Diffusion GnuPG 405f41007c35

dirmngr: Allow for other hash algorithms than SHA-1 in OCSP.
405f41007c35
Actions

Tags

None

Subscribers

None

Description

dirmngr: Allow for other hash algorithms than SHA-1 in OCSP.

* dirmngr/ocsp.c (do_ocsp_request): Remove arg md.  Add args r_sigval,
r_produced_at, and r_md.  Get the hash algo from the signature and
create the context here.
(check_signature): Allow any hash algo.  Print a diagnostic if the
signature does not verify.

GnuPG-bug-id: T3966
Signed-off-by: Werner Koch <wk@gnupg.org>

Details

Provenance

Authored on May 28 2019, 12:27 PM

Parents

rG4699e294cc9e: dirmngr: Improve finding OCSP cert.

Branches

Unknown

Tags

Unknown

Tasks

T3966: Dirmngr: no suitable certificate found to verify the OCSP response

Event Timeline

• werner added a task: T3966: Dirmngr: no suitable certificate found to verify the OCSP response.May 28 2019, 12:31 PM

• werner committed rG405f41007c35: dirmngr: Allow for other hash algorithms than SHA-1 in OCSP. (authored by • werner).May 28 2019, 12:27 PM

Changes (1)

Path

Size

dirmngr/

rG405f41007c35

dirmngr/ocsp.c

Loading...