gpg rejects SHA224 with DSA-2048
Robert J. Hansen
rjh at sixdemonbag.org
Sun Nov 8 03:44:23 CET 2009
Kevin Kammer wrote:
> If I attempt to create a data signature using a 2048-bit DSA signing
> key, and the SHA224 hash algorithm, GnuPG complains as follows:
>
> ~ $ gpg -u A39CE7E5 --digest-algo H11 -b test.txt
Your key is not on the keyserver network, so that will impair our
ability to help you out with this.
It appears that your key is actually 14CA0E78. To tell it to use a
particular subkey, you need to append a "!" to the subkey ID.
Otherwise, I believe GnuPG's behavior is to look at the certificate that
subkey belongs to, and use the largest signing subkey on that
certificate. If you have a 3072-bit signing subkey on 14CA0E78, this
would explain your problem.
Try:
~ $ gpg -u A39CE7E5! --digest-algo H11 -b test.txt
More information about the Gnupg-users
mailing list