SHA-256 with 2048-bit DSA key

Ryan Sears rdsears at
Sat Nov 5 20:42:12 CET 2011

Hash: SHA256

Hi all,

I'm trying to understand more precisely how PGP works for another
project I'm working on (PGP signature verification in JavaScript), so
I've taken to prototyping it with python to make sure that all my math
works out.

The problem is, I can't seem to get my u1 to calculate properly, and I
suspect that it's my method of hashing the message itself. I see that
the new FIPS 186-3 standard says:

z = the leftmost min(N, outlen) bits of Hash(M')

Which leads me to believe that the full 256 bit hash from SHA-256 can be
used. Am I wrong in making this assumption? I know that the old standard
forced you to truncate to 160 bits (which would have been the left 20
bytes, right?). I've even tried truncating the values I get, but to no
avail :(.

I know that the PGP standard dictates that you need to convert all LF to
CRLF, which I've done and verified with a hex editor.

For some reason though, my hash value doesn't seem to work! Does anyone
have any ideas as to where I could be making a mistake?

The signature was created with enigmail, and the keys with GnuPG if it

Thank you!

Version: GnuPG v1.4.11 (GNU/Linux)


More information about the Gnupg-devel mailing list