[git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.27-7-g2a2da1b
by Werner Koch
cvs at cvs.gnupg.org
Wed Mar 25 10:30:08 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-0 has been updated
via 2a2da1b165f0a3050bca51dea67db9c04b9cb734 (commit)
via bdf439035d123e4751e133ad42982673b0c86b75 (commit)
from 0ed2cfcf054e286b238d4ddbbb3e929482849a47 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2a2da1b165f0a3050bca51dea67db9c04b9cb734
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 25 10:16:37 2015 +0100
doc: Document the changed default algos for gpgsm.
--
diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi
index 078d2ad..b0882b8 100644
--- a/doc/gpgsm.texi
+++ b/doc/gpgsm.texi
@@ -609,7 +609,7 @@ certificates starting with the signer cert. The default is -2.
Use the cipher algorithm with the ASN.1 object identifier @var{oid} for
encryption. For convenience the strings @code{3DES}, @code{AES} and
@code{AES256} may be used instead of their OIDs. The default is
- at code{3DES} (1.2.840.113549.3.7).
+ at code{AES} (2.16.840.1.101.3.4.1.2).
@item --digest-algo @code{name}
Use @code{name} as the message digest algorithm. Usually this
@@ -1127,7 +1127,7 @@ keygrip with a @samp{&}.
Use @var{hash-algo} for this CSR or certificate. The supported hash
algorithms are: @samp{sha1}, @samp{sha256}, @samp{sha384} and
@samp{sha512}; they may also be specified with uppercase letters. The
-default is @samp{sha1}.
+default is @samp{sha256}.
@end table
commit bdf439035d123e4751e133ad42982673b0c86b75
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 25 10:12:11 2015 +0100
sm: Change default algos to SHA256 (CSR) and AES128 (bulk encryption).
* sm/certreqgen.c (create_request): Change default hash algo.
* sm/gpgsm.c (main): Change default bulk cipher algo.
--
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/sm/certreqgen.c b/sm/certreqgen.c
index c3f3165..ab8fbc8 100644
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@@ -611,7 +611,7 @@ create_request (ctrl_t ctrl,
if (err)
return err;
- rc = gcry_md_open (&md, GCRY_MD_SHA1, 0);
+ rc = gcry_md_open (&md, GCRY_MD_SHA256, 0);
if (rc)
{
log_error ("md_open failed: %s\n", gpg_strerror (rc));
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 855de83..ef01a5c 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -931,7 +931,7 @@ main ( int argc, char **argv)
/* Note: If you change this default cipher algorithm , please
remember to update the Gpgconflist entry as well. */
- opt.def_cipher_algoid = "3DES"; /*des-EDE3-CBC*/
+ opt.def_cipher_algoid = "AES";
opt.homedir = default_homedir ();
@@ -1652,7 +1652,7 @@ main ( int argc, char **argv)
#ifndef HAVE_W32_SYSTEM
printf ("prefer-system-dirmngr:%lu:\n", GC_OPT_FLAG_NONE);
#endif
- printf ("cipher-algo:%lu:\"3DES:\n", GC_OPT_FLAG_DEFAULT);
+ printf ("cipher-algo:%lu:\"AES:\n", GC_OPT_FLAG_DEFAULT);
printf ("p12-charset:%lu:\n", GC_OPT_FLAG_DEFAULT);
printf ("default-key:%lu:\n", GC_OPT_FLAG_DEFAULT);
printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_DEFAULT);
-----------------------------------------------------------------------
Summary of changes:
doc/gpgsm.texi | 4 ++--
sm/certreqgen.c | 2 +-
sm/gpgsm.c | 4 ++--
3 files changed, 5 insertions(+), 5 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list