SHA2 digest, V2 smartcard and gpg-agent problem

Stanislav Sidorenko stanislav at sidorenko.biz
Thu Jul 22 19:25:02 CEST 2010 

> Or is this saying >=2.0 OpenPGP cards can generate SHA2 hashes but
> cannot verify them?
Cards do not used to verify signatures. In my case GPG checks a signature 
generated by card and fails because signature is invalid.

But it seems I've already found the issue, it is not in gpg-agent, but in gpg 
itself.

file cardglue.c, lines 1324-1328:

          init_membuf (&data, 1024);
          snprintf (line, DIM(line)-1, "SCD PKSIGN %s%s",
                    hashalgo == GCRY_MD_RMD160? "--hash=rmd160 ": "",
                    serialno);
          line[DIM(line)-1] = 0;

hashalgo is an int variable that contains hash id. As far as I understood this 
code generates a request to scdaemon and forces using RIPEMD160 if hashalgo == 
GCRY_MD_RMD160 or default hash (SHA1?) if hashalgo equals to any other value. 
I've made a quick&dirty fix that enables using SHA256 instead of RIPEMD160.
                    hashalgo == GCRY_MD_SHA256? "--hash=sha256 ": "",

Using my custom build I've successfully signed a message using SHA256. It is 
not a problem to add all other hashes but I'm not sure about the impact of 
such patch because I've just quickly checked the code :)

--
Stanislav


> On 05/01/2010 04:52 PM, Stanislav Sidorenko wrote:
> > Hi!
> > 
> > I've tried to use SHA256 digest for signing using openpgp V2 smartcard
> > and got the following error:
> > 
> > gpg: checking created signature failed: bad signature
> > gpg: signing failed: bad signature
> > gpg: signing failed: bad signature
> > 
> > It happens only if gpg uses gpg-agent which is configured to use scdaemon
> > for accesing smartcards.
> > 
> > If I disable gpg-agent usage (--no-use-agent switch) and enter card PIN
> > code in the console then signing with SHA256 work perfectly. In case of
> > enabled gpg-agent only SHA1 and RIPEMD160 can be used. It looks like an
> > issue in gpg- agent or scdaemon.
> > 
> > The issue was found on gpg 1.4.10 and gpg-agent 2.0.14.
> > 
> > Thanks,
> > 
> > Stanislav
> > 
> > _______________________________________________
> > Gnupg-users mailing list
> > Gnupg-users at gnupg.org
> > http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 
> Interesting, indeed.  I unfortunately had to change my prefs when I got
> my openpgp v2 card since I was using gpg2 and the agent is required.  So
> is this currently just an issue with gpg-agent?  If I'm reading section
> 7.2.8.1 [Hash Algorithms] in the OpenPGP smart application PDF correctly
> it seems only OpenPGP cards <2.0 are limited to SHA1 & RIPEMD-160.
> 
> "The following hash algorithms are supported by RFC 4880 and can be used
> as input in the DSI. However the card may not check the integrity of a
> DSI. Cards with Version < 2.0 sup­port RIPEMD-160 and SHA-1 only and may
> check it, so other hash algorithms cannot be used."
> 
> Or is this saying >=2.0 OpenPGP cards can generate SHA2 hashes but
> cannot verify them?

More information about the Gnupg-users mailing list