[PATCH master] Fix honoring --cert-digest-algo when recreating a cert
Christian Aistleitner
christian at quelltextlich.at
Sun Oct 14 20:30:20 CEST 2012
* g10/sign.c (update_keysig_packet): Override original signature's
digest algo in hashed data and for hash computation.
--
---
g10/sign.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/g10/sign.c b/g10/sign.c
index 6238ce8..b259511 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1589,7 +1589,7 @@ update_keysig_packet( PKT_signature **ret_sig,
else
digest_algo = orig_sig->digest_algo;
- if ( gcry_md_open (&md, orig_sig->digest_algo, 0 ) )
+ if ( gcry_md_open (&md, digest_algo, 0 ) )
BUG ();
/* Hash the public key certificate and the user id. */
@@ -1603,6 +1603,8 @@ update_keysig_packet( PKT_signature **ret_sig,
/* create a new signature packet */
sig = copy_signature (NULL, orig_sig);
+ sig->digest_algo=digest_algo;
+
/* We need to create a new timestamp so that new sig expiration
calculations are done correctly... */
sig->timestamp=make_timestamp();
--
1.7.8.6
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: </pipermail/attachments/20121014/19b0819d/attachment.pgp>
More information about the Gnupg-devel
mailing list