[PATCH] Use preferred hashing algorithm when updating signature packets

Sun Jan 29 11:27:29 CET 2012

Hi David,

on Sat, Jan 28, 2012 at 11:43:19PM -0500, David Shaw wrote:
> [ hash_for() -> opt.cert_digest_algo ]

Of course, you're right. Find the updated patch below.

Kind regards,
Christian

---
 g10/sign.c |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/g10/sign.c b/g10/sign.c
index 4cc813c..2728fda 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1578,13 +1578,19 @@ update_keysig_packet( PKT_signature **ret_sig,
     PKT_signature *sig;
     int rc=0;
     gcry_md_hd_t md;
+    int digest_algo;
 
     if ((!orig_sig || !pk || !pksk)
 	|| (orig_sig->sig_class >= 0x10 && orig_sig->sig_class <= 0x13 && !uid)
 	|| (orig_sig->sig_class == 0x18 && !subpk))
       return G10ERR_GENERAL;
 
-    if ( gcry_md_open (&md, orig_sig->digest_algo, 0 ) )
+    if ( opt.cert_digest_algo )
+      digest_algo = opt.cert_digest_algo;
+    else
+      digest_algo = orig_sig->digest_algo;
+
+    if ( gcry_md_open (&md, digest_algo, 0 ) )
       BUG ();
 
     /* Hash the public key certificate and the user id. */
-- 
1.7.8.3

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: </pipermail/attachments/20120129/f6691d8a/attachment.pgp>
