[PATCH] Use preferred hashing algorithm when updating signature packets

Christian Aistleitner christian at quelltextlich.at
Sat Jan 28 22:46:47 CET 2012


Hello,

when updating a signature packet, GnuPG reuses the hashing algorithm of the
original signature packet.
Hence, if the preferred hashing algorithm changed since the first
signature, the updated signature does not use the currently preferred
hashing algorithm.

Kind regards,
Christian

---
 g10/sign.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/g10/sign.c b/g10/sign.c
index 4cc813c..b7b4c49 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1584,7 +1584,7 @@ update_keysig_packet( PKT_signature **ret_sig,
 	|| (orig_sig->sig_class == 0x18 && !subpk))
       return G10ERR_GENERAL;
 
-    if ( gcry_md_open (&md, orig_sig->digest_algo, 0 ) )
+    if ( gcry_md_open (&md, hash_for( pksk ), 0 ) )
       BUG ();
 
     /* Hash the public key certificate and the user id. */
-- 
1.7.8.3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: </pipermail/attachments/20120128/2e0d6839/attachment.pgp>


More information about the Gnupg-devel mailing list