Problems with interpolibility between GnuPG and PGP when using
SHA384-SHA512 hashes
David Shaw
dshaw at jabberwocky.com
Thu Jun 17 14:56:17 CEST 2004
On Wed, Jun 16, 2004 at 12:09:59PM -0600, Joe Vender wrote:
> Is there some internal incompatibility between the SHA512 and SHA384
> hashs in GnuPG and the same hashes in the new PGP sdk 3.x of PGP
> 8.x? According to information at
> http://www.pgp.com/products/sdk.html , the new PGP sdk 3.x supports
> the large hash functions including SHA256, SHA384 and
> SHA512. However, when I sign a message in GnuPG 1.2.5rc2 (with
> SHA512 compiled read/write for testing) using SHA512 as the hash,
> PGP returns "BAD Signature" when verifying. Same with SHA384 signed
> GnuPG messages. PGP *DOES* verify signatures correctly when GnuPG
> uses SHA256 as the hash. Any idea what the problem might be?
It's an open question, and one of the reasons (aside from the need for
a compiler that can handle 64-bit math), that the 512 and 384 hashes
are not enabled by default.
The implementation in GnuPG matches all of the SHA test vectors, so I
doubt there is a implementation bug. I suspect that PGP 8 doesn't
allow for these hashes for some reason, but don't know for sure.
David
More information about the Gnupg-devel
mailing list