Bug 1276862

Summary: openpgpkey uses wrong hash algorithm
Product: [Fedora] Fedora Reporter: Richard Russon <richard.russon>
Component: hash-slingerAssignee: Paul Wouters <pwouters>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 23CC: pwouters
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-04-28 15:21:18 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
openpgpkey use sha2-256
none
openpgp use sha2-256 (working patch) none

Description Richard Russon 2015-10-31 15:53:57 UTC
Created attachment 1088191 [details]
openpgpkey use sha2-256

Description of problem:
openpgpkey uses wrong hash algorithm.
It uses sha2-224 when the (draft) spec suggests sha2-256.
https://tools.ietf.org/html/draft-ietf-dane-openpgpkey-06

Version-Release number of selected component (if applicable):
$ openpgpkey --version
openpgpkey version: 2.6

How reproducible:
Always

Steps to Reproduce:
openpgpkey --create rich | sed 's/ .*//'

Actual results:
c8725f645765c73f9fafce4647b68c5fa7e538aeeb9369e699e34631._openpgpkey.flatcap.org.

Expected results:
7baa68f2418ba82d2545a780c00d7a8778249bbcdaf7369114534874._openpgpkey.flatcap.org.

Additional info:
patch attached that fixes the problem

echo -n "rich" | sha224sum | cut -b-56
c8725f645765c73f9fafce4647b68c5fa7e538aeeb9369e699e34631

echo -n "rich" | sha256sum | cut -b-56
7baa68f2418ba82d2545a780c00d7a8778249bbcdaf7369114534874

Comment 1 Richard Russon 2015-10-31 16:57:28 UTC
Created attachment 1088218 [details]
openpgp use sha2-256 (working patch)

My original patch didn't truncate the longer sha2-256 digest.

Comment 2 Richard Russon 2015-11-04 16:38:08 UTC
Bug exists in f23, too.

Comment 3 Paul Wouters 2016-04-28 15:21:18 UTC
this was fixed in 2.7