SHA-256 with 2048-bit DSA key

Alex (via GPGTools) alex at
Sun Nov 6 11:10:51 CET 2011

Hi Ryan,

> PGP signature verification in JavaScript

this might be of interest for you:

Best regards, Alex

On 05.11.2011, at 20:42, Ryan Sears wrote:

> Hi all,
> I'm trying to understand more precisely how PGP works for another
> project I'm working on (PGP signature verification in JavaScript), so
> I've taken to prototyping it with python to make sure that all my math
> works out.
> The problem is, I can't seem to get my u1 to calculate properly, and I
> suspect that it's my method of hashing the message itself. I see that
> the new FIPS 186-3 standard says:
> z = the leftmost min(N, outlen) bits of Hash(M')
> Which leads me to believe that the full 256 bit hash from SHA-256 can be
> used. Am I wrong in making this assumption? I know that the old standard
> forced you to truncate to 160 bits (which would have been the left 20
> bytes, right?). I've even tried truncating the values I get, but to no
> avail :(.
> I know that the PGP standard dictates that you need to convert all LF to
> CRLF, which I've done and verified with a hex editor.
> For some reason though, my hash value doesn't seem to work! Does anyone
> have any ideas as to where I could be making a mistake?
> The signature was created with enigmail, and the keys with GnuPG if it
> helps!
> Thank you!
> Ryan


More information about the Gnupg-devel mailing list