From 9058b14426d159651df10e47a26f81110ed89c02 Mon Sep 17 00:00:00 2001 From: Joe Crayne Date: Wed, 6 May 2020 04:03:59 -0400 Subject: Avoid making SHA1 signatures. --- lib/Transforms.hs | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'lib/Transforms.hs') diff --git a/lib/Transforms.hs b/lib/Transforms.hs index 7e4d288..6250dea 100644 --- a/lib/Transforms.hs +++ b/lib/Transforms.hs @@ -472,7 +472,6 @@ keyFlags0 wkun uidsigs = concat preferredhash = filterOr ispreferedhash subs $ PreferredHashAlgorithmsPacket [ SHA256 - , SHA1 , SHA384 , SHA512 , SHA224 @@ -581,9 +580,7 @@ makeSig doDecrypt top fname subkey_p tags mbsig = do (sigpackets 0x19 hashed0 [IssuerPacket subgrip])) - (if key_algorithm (head parsedkey)==ECDSA - then SHA256 - else SHA1) + SHA256 subgrip let iss = IssuerPacket (show $ fingerprint wk) cons_iss back_sig = iss : map EmbeddedSignaturePacket (signatures_over back_sig) @@ -595,7 +592,7 @@ makeSig doDecrypt top fname subkey_p tags mbsig = do (sigpackets 0x18 hashed0 unhashed0)) - SHA1 + SHA256 grip let newSig = do r <- addOrigin new_sig @@ -628,7 +625,7 @@ makeSig doDecrypt top fname subkey_p tags mbsig = do (SubkeySignature wk (packet subkey_p) [sig'] ) - SHA1 + SHA256 (show $ fingerprint wk) newsig <- addOrigin new_sig return $ fmap (,[]) newsig @@ -698,7 +695,7 @@ performManipulations doDecrypt rt wk manip = do new_sig <- maybeToList new_sig guard (null $ selfsigs) signatures_over new_sig - sigr <- pgpSign (Message [wkun]) sigOver SHA1 (show $ fingerprint wkun) + sigr <- pgpSign (Message [wkun]) sigOver SHA256 (show $ fingerprint wkun) let f ::([SigAndTrust],OriginMap) -> ([SigAndTrust],OriginMap) f x = ( map ( (,Map.empty) . toMappedPacket om) (additional sigr) ++ fst x , om `Map.union` snd x ) -- cgit v1.2.3