diff options
author | Joe Crayne <joe@jerkface.net> | 2020-05-06 04:03:59 -0400 |
---|---|---|
committer | Joe Crayne <joe@jerkface.net> | 2020-05-06 11:52:18 -0400 |
commit | 9058b14426d159651df10e47a26f81110ed89c02 (patch) | |
tree | f4e5ebfb42a1b5bdbab820d8ec00b4292992eaf9 /lib/Transforms.hs | |
parent | 6699e70f9197ea901b9f8ad5ac0818682e335cff (diff) |
Avoid making SHA1 signatures.
Diffstat (limited to 'lib/Transforms.hs')
-rw-r--r-- | lib/Transforms.hs | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/lib/Transforms.hs b/lib/Transforms.hs index 7e4d288..6250dea 100644 --- a/lib/Transforms.hs +++ b/lib/Transforms.hs | |||
@@ -472,7 +472,6 @@ keyFlags0 wkun uidsigs = concat | |||
472 | preferredhash = filterOr ispreferedhash subs $ | 472 | preferredhash = filterOr ispreferedhash subs $ |
473 | PreferredHashAlgorithmsPacket | 473 | PreferredHashAlgorithmsPacket |
474 | [ SHA256 | 474 | [ SHA256 |
475 | , SHA1 | ||
476 | , SHA384 | 475 | , SHA384 |
477 | , SHA512 | 476 | , SHA512 |
478 | , SHA224 | 477 | , SHA224 |
@@ -581,9 +580,7 @@ makeSig doDecrypt top fname subkey_p tags mbsig = do | |||
581 | (sigpackets 0x19 | 580 | (sigpackets 0x19 |
582 | hashed0 | 581 | hashed0 |
583 | [IssuerPacket subgrip])) | 582 | [IssuerPacket subgrip])) |
584 | (if key_algorithm (head parsedkey)==ECDSA | 583 | SHA256 |
585 | then SHA256 | ||
586 | else SHA1) | ||
587 | subgrip | 584 | subgrip |
588 | let iss = IssuerPacket (show $ fingerprint wk) | 585 | let iss = IssuerPacket (show $ fingerprint wk) |
589 | cons_iss back_sig = iss : map EmbeddedSignaturePacket (signatures_over back_sig) | 586 | cons_iss back_sig = iss : map EmbeddedSignaturePacket (signatures_over back_sig) |
@@ -595,7 +592,7 @@ makeSig doDecrypt top fname subkey_p tags mbsig = do | |||
595 | (sigpackets 0x18 | 592 | (sigpackets 0x18 |
596 | hashed0 | 593 | hashed0 |
597 | unhashed0)) | 594 | unhashed0)) |
598 | SHA1 | 595 | SHA256 |
599 | grip | 596 | grip |
600 | let newSig = do | 597 | let newSig = do |
601 | r <- addOrigin new_sig | 598 | r <- addOrigin new_sig |
@@ -628,7 +625,7 @@ makeSig doDecrypt top fname subkey_p tags mbsig = do | |||
628 | (SubkeySignature wk | 625 | (SubkeySignature wk |
629 | (packet subkey_p) | 626 | (packet subkey_p) |
630 | [sig'] ) | 627 | [sig'] ) |
631 | SHA1 | 628 | SHA256 |
632 | (show $ fingerprint wk) | 629 | (show $ fingerprint wk) |
633 | newsig <- addOrigin new_sig | 630 | newsig <- addOrigin new_sig |
634 | return $ fmap (,[]) newsig | 631 | return $ fmap (,[]) newsig |
@@ -698,7 +695,7 @@ performManipulations doDecrypt rt wk manip = do | |||
698 | new_sig <- maybeToList new_sig | 695 | new_sig <- maybeToList new_sig |
699 | guard (null $ selfsigs) | 696 | guard (null $ selfsigs) |
700 | signatures_over new_sig | 697 | signatures_over new_sig |
701 | sigr <- pgpSign (Message [wkun]) sigOver SHA1 (show $ fingerprint wkun) | 698 | sigr <- pgpSign (Message [wkun]) sigOver SHA256 (show $ fingerprint wkun) |
702 | let f ::([SigAndTrust],OriginMap) -> ([SigAndTrust],OriginMap) | 699 | let f ::([SigAndTrust],OriginMap) -> ([SigAndTrust],OriginMap) |
703 | f x = ( map ( (,Map.empty) . toMappedPacket om) (additional sigr) ++ fst x | 700 | f x = ( map ( (,Map.empty) . toMappedPacket om) (additional sigr) ++ fst x |
704 | , om `Map.union` snd x ) | 701 | , om `Map.union` snd x ) |