SHA-256 with 2048-bit DSA key

Alex (via GPGTools) alex at gpgtools.org
Sun Nov 6 11:10:51 CET 2011


Hi Ryan,

> PGP signature verification in JavaScript


this might be of interest for you: https://github.com/GPGTools/Mobile/wiki/Introduction

Best regards, Alex

On 05.11.2011, at 20:42, Ryan Sears wrote:

> Hi all,
> 
> I'm trying to understand more precisely how PGP works for another
> project I'm working on (PGP signature verification in JavaScript), so
> I've taken to prototyping it with python to make sure that all my math
> works out.
> 
> The problem is, I can't seem to get my u1 to calculate properly, and I
> suspect that it's my method of hashing the message itself. I see that
> the new FIPS 186-3 standard says:
> 
> z = the leftmost min(N, outlen) bits of Hash(M')
> 
> Which leads me to believe that the full 256 bit hash from SHA-256 can be
> used. Am I wrong in making this assumption? I know that the old standard
> forced you to truncate to 160 bits (which would have been the left 20
> bytes, right?). I've even tried truncating the values I get, but to no
> avail :(.
> 
> I know that the PGP standard dictates that you need to convert all LF to
> CRLF, which I've done and verified with a hex editor.
> 
> For some reason though, my hash value doesn't seem to work! Does anyone
> have any ideas as to where I could be making a mistake?
> 
> The signature was created with enigmail, and the keys with GnuPG if it
> helps!
> 
> Thank you!
> Ryan



--
http://gpgtools.org




More information about the Gnupg-devel mailing list