OpenPGP card v1 does not support digest algorithm SHA256

David Shaw dshaw at jabberwocky.com
Tue Dec 29 01:42:13 CET 2009


On Dec 28, 2009, at 6:27 PM, Stefan Xenon wrote:

> Hi!
> With GnuPG 1.4.10 I tried to generate a new key on an OpenPGP Card v1
> which results in the following error message:
>
> gpg: generating new key
> gpg: please wait while key is being generated ...
> gpg: key generation completed (24 seconds)
> gpg: card does not support digest algorithm SHA256
> gpg: signing failed: invalid argument
> gpg: make_keysig_packet failed: invalid argument
> Key generation failed: invalid argument
>
> Maybe GnuPG wants to use SHA256 but the card v1 doesn't support it?

The v1 card only supports SHA-1 and RIPEMD/160.

You don't give your full command, but I presume you have something  
like "cert-digest-algo sha256" in your gpg.conf or on the command  
line.  That isn't doable with a v1 card.

David



More information about the Gnupg-devel mailing list