Pedro Monreal Gonzalez
c957356fce
* gpg: The support for composite Kyber+ECC public key algorithms
does now use the final FIPS-203 and LibrePGP specifications. The
experimental keys from 2.5.0 are no longer supported. [T6815]
* gpg: New commands --add-recipients and --change-recipients. [T1825]
* gpg: New option --proc-all-sigs. [T7261]
* gpg: Fix a regression in 2.5.0 in gpgme's tests. [T7195]
* gpg: Make --no-literal work again for -c and --store. [T5852]
* gpg: Improve detection of input data read errors. [T6528]
* gpg: Fix getting key by IPGP record (rfc-4398). [T7288]
* gpgsm: New option --assert-signer. [T7286]
* gpgsm: More improvements to PKCS#12 parsing to cope with latest
IVBB changes. [T7213]
* agent: Fix KEYTOCARD command when used with a loopback pinentry. [T7283]
* gpg-mail-tube: Make sure GNUPGHOME is set in vsd mode. New option
--as-attach. [rG4511997e9e1b]
* Now uses the process spawn API from libgpg-error. [T7192,T7194]
* Removed the --enable-gpg-is-gpg2 configure time option.
[rG2125f228d36c]
* Rebase patches:
- gnupg-add_legacy_FIPS_mode_option.patch
- gnupg-revert-rfc4880bis.patch
- gnupg-nobetasuffix.patch
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=306
19 lines
784 B
Diff
19 lines
784 B
Diff
Index: gnupg-2.3.8/g10/mainproc.c
|
|
===================================================================
|
|
--- gnupg-2.3.8.orig/g10/mainproc.c
|
|
+++ gnupg-2.3.8/g10/mainproc.c
|
|
@@ -1011,7 +1011,12 @@ proc_plaintext( CTX c, PACKET *pkt )
|
|
according to 2440, so hopefully it won't come up that often.
|
|
There is no good way to specify what algorithms to use in
|
|
that case, so these there are the historical answer. */
|
|
- gcry_md_enable (c->mfx.md, DIGEST_ALGO_RMD160);
|
|
+
|
|
+ /* Libgcrypt manual says that gcry_version_check must be called
|
|
+ * before calling gcry_fips_mode_active. */
|
|
+ gcry_check_version (NULL);
|
|
+ if(!gcry_fips_mode_active())
|
|
+ gcry_md_enable(c->mfx.md, DIGEST_ALGO_RMD160);
|
|
gcry_md_enable (c->mfx.md, DIGEST_ALGO_SHA1);
|
|
}
|
|
if (DBG_HASHING)
|