Home GnuPG
Diffusion GnuPG b11f84b858ba

kbx: Switch from MD5 to SHA-1 for the checksum.
b11f84b858baUnpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

kbx: Switch from MD5 to SHA-1 for the checksum.

* kbx/keybox-blob.c (put_membuf): Use a NULL buf to store zero bytes.
(create_blob_finish): Write just the needed space.
(create_blob_finish): Switch to SHA-1.
* kbx/keybox-dump.c (print_checksum): New.
(_keybox_dump_blob): Print the checksum and the verification status.

The checksum was never used in the past. Due to fast SHA-1
computations in modern CPUs we now use SHA-1. Eventually we will
support a First blob flag to enable the use of a secret or public
HMAC-SHA1. The first may be used for authentication of keyblocks and
the latter to mitigate collission attacks on SHA-1. It is not clear
whether this will be useful at all.

Details

Provenance
wernerAuthored on Jan 8 2013, 6:15 PM
Parents
rGbbcdb3d3cefa: kbx: Update blob specification
Branches
Unknown
Tags
Unknown

Event Timeline

Werner Koch <wk@gnupg.org> committed rGb11f84b858ba: kbx: Switch from MD5 to SHA-1 for the checksum. (authored by Werner Koch <wk@gnupg.org>).Jan 8 2013, 9:55 PM

Changes (2)

PathSize
kbx/

rGb11f84b858ba

View Options

kbx/keybox-blob.c

Loading...
View Options

kbx/keybox-dump.c

Loading...