How to Determine Digest Algorithm

[Werner Koch]

On Wed, 20 Dec 2006 17:40, patrick at mozilla-enigmail.org said:

>> At the moment, not really, but it's not impossible to add a way to ask
>> GPG the question "if you were going to make a signature, which hash
>> algorithm would you use".
>
> That would be nice for the future, but I think in short term, I'll find
> a way to cache the passphrase for the 2nd call to gpg.

I have implemented the following:

  [GNUPG:] GOOD_PASSPHRASE
  [GNUPG:] BEGIN_SIGNING H2
  [GNUPG:] SIG_CREATED S 1 2 00 1170166837 1DFED28E885CE98C170CEE80907B5D1640619DD0
  -----BEGIN PGP MESSAGE-----
  Version: GnuPG v2.0.2-svn4352 (GNU/Linux)
  
  owGbwMvMwMQ4oTpWzCFx7gXG0/5JDK77Q0xssjOLEu0UMosVEhWKS4vSM5MTcxTK
  E4sUyjNSi1IVKvNLFdLzFdIzy1IVSjJSFdLyi1Iz0/MUSory8wuKFfLyi1MVsvKT
  iu25OuawMDAyMbCxMgGNNWXg4hSA2ZX2g/l/0o+PwTIm03i+HK3L+Pdy9tROgYg9
  pUo/XXu+zTwSFHG9fxJ7KZeqzr40q8lfRSweSqcdfGAZ8P3KgYmO7ScnczLul1WM
  OjBpWtMX0b+XhK5uN2AV/lr1b93/M3OsgosvuG3REzFdaZYilHE3IMlN4fa7Q8ey
  pJy/pVr0hN4P3p76a69eiOgWAA==
  =kybe
  -----END PGP MESSAGE-----

The thing here is that BEGIN_SIGANTURE is emitted before the input is
processed.  This means that it will work with very long files.  This
allows for constructing micalg while still right away.  Note, that
SIG_CREATED will only be emitted after the signature has been created
(i.e. after all input data has been processed) and for each signature
created.
  
I general you will see only one argument, but be prepared that things
like

  [GNUPG:] BEGIN_SIGNING H2 H8

are also possible.  I suggest to take only the first one and ignore
any possible extra hash algorithms (iirc, PGP/MIME does not allow to
specify more than one micalg.


This will be available in 2.0.2 and backported to 1.4


Shalom-Salam,

   Werner