Bug 1276862 - openpgpkey uses wrong hash algorithm
openpgpkey uses wrong hash algorithm
Product: Fedora
Classification: Fedora
Component: hash-slinger (Show other bugs)
Unspecified Unspecified
unspecified Severity high
: ---
: ---
Assigned To: Paul Wouters
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2015-10-31 11:53 EDT by Richard Russon
Modified: 2016-04-28 11:21 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-04-28 11:21:18 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
openpgpkey use sha2-256 (1.15 KB, patch)
2015-10-31 11:53 EDT, Richard Russon
no flags Details | Diff
openpgp use sha2-256 (working patch) (1.16 KB, patch)
2015-10-31 12:57 EDT, Richard Russon
no flags Details | Diff

  None (edit)
Description Richard Russon 2015-10-31 11:53:57 EDT
Created attachment 1088191 [details]
openpgpkey use sha2-256

Description of problem:
openpgpkey uses wrong hash algorithm.
It uses sha2-224 when the (draft) spec suggests sha2-256.

Version-Release number of selected component (if applicable):
$ openpgpkey --version
openpgpkey version: 2.6

How reproducible:

Steps to Reproduce:
openpgpkey --create rich@flatcap.org | sed 's/ .*//'

Actual results:

Expected results:

Additional info:
patch attached that fixes the problem

echo -n "rich" | sha224sum | cut -b-56

echo -n "rich" | sha256sum | cut -b-56
Comment 1 Richard Russon 2015-10-31 12:57 EDT
Created attachment 1088218 [details]
openpgp use sha2-256 (working patch)

My original patch didn't truncate the longer sha2-256 digest.
Comment 2 Richard Russon 2015-11-04 11:38:08 EST
Bug exists in f23, too.
Comment 3 Paul Wouters 2016-04-28 11:21:18 EDT
this was fixed in 2.7

Note You need to log in before you can comment on or make changes to this bug.