X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fshare%2Fkeytrans;h=3e6bdf6ba95ed8560e908e2ade313f03efb3090d;hb=028617f7160596fabfc5f9123a4cc9a6445aaa59;hp=3638eae5fce8d8c5e024208405dc4d974ec5ea68;hpb=e52ac3afa0f25f2dfd3e7dde6e1c7c311636f5f0;p=monkeysphere.git diff --git a/src/share/keytrans b/src/share/keytrans index 3638eae..3e6bdf6 100755 --- a/src/share/keytrans +++ b/src/share/keytrans @@ -54,7 +54,7 @@ use File::Basename; use Crypt::OpenSSL::RSA; use Crypt::OpenSSL::Bignum; use Crypt::OpenSSL::Bignum::CTX; -use Digest::SHA1; +use Digest::SHA; use MIME::Base64; use POSIX; @@ -416,7 +416,7 @@ sub fingerprint { my $rsabody = make_rsa_pub_key_body($key, $key_timestamp); - return Digest::SHA1::sha1(pack('Cn', 0x99, length($rsabody)).$rsabody); + return Digest::SHA::sha1(pack('Cn', 0x99, length($rsabody)).$rsabody); } @@ -446,7 +446,7 @@ sub pem2openpgp { my $sigtype = pack('C', $certtype); # RSA my $pubkey_algo = pack('C', $asym_algos->{rsa}); - # SHA1 + # SHA256 my $hash_algo = pack('C', $digests->{sha256}); # FIXME: i'm worried about generating a bazillion new OpenPGP @@ -581,7 +581,7 @@ sub pem2openpgp { $sig_data_to_be_hashed. $trailer; - my $data_hash = Digest::SHA1::sha1_hex($datatosign); + my $data_hash = Digest::SHA::sha256_hex($datatosign); my $issuer_packet = pack('CCa8', 9, $subpacket_types->{issuer}, $keyid); @@ -627,6 +627,7 @@ sub openpgp2ssh { die "This is not an OpenPGP packet\n"; } if (0x40 & $packettag) { + # this is a new-format packet. $tag = (0x3f & $packettag); my $nextlen = 0; read($instr, $nextlen, 1); @@ -645,6 +646,7 @@ sub openpgp2ssh { # packet length is undefined. } } else { + # this is an old-format packet. my $lentype; $lentype = 0x03 & $packettag; $tag = ( 0x3c & $packettag ) >> 2; @@ -776,7 +778,6 @@ for (basename($0)) { # FIXME: fail if there is no given user ID; or should we default to # hostname_long() from Sys::Hostname::Long ? - if (defined $ENV{PEM2OPENPGP_NEWKEY}) { $rsa = Crypt::OpenSSL::RSA->generate_key($ENV{PEM2OPENPGP_NEWKEY}); } else {