From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Wed, 3 Jan 2018 17:34:26 +0000 (-0500)
Subject: gpg: Prefer SHA-512 and SHA-384 in personal-digest-preferences.
X-Git-Tag: archive/raspbian/2.2.10-1+rpi1~1^2~4
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=e9ac5ac21fb36914849f3772d53c95d80cf40304;p=gnupg2.git

gpg: Prefer SHA-512 and SHA-384 in personal-digest-preferences.

* g10/keygen.c (keygen_set_std_prefs): prefer SHA-512
and SHA-384 by default.

--

In 8ede3ae29a39641a2f98ad9a4cf61ea99085a892, upstream changed the
defaults for --default-preference-list to advertise a preference for
SHA-512, without touching --personal-digest-preferences.  This makes
the same change for --personal-digest-preferences, since every modern
OpenPGP library supports them all.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Gbp-Pq: Topic update-defaults
Gbp-Pq: Name gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch
---

diff --git a/g10/keygen.c b/g10/keygen.c
index db5e635..96f451f 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -386,16 +386,16 @@ keygen_set_std_prefs (const char *string,int personal)
             if (personal)
               {
                 /* The default internal hash algo order is:
-                 *  SHA-256, SHA-384, SHA-512, SHA-224, SHA-1.
+                 *  SHA-512, SHA-384, SHA-256, SHA-224, SHA-1.
                  */
-                if (!openpgp_md_test_algo (DIGEST_ALGO_SHA256))
-                  strcat (dummy_string, "H8 ");
+                if (!openpgp_md_test_algo (DIGEST_ALGO_SHA512))
+                  strcat (dummy_string, "H10 ");
 
                 if (!openpgp_md_test_algo (DIGEST_ALGO_SHA384))
                   strcat (dummy_string, "H9 ");
 
-                if (!openpgp_md_test_algo (DIGEST_ALGO_SHA512))
-                  strcat (dummy_string, "H10 ");
+                if (!openpgp_md_test_algo (DIGEST_ALGO_SHA256))
+                  strcat (dummy_string, "H8 ");
               }
             else
               {