[PATCH] Make update_keysig_packet honour cert-digest-algo
J Cruickshanks
cruicky at cruicky.co.uk
Sun May 10 17:09:02 CEST 2009
Apologies, I appear to have sent this to the wrong list.
J Cruickshanks wrote:
> Hi there,
>
> Firstly, I should warn you this is the first set of patches I've
> submitted for any software ever, so please accept my apologies if
> something is out of order. :)
>
> With all the recent SHA-1 related news, I decided to test gpg to ensure
> that updated self-signatures used the algorithm specified in
> cert-digest-algo. I discovered that gpg takes the digest algorithm from
> the previous self-signature. This patch allows this behaviour to be
> overridden by using the digest specified by cert-digest-algo. I will be
> honest and say that I haven't read the full PGP specification, so this
> might be against it so feedback on this would be welcome.
>
> I have included 2 patches, one against 1.4.9 for people still using
> 1.4.9 who wish to patch, and a patch against the current SVN. Both
> patches have been tested to the point that they produce valid signatures
> using an RSA key that can be checked with --check-sigs. The patches were
> applied to the current source packages of gnupg and gnupg2 in Ubuntu
> Intrepid.
>
> I welcome your feedback on these patches.
>
> Regards
> J Cruickshanks
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
More information about the Gcrypt-devel
mailing list