GPG 1.4.1 and RIPEMD160 problem
dshaw at jabberwocky.com
Wed Mar 23 18:05:06 CET 2005
On Wed, Mar 23, 2005 at 05:55:56PM +0100, Martin Schoch wrote:
> is there a known problem with the new version GnuPG 1.4.1 with
> hash RIPEMD160?
> I got a message which was signed with RIPEMD160 and got the error
> message from gpg when I wanted to verify the signature:
> gpg: Signature made 03/23/05 13:21:07 using DSA key ID DBE6E678
> gpg: WARNING: signature digest conflict in message
> gpg: Can't check signature: general error
> Or does the sender something wrong with the GnuPG setup?
There are two ways this could happen - one, a clearsigned message that
has a "Hash:" header that doesn't match the actual hash used in the
signature, and two, a onepass signed message that claims to be one
hash, but is actually another.
In short, this is a bad message. What program generated it?
More information about the Gnupg-devel