CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
From: "Alistair G. Crooks" <agc%netbsd.org@localhost>
Date: Wed, 19 May 2010 02:50:17 +0000

Module Name:    src
Committed By:   agc
Date:           Wed May 19 02:50:16 UTC 2010

Modified Files:
        src/crypto/external/bsd/netpgp/dist/src/lib: netpgp.c

Log Message:
One more reason not to use DSA keys:

The DSA algorithm seems to require a digest value which is 20 bytes
long, which kind of implies SHA-1.

If we have a DSA signature, use SHA-1 as a hash algorithm, for backwards
compatibility. RSA signatures continue to use SHA256 by default, although
this can be given as an argument, if desired.

This fixes DSA signatures with netpgp:

% netpgp --sign --userid d4a643c5 a
pub 1024/DSA 8222c3ecd4a643c5 2010-05-19 [EXPIRES 2013-05-18]
Key fingerprint: 3e4a 5df4 033b 2333 219b 1afd 8222 c3ec d4a6 43c5
uid              Alistair Crooks (DSA TEST KEY - DO NOT USE) 
<agc%netbsd.org@localhost>
sub 1024/DSA 8222c3ecd4a643c5 2010-05-19 [EXPIRES 2013-05-18]
netpgp passphrase:
% netpgp --verify a.gpg
Good signature for a.gpg made Tue May 18 05:41:25 2010
using DSA key 8222c3ecd4a643c5
pub 1024/DSA 8222c3ecd4a643c5 2010-05-19 [EXPIRES 2013-05-18]
Key fingerprint: 3e4a 5df4 033b 2333 219b 1afd 8222 c3ec d4a6 43c5
uid              Alistair Crooks (DSA TEST KEY - DO NOT USE) 
<agc%netbsd.org@localhost>
sub 1024/DSA 8222c3ecd4a643c5 2010-05-19 [EXPIRES 2013-05-18]
%


To generate a diff of this commit:
cvs rdiff -u -r1.50 -r1.51 \
    src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/share/man/man4
Next by Date: CVS commit: src
Previous by Thread: CVS commit: src/share/man/man4
Next by Thread: CVS commit: src
Indexes:

Home | Main Index | Thread Index | Old Index