Can't check signature, DSA key 9C973C92 requires a 256 bit or larger hash
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Mar 17 15:39:58 CET 2014
On 03/15/2014 03:53 PM, Juha Heljoranta wrote:
> I am not able to get the gpg to verify a signature.
>
> Any advice how to fix this?
> Or could the key 9C973C92 be invalid/broken?
>
>
> $ mkdir -m 700 newgnupg
> $ echo foo > zinc-0.2.0.jar
> $ wget http://repo1.maven.org/maven2/com/typesafe/zinc/zinc/0.2.0/zinc-0.2.0.jar.asc
This is a signature ostensibly made by a 2048-bit DSA key, made over an
SHA-1 digest. DSA keys larger than 1024-bits should generally make
signatures over stronger digests than SHA-1.
See section 4.2 of FIPS-186-4
http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf for similar
guidance.
Perhaps the folks who publish zinc need to --enable-dsa2, or to remove
any mistaken "digest-algo sha1" from their signing routines? You could
point them at this thread in the gnupg-users archives if you think it
would be useful.
That said gpg seems to still accept signatures made by even stronger RSA
keys over SHA-1. And it even accepts (with a warning) signatures by
stronger RSA keys over MD5, which is even weaker than SHA1.
So gpg's behavior seems to be non-uniform here. That said, i'd love to
be able to tell gpg to ignore or explicitly reject signatures made by
strong keys with MD5 digests.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140317/0e1f6be7/attachment.sig>
More information about the Gnupg-users
mailing list