patches.
> 
> Regards
> J Cruickshanks
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel



More information about the Gcrypt-devel mailing list