Bug 1276862 - openpgpkey uses wrong hash algorithm
openpgpkey uses wrong hash algorithm
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: hash-slinger (Show other bugs)
23
Unspecified Unspecified
unspecified Severity high
: ---
: ---
Assigned To: Paul Wouters
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-10-31 11:53 EDT by Richard Russon
Modified: 2016-04-28 11:21 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-04-28 11:21:18 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
openpgpkey use sha2-256 (1.15 KB, patch)
2015-10-31 11:53 EDT, Richard Russon
no flags Details | Diff
openpgp use sha2-256 (working patch) (1.16 KB, patch)
2015-10-31 12:57 EDT, Richard Russon
no flags Details | Diff

  None (edit)
Description Richard Russon 2015-10-31 11:53:57 EDT
Created attachment 1088191 [details]
openpgpkey use sha2-256

Description of problem:
openpgpkey uses wrong hash algorithm.
It uses sha2-224 when the (draft) spec suggests sha2-256.
https://tools.ietf.org/html/draft-ietf-dane-openpgpkey-06

Version-Release number of selected component (if applicable):
$ openpgpkey --version
openpgpkey version: 2.6

How reproducible:
Always

Steps to Reproduce:
openpgpkey --create rich@flatcap.org | sed 's/ .*//'

Actual results:
c8725f645765c73f9fafce4647b68c5fa7e538aeeb9369e699e34631._openpgpkey.flatcap.org.

Expected results:
7baa68f2418ba82d2545a780c00d7a8778249bbcdaf7369114534874._openpgpkey.flatcap.org.

Additional info:
patch attached that fixes the problem

echo -n "rich" | sha224sum | cut -b-56
c8725f645765c73f9fafce4647b68c5fa7e538aeeb9369e699e34631

echo -n "rich" | sha256sum | cut -b-56
7baa68f2418ba82d2545a780c00d7a8778249bbcdaf7369114534874
Comment 1 Richard Russon 2015-10-31 12:57 EDT
Created attachment 1088218 [details]
openpgp use sha2-256 (working patch)

My original patch didn't truncate the longer sha2-256 digest.
Comment 2 Richard Russon 2015-11-04 11:38:08 EST
Bug exists in f23, too.
Comment 3 Paul Wouters 2016-04-28 11:21:18 EDT
this was fixed in 2.7

Note You need to log in before you can comment on or make changes to this bug.