diff options
Diffstat (limited to 'g10/pkclist.c')
| -rw-r--r-- | g10/pkclist.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/g10/pkclist.c b/g10/pkclist.c index bfc4f84..82a8d3b 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -1490,9 +1490,17 @@ select_algo_from_prefs(PK_LIST pk_list, int preftype, code will never even be called. Even if the hash wasn't locked at MD5, we don't support sign+encrypt in --pgp2 mode, and that's the only time PREFTYPE_HASH is used - anyway. -dms */ + anyway. -dms - implicit=DIGEST_ALGO_SHA1; + Because "de-vs" compliance does not allow SHA-1 it does + not make sense to assign SHA-1 as implicit algorithm. + Instead it is better to use SHA-256 as implicit algorithm + (which will be the case for rfc4880bis anyway). */ + + if (opt.compliance == CO_DE_VS) + implicit = DIGEST_ALGO_SHA256; + else + implicit = DIGEST_ALGO_SHA1; break; |