Your message dated Wed, 13 Jul 2005 21:33:32 +0200
with message-id <[EMAIL PROTECTED]>
and subject line SHA256 not selectable
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 6 Jul 2004 19:06:41 +0000
>From [EMAIL PROTECTED] Tue Jul 06 12:06:41 2004
Return-path: <[EMAIL PROTECTED]>
Received: from parcelfarce.linux.theplanet.co.uk (www.linux.org.uk)
[195.92.249.252] (93)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BhvH7-00068f-00; Tue, 06 Jul 2004 12:06:41 -0700
Received: from willy by www.linux.org.uk with local (Exim 4.33)
id 1BhvH5-0005xG-C1
for [EMAIL PROTECTED]; Tue, 06 Jul 2004 20:06:39 +0100
Date: Tue, 6 Jul 2004 20:06:39 +0100
From: Matthew Wilcox <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: SHA256 not selectable
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.1i
Sender: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=HAS_PACKAGE autolearn=no
version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: gnupg
Version: 1.2.4-4
This is inconsistent:
$ gpg --print-mds ChangeLog
ChangeLog: MD5 = 90 DC 67 4B BF 4F C0 D1 BB C1 91 FD DA 64 76 6B
ChangeLog: SHA1 = 5A88 E04B EAF7 1EF2 B4B3 9C2D 9BDC C528 307C B811
ChangeLog: RMD160 = F0DF 58BE ABB0 C8CB D41F 60D1 6D37 7ABC 044D B80D
ChangeLog: SHA256 = 9C984170 BC2FF074 26444BD8 138EAFC9 BABA619C 8FE2B9F0
E9FBE0A7 1B114548
$ gpg --print-md sha256 ChangeLog
gpg: digest algorithm `sha256' is read-only in this release
gpg: invalid hash algorithm `sha256'
This inconsistency can be explained by looking at g10/g10.c:print_mds:
md_enable( md, DIGEST_ALGO_RMD160 );
if( !check_digest_algo(DIGEST_ALGO_TIGER) )
md_enable( md, DIGEST_ALGO_TIGER );
md_enable( md, DIGEST_ALGO_SHA256 );
if( !check_digest_algo(DIGEST_ALGO_SHA384) )
md_enable( md, DIGEST_ALGO_SHA384 );
if( !check_digest_algo(DIGEST_ALGO_SHA512) )
md_enable( md, DIGEST_ALGO_SHA512 );
The call to md_enable(md, DIGEST_ALGO_SHA256) isn't protected by a call
to check_digest_algo() unlike the others. However, if you specify it directly
(also in g10/g10.c):
int algo = all_algos? 0 : string_to_digest_algo(*argv);
if( !algo && !all_algos )
log_error(_("invalid hash algorithm `%s'\n"), *argv );
we do call check_digest_algo(). So either we should be checking it
in print_mds, or we shouldn't be failing it in check_digest_algo().
I set out to patch check_digest_algo() and was put off by:
/* Hi there. I see you changing that code so you can use the new
SHA hashes. Before you do it, please think about it. There
are no official releases of any OpenPGP programs that generate
these hashes, and we're trying to get a code base that can
understand the hashes before we release one that generates
them. - dshaw */
if(!ascii_strcasecmp("sha256",string)
|| !ascii_strcasecmp("sha384",string)
|| !ascii_strcasecmp("sha512",string))
{
log_info(_("digest algorithm `%s' is read-only in this release\n"),
which is, I assume, the intent ;-)
Clearly this has already been thought about, but the current solution is
inconsistent. Thoughts?
--
"Next the statesmen will invent cheap lies, putting the blame upon
the nation that is attacked, and every man will be glad of those
conscience-soothing falsities, and will diligently study them, and refuse
to examine any refutations of them; and thus he will by and by convince
himself that the war is just, and will thank God for the better sleep
he enjoys after this process of grotesque self-deception." -- Mark Twain
---------------------------------------
Received: (at 257931-done) by bugs.debian.org; 13 Jul 2005 19:57:51 +0000
>From [EMAIL PROTECTED] Wed Jul 13 12:57:51 2005
Return-path: <[EMAIL PROTECTED]>
Received: from warp.os9.nl [145.99.250.222]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DsnMd-00011w-00; Wed, 13 Jul 2005 12:57:51 -0700
Received: from darwin.os9.nl (darwin.os9.nl [145.99.250.219])
by warp.os9.nl (Postfix) with ESMTP id 84ED2E6A9A
for <[EMAIL PROTECTED]>; Wed, 13 Jul 2005 21:57:36 +0200 (CEST)
Received: by darwin.os9.nl (Postfix, from userid 1000)
id E037413923; Wed, 13 Jul 2005 21:57:49 +0200 (CEST)
Subject: Re: SHA256 not selectable
From: Thijs Kinkhorst <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="=-bxC0IhXgfWAcg7zsLU5I"
Organization: Squirrelmail Development Team
Date: Wed, 13 Jul 2005 21:33:32 +0200
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
X-Mailer: Evolution 2.2.2
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--=-bxC0IhXgfWAcg7zsLU5I
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
David Shaw <[EMAIL PROTECTED]> writes:
> SHA256 is not a GnuPG 1.2.x feature - it's a GnuPG 1.4 feature. It
> only exists in 1.2.x to smooth the way to 1.4. It's not intended for
> use in 1.2.x. To be sure, some people patch around that, but beyond
> asking them not to, there isn't much I can do about that.
>=20
> > What I find interesting is the contrast between code that follows this =
bit,
> > a "return 0", and the following piece which handles an experimental mes=
sage
> > digest, tiger192. The tiger192 bit outputs a message as well ("WARNING:
> > digest `%s' is not part of OpenPGP. Use at your own risk!"), but unlike=
the
> > previous code does not "return 0", but simply continues.
>=20
> TIGER192 is a different issue. GnuPG 1.2.x supported TIGER192 up
> until the point where it was removed from the OpenPGP standard.
> SHA256 is a case of not adding a feature and asking people not to add
> it themselves, and TIGER192 is a case of an existing feature that will
> be removed in 1.4.
Since this problem is specific for 1.2.x, this bug can be closed.
Thijs
--=-bxC0IhXgfWAcg7zsLU5I
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQBC1WyMJdKMxZV9WM8RArtFAJ9SX+aFmCmY8I/D2spkCkRNtKo4zwCfYV6i
vpjNIZNxaPpbr0UmnWUBL4c=
=wD+1
-----END PGP SIGNATURE-----
--=-bxC0IhXgfWAcg7zsLU5I--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
