Diffusion GnuPG 5281ecbe3ae8

dirmngr: Allow for other hash algorithms than SHA-1 in OCSP.

Authored by werner on May 28 2019, 12:27 PM.

Description

dirmngr: Allow for other hash algorithms than SHA-1 in OCSP.

* dirmngr/ocsp.c (do_ocsp_request): Remove arg md.  Add args r_sigval,
r_produced_at, and r_md.  Get the hash algo from the signature and
create the context here.
(check_signature): Allow any hash algo.  Print a diagnostic if the
signature does not verify.
  • GnuPG-bug-id: T3966
  • Signed-off-by: Werner Koch <wk@gnupg.org>

Details