genode

ehmry/genode

Fork 0

Commit Graph

Author	SHA1	Message	Date
Emery Hemingway	72cb71c827	Replace SHA1 hashes of port downloads with SHA256 Now SHA256 has been shown to be an adequate replacement for SHA1, use SHA256 for verifying all port downloads. Ref #2767	2018-05-30 13:36:22 +02:00
Josef Söntgen	8dda68a1bd	verify: propagate error on corrupted .sig files In case the signature file is corrupt, e.g. it could not be downloaded successfully, the gnupg code just prints an error message but will not return the error to the user. So we patch the code to return the error and check the value in the calling code.	2018-02-28 11:04:58 +01:00
Norman Feske	5b6bd8459f	Signature checking tool based on GnuPG The new 'verify' component facilitates the code of GnuPG to verify detached OpenPGP signatures against public keys. Since GnuPG depends on libgcrypt and libgpg-error, the patch adds these libraries to the libports repository. Fixes #2640	2018-02-09 13:34:13 +01:00

Author

SHA1

Message

Date

Emery Hemingway

72cb71c827

Replace SHA1 hashes of port downloads with SHA256

Now SHA256 has been shown to be an adequate replacement for SHA1, use
SHA256 for verifying all port downloads.

Ref #2767

2018-05-30 13:36:22 +02:00

Josef Söntgen

8dda68a1bd

verify: propagate error on corrupted .sig files

In case the signature file is corrupt, e.g. it could not be downloaded
successfully, the gnupg code just prints an error message but will not
return the error to the user. So we patch the code to return the error
and check the value in the calling code.

2018-02-28 11:04:58 +01:00

Norman Feske

5b6bd8459f

Signature checking tool based on GnuPG

The new 'verify' component facilitates the code of GnuPG to verify
detached OpenPGP signatures against public keys.

Since GnuPG depends on libgcrypt and libgpg-error, the patch adds these
libraries to the libports repository.

Fixes #2640

2018-02-09 13:34:13 +01:00

3 Commits