Use other hash than SHA-1

Raimar Sandner mail at 404not-found.de
Sat May 2 14:56:01 CEST 2009


On Saturday 02 May 2009 14:11:46 John W. Moore III wrote:
> Simon Ruderich wrote:
> > I would like to use a different hash than SHA-1. I tried setting
> > personal-digest-preferences SHA256 in my gpg.conf but it didn't
> > work. What hash can I use with my key (default DSA/Elgamel key)
> > and how?
>
> Which version of GnuPG are You using & is it DSA2 compatible?
>
> Try using the gpg.conf entry
>
> digest-algo SHA256

Well, setting digest-algo works, but this will always use SHA256 even if the 
recipient doesn't have this algo in his digest list, and thus could create a 
non-openpgp compliant message.

So setting personal-digest-preferences would be the better choice. But Simon 
is right, this seems to be ignored, even if I set the --recipient to someone 
who has SHA256 in his digest list.

Maybe I have the options still wrong? I tried
gpg --recipient <name> --personal-digest-preferences=SHA256 --sign --encrypt

I'm using gpg 2.0.11.

Raimar
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20090502/03d44754/attachment.pgp>


More information about the Gnupg-users mailing list