gnupg 1.4.3 uses SHA1 when preferred Digest is SHA2
Jason Wittlin-Cohen
jasonwc at brandeis.edu
Sun Jun 11 22:46:37 CEST 2006
I was playing around with the gnupg command line options and I noticed
that whenever I signed or encrypted and signed a file, GPG would use
SHA1 rather than SHA256, which is the preferred digest for my primary key.
I confirmed that SHA256 was the preferred digest by using "gpg
--edit-key 2228BC8F" and then did "showpref" which outputted the
relevant line:
"Digest: SHA256, SHA384, SHA512, RIPEMD160, SHA1"
Yet, when I encrypt and sign a file with "gpg -esv blah.txt" I see:
"gpg: RSA/SHA1 signature from: "2228BC8F Jason Wittlin-Cohen
<jasonwc at brandeis.edu>"
When I manually specify "gpg -esv --digest-algo SHA256 blah.txt" I see:
"gpg: RSA/SHA256 signature from: "2228BC8F Jason Wittlin-Cohen
<jasonwc at brandeis.edu>"
I can also manually specify SHA384 or SHA512 and Enigmail will use
SHA256,384, or 512 as well, without complaints.
Any idea why GPG isn't using my preferred digest unless I manually
specify it? It does use my preferred cipher (AES-256).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 542 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060611/5ef3739a/signature.pgp
More information about the Gnupg-users
mailing list