gpg: Change update_keysig_packet to replace SHA-1 by SHA-256.
authorWerner Koch <wk@gnupg.org>
Mon, 13 May 2019 17:01:28 +0000 (19:01 +0200)
committerWerner Koch <wk@gnupg.org>
Mon, 13 May 2019 17:01:28 +0000 (19:01 +0200)
commit484d6ba5896acfa3dcf73d9536bcf5e006579b5f
tree17b3355fb87dada6f1b5ab234329c79646d30e17
parentd07666412d4317460c6f03b3ffd03edf4a715ef7
gpg: Change update_keysig_packet to replace SHA-1 by SHA-256.

* g10/sign.c (update_keysig_packet): Convert digest algo when needed.
--

Several gpg commands try to keep most properties of a key signature
when updating (i.e. creating a new version of a key signature).  This
included the use of the current hash-algorithm.  This patch changes
this so that SHA-1 or RMD160 are replaced by SHA-256 if
possible (i.e. for RSA signatures).  Affected commands are for example
--quick-set-expire and --quick-set-primary-uid.

GnuPG-bug-id: 4508
Signed-off-by: Werner Koch <wk@gnupg.org>
g10/sign.c