gpg: Default to SHA-512 for all signature types on RSA keys.
a446c4db9574Unpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

gpg: Default to SHA-512 for all signature types on RSA keys.

* g10/main.h (DEFAULT_DIGEST_ALGO): Use SHA512 instead of SHA256 in
--gnupg mode (leave strict RFC and PGP modes alone).
* configure.ac: Do not allow disabling sha512.
* g10/misc.c (map_md_openpgp_to_gcry): Always support SHA512.

SHA512 is more performant on most 64-bit platforms than SHA256, and
offers a better security margin. It is also widely implemented.

Gbp-Pq: Topic update-defaults
Gbp-Pq: Name gpg-Default-to-SHA-512-for-all-signature-types-on-RS.patch

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Details

Provenance

dkg	Authored on Sep 8 2017, 12:49 AM

Parents

rGf7c787285335: gpg: default to AES-256.

Branches

Unknown

Tags

Unknown

Event Timeline

dkg committed rGa446c4db9574: gpg: Default to SHA-512 for all signature types on RSA keys. (authored by dkg).Jul 20 2019, 8:16 PM

Changes (3)

Path

Size

configure.ac

g10/

main.h

misc.c

rGa446c4db9574

View Options

configure.ac

View Options

g10/main.h

View Options

gpg: Default to SHA-512 for all signature types on RSA keys.a446c4db9574UnpublishedActions

Unpublished Commit · Learn More

Description

Details

Event Timeline

Changes (3)

rGa446c4db9574

configure.ac

g10/main.h

g10/misc.c

gpg: Default to SHA-512 for all signature types on RSA keys.
a446c4db9574Unpublished
Actions