X-Pgp-Sig- and RSA-problems
Mon Mar 17 15:33:02 2003
I'm using GPG 1.2.1-1 on Windows with the IDEA-DLL, both the original
compilation with signature from Werner Koch (0x57548DCD and 0x621CC013).
I'm trying to do X-Pgp-Sig-signatures. I have the program XPgpSig from
Juergen Haible  which converts normal signatures in the body (BEGIN
PGP SIGNED MESSAGE ... END PGP SIGNED MESSAGE) to a X-Pgp-Sig-signature.
But when I sign with GnuPG, the first line after the BEGIN-line is
always like the following:
Hash: SHA1 (or another hash-algorithm)
This line confuses the program. Is it really necessary? If so, where has
it to be in the final posting with the X-Pgp-Sig? If not, how can I
My second problem is, that I cannot sign only with a RSA-v3 key. I have
one DSA-key (0xD145039A) and two RSA-v3-keys (0xC42F699F and 0x8B388BB5).
The DSA-key is first in my keyring. When I do
| gpg -u 0xC42F699F --sign test.txt
| gpg -u 0x8B388BB5 --sign test.txt
the resulting file test.gpg always contains one signature from the
chosen RSA-key and one signature from the DSA-key.
When there is a problem with the DSA-signature (e.g. I don't give the
mantra for the DSA-key or I put 'digest-algo MD5' in my gpg.conf, which
doesn't work with DSA), there is no signature at all.
In my gpg.conf there is the entry:
| default-key 0xC42F699F (my first RSA-key)
When I use GPGshell 2.65 to sign the content of the clipboard, it is
even worse. No matter what key I choose in GPGshell, the result is
always a signature with my DSA-key. But I think this is a problem in
GPGshell. Where can I report it?