signature verification in 1.0?

Steve Nunez snunez@tibco.com
Fri, 17 Sep 1999 09:40:17 +0800 (SGT) 

Interesting. As it turns out, it's the --no-options flag which seems
to toggle the insertion of the hash header. Without this flag, no
header line, with it, I get the header. See shell output below if
interested. Is this a bug?

       - SteveN



>>>>> "WK" == Werner Koch <wk@gnupg.org> writes:


    WK> Steve Nunez <snunez@tibco.com> writes:
    >> I'm positive I didn't edit the file. In fact, I just did it
    >> again and there isn't any "Hash: SHA1$" line at all in the
    >> message. See listing below (I had to create a new foo file, I
    >> deleted the last one I gave you). Why would your version of gpg
    >> create this header line, but not mine? I haven't edited the
    >> code at all.

    WK> Strange.  Please try again with

    WK>   gpg --no-options --openpgp --clearsign

    WK> and then without --openpgp

tibdev45% gpg --no-options --openpgp --clearsign foo
gpg: Warning: using insecure memory!

You need a passphrase to unlock the secret key for
user: "Steven Nunez (Tibco email account) <snunez@tibco.com>"
1024-bit DSA key, ID A901627E, created 1999-09-14

File `foo.asc' exists. Overwrite (y/N)? y
tibdev45% less foo.asc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


This is a test of gpg signing.$

        - SteveN

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (SunOS)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjfhmjgACgkQ9yAwPKkBYn4hsACgqGznb1T8iJs02BKtlxRD10Qa
NjgAoLbMY8ay1UR2y8Q/3zTnmCuBrA18
=KKdM
-----END PGP SIGNATURE-----


tibdev45% gpg --verify foo.asc
gpg: Signature made Fri Sep 17 09:32:40 1999 SGT using DSA key ID A901627E
gpg: Good signature from "Steven Nunez (Tibco email account) <snunez@tibco.com>"

tibdev45% gpg --no-options --clearsign foo
gpg: Warning: using insecure memory!

You need a passphrase to unlock the secret key for
user: "Steven Nunez (Tibco email account) <snunez@tibco.com>"
1024-bit DSA key, ID A901627E, created 1999-09-14

File `foo.asc' exists. Overwrite (y/N)? y


tibdev45% !le     
less foo.asc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


This is a test of gpg signing.$

        - SteveN

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (SunOS)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjfhmmkACgkQ9yAwPKkBYn763ACgnNPMHnU+hy/vRIbuvAP3P8JO
818AnR8rDD9A/hBmo/BH/sLh3276kOD4
=tEEw
-----END PGP SIGNATURE-----


tibdev45% gpg --clearsign foo

You need a passphrase to unlock the secret key for
user: "Steven Nunez (Tibco email account) <snunez@tibco.com>"
1024-bit DSA key, ID A901627E, created 1999-09-14

File `foo.asc' exists. Overwrite (y/N)? y


tibdev45% !le     
less foo.asc
-----BEGIN PGP SIGNED MESSAGE-----


This is a test of gpg signing.$

        - SteveN

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (SunOS)
Comment: For info see http://www.gnupg.org

iD8DBQE34ZqE9yAwPKkBYn4RAtFQAJ4pof/Ek4ALRWycscl7coJrc1rLcgCfdKgZ
9PmBhUio0opos3dZCeoRKSM=
=kLcr
-----END PGP SIGNATURE-----