Set key signature algo from SHA512 to SHA256

author: Dominik Schürmann <dominik@dominikschuermann.de> 2015-03-04 20:47:37 +0100
committer: Dominik Schürmann <dominik@dominikschuermann.de> 2015-03-04 20:47:37 +0100
commit: e312b0e675fcd81b19b95453f04b55aee927b1f3 (patch)
tree: aa6263577b8f8ada7e0b7d21edbf55a489977ace /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
parent: 484a9371b7915f5c6c3dd2088cc5ff48642f4bc0 (diff)
download: open-keychain-e312b0e675fcd81b19b95453f04b55aee927b1f3.tar.gz
open-keychain-e312b0e675fcd81b19b95453f04b55aee927b1f3.tar.bz2
open-keychain-e312b0e675fcd81b19b95453f04b55aee927b1f3.zip
1 files changed, 10 insertions, 9 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
index 1a251eb79..da0394573 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
@@ -100,8 +100,8 @@ public class PgpKeyOperation {
     private static final int[] PREFERRED_HASH_ALGORITHMS = new int[]{
             HashAlgorithmTags.SHA512,
             HashAlgorithmTags.SHA384,
-            HashAlgorithmTags.SHA224,
             HashAlgorithmTags.SHA256,
+            HashAlgorithmTags.SHA224,
             HashAlgorithmTags.RIPEMD160
     };
     private static final int[] PREFERRED_COMPRESSION_ALGORITHMS = new int[]{
@@ -131,6 +131,7 @@ public class PgpKeyOperation {
     private static final int SECRET_KEY_ENCRYPTOR_S2K_COUNT = 0x90;
     private static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA256;
     private static final int SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO = SymmetricKeyAlgorithmTags.AES_256;
+    private static final int SECRET_KEY_SIGNATURE_HASH_ALGO = HashAlgorithmTags.SHA256;
 
     public PgpKeyOperation(Progressable progress) {
         super();
@@ -1025,7 +1026,7 @@ public class PgpKeyOperation {
 
                 // add packet with EMPTY notation data (updates old one, but will be stripped later)
                 PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
-                        masterPrivateKey.getPublicKeyPacket().getAlgorithm(), HashAlgorithmTags.SHA512)
+                        masterPrivateKey.getPublicKeyPacket().getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
                         .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
                 PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
                 { // set subpackets
@@ -1051,7 +1052,7 @@ public class PgpKeyOperation {
 
             // add packet with "pin" notation data
             PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
-                    masterPrivateKey.getPublicKeyPacket().getAlgorithm(), HashAlgorithmTags.SHA512)
+                    masterPrivateKey.getPublicKeyPacket().getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
                     .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
             PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
             { // set subpackets
@@ -1236,7 +1237,7 @@ public class PgpKeyOperation {
             int flags, long expiry)
             throws IOException, PGPException, SignatureException {
         PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
-                masterPrivateKey.getPublicKeyPacket().getAlgorithm(), HashAlgorithmTags.SHA512)
+                masterPrivateKey.getPublicKeyPacket().getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
                 .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
         PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
 
@@ -1279,7 +1280,7 @@ public class PgpKeyOperation {
             PGPUserAttributeSubpacketVector vector)
                 throws IOException, PGPException, SignatureException {
         PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
-                masterPrivateKey.getPublicKeyPacket().getAlgorithm(), HashAlgorithmTags.SHA512)
+                masterPrivateKey.getPublicKeyPacket().getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
                 .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
         PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
 
@@ -1298,7 +1299,7 @@ public class PgpKeyOperation {
             PGPPrivateKey masterPrivateKey, PGPPublicKey pKey, String userId)
         throws IOException, PGPException, SignatureException {
         PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
-                masterPrivateKey.getPublicKeyPacket().getAlgorithm(), HashAlgorithmTags.SHA512)
+                masterPrivateKey.getPublicKeyPacket().getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
                 .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
         PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
         PGPSignatureSubpacketGenerator subHashedPacketsGen = new PGPSignatureSubpacketGenerator();
@@ -1312,7 +1313,7 @@ public class PgpKeyOperation {
             PGPPublicKey masterPublicKey, PGPPrivateKey masterPrivateKey, PGPPublicKey pKey)
             throws IOException, PGPException, SignatureException {
         PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
-                masterPublicKey.getAlgorithm(), HashAlgorithmTags.SHA512)
+                masterPublicKey.getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
                 .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
         PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
         PGPSignatureSubpacketGenerator subHashedPacketsGen = new PGPSignatureSubpacketGenerator();
@@ -1356,7 +1357,7 @@ public class PgpKeyOperation {
             PGPSignatureSubpacketGenerator subHashedPacketsGen = new PGPSignatureSubpacketGenerator();
             subHashedPacketsGen.setSignatureCreationTime(false, creationTime);
             PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
-                    pKey.getAlgorithm(), HashAlgorithmTags.SHA512)
+                    pKey.getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
                     .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
             PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
             sGen.init(PGPSignature.PRIMARYKEY_BINDING, subPrivateKey);
@@ -1377,7 +1378,7 @@ public class PgpKeyOperation {
         }
 
         PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
-                masterPublicKey.getAlgorithm(), HashAlgorithmTags.SHA512)
+                masterPublicKey.getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
                 .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
         PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
         sGen.init(PGPSignature.SUBKEY_BINDING, masterPrivateKey);
author	Dominik Schürmann <dominik@dominikschuermann.de>	2015-03-04 20:47:37 +0100
committer	Dominik Schürmann <dominik@dominikschuermann.de>	2015-03-04 20:47:37 +0100
commit	e312b0e675fcd81b19b95453f04b55aee927b1f3 (patch)
tree	aa6263577b8f8ada7e0b7d21edbf55a489977ace /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
parent	484a9371b7915f5c6c3dd2088cc5ff48642f4bc0 (diff)
download	open-keychain-e312b0e675fcd81b19b95453f04b55aee927b1f3.tar.gz open-keychain-e312b0e675fcd81b19b95453f04b55aee927b1f3.tar.bz2 open-keychain-e312b0e675fcd81b19b95453f04b55aee927b1f3.zip