From dc89c4d16b754408f5e24067073ead1e9e231c48 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Tue, 12 May 2009 00:42:37 -0400
Subject: pem2openpgp now makes signatures over SHA256 instead of SHA1, due to
 concerns about the growing weakness of SHA1.

---
 src/share/keytrans | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

(limited to 'src/share/keytrans')

diff --git a/src/share/keytrans b/src/share/keytrans
index f9288fa..516f2da 100755
--- a/src/share/keytrans
+++ b/src/share/keytrans
@@ -426,7 +426,7 @@ sub pem2openpgp {
   my $uid = shift;
   my $args = shift;
 
-  $rsa->use_sha1_hash();
+  $rsa->use_sha256_hash();
 
   # see page 22 of RFC 4880 for why i think this is the right padding
   # choice to use:
@@ -442,7 +442,7 @@ sub pem2openpgp {
   # RSA
   my $pubkey_algo = pack('C', $asym_algos->{rsa});
   # SHA1
-  my $hash_algo = pack('C', $digests->{sha1});
+  my $hash_algo = pack('C', $digests->{sha256});
 
   # FIXME: i'm worried about generating a bazillion new OpenPGP
   # certificates from the same key, which could easily happen if you run
@@ -497,11 +497,14 @@ sub pem2openpgp {
 			    $ciphers->{tripledes}
 			   );
 
-  # prefer SHA-1, SHA-256, RIPE-MD/160
-  my $pref_hash_algos = pack('CCCCC', 4, $subpacket_types->{preferred_digest},
-			     $digests->{sha1},
+  # prefer SHA-512, SHA-384, SHA-256, SHA-224, RIPE-MD/160, SHA-1
+  my $pref_hash_algos = pack('CCCCCCCC', 7, $subpacket_types->{preferred_digest},
+			     $digests->{sha512},
+			     $digests->{sha384},
 			     $digests->{sha256},
-			     $digests->{ripemd160}
+			     $digests->{sha224},
+			     $digests->{ripemd160},
+			     $digests->{sha1}
 			    );
 
   # prefer ZLIB, BZip2, ZIP
-- 
cgit v1.2.3