From 6b8bdb5f5c01b04c201dde5a40ebb7ff58c4a64d Mon Sep 17 00:00:00 2001
From: Linus Nordberg <linus@nordberg.se>
Date: Fri, 25 Mar 2022 14:37:26 +0100
Subject: change default signing algo to sha256

---
 tools/sigsum-sign-leaf.py   | 2 +-
 tools/sigsum-verify-leaf.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/sigsum-sign-leaf.py b/tools/sigsum-sign-leaf.py
index 5289f46..6cf3398 100755
--- a/tools/sigsum-sign-leaf.py
+++ b/tools/sigsum-sign-leaf.py
@@ -11,7 +11,7 @@ from nacl.signing import VerifyKey, SigningKey
 from nacl.encoding import HexEncoder
 from libsigntools import checksum_stdin, ssh_to_sign
 
-alg = 'sha512'
+alg = 'sha256'
 
 def ssh_blob(vk, sig, namespace):
     vkdata = struct.pack('!I11sI32s',
diff --git a/tools/sigsum-verify-leaf.py b/tools/sigsum-verify-leaf.py
index d8a15fa..6e7d508 100755
--- a/tools/sigsum-verify-leaf.py
+++ b/tools/sigsum-verify-leaf.py
@@ -9,7 +9,7 @@ from nacl.signing import VerifyKey
 from nacl.encoding import HexEncoder
 from libsigntools import checksum_stdin, ssh_to_sign
 
-alg = 'sha512'
+alg = 'sha256'
 
 def main():
     keyfile = sys.argv[1]
-- 
cgit v1.2.3