clearsign failed: Bad signature
John Ruff
jcruff at gmail.com
Tue Dec 21 13:59:16 CET 2010
On Dec 19, 2010, at 6:16 PM, David Shaw wrote:
> On Dec 17, 2010, at 11:22 AM, Chris Ruff wrote:
>
>> On Sat, 2010-12-11 at 14:57 +0100, Olav Seyfarth wrote:
>>
>>> My key: OpenPGP SmartCard v2 key 0x6AE1EF56 (3072 Bit RSA) Card
>>> 0005 00000222
>>>
>>> Why can't I use SHA256/SHA512 with this card?
>>> | enable-dsa2
>>> is set and showpref lists
>>
>> The documentation for OpenPGP v2 smartcard states that only
>> RIPEMD-160 &
>> SHA-1 are supported as a digest algorithm at this point in time.
>> You'll
>> have to change your digest prefs accordingly to use the card.
>>
>> excert from doc:
>>
>> "Cards with Version < 2.0 sup port RIPEMD-160 and SHA-1 only and may
>> check it, so other hash algorithms cannot be
>> used."
>>
>> Although I assume it should say =<2.0. Feedback from others if
>> this was
>> a typo in teh doc and should be =<2.0?
>
> That is not a typo. The v2 card works just fine with other
> algorithms. If it isn't working for you, then there may be an
> issue, but it is not related to the fact that you are using a v2 card.
>
> David
>
Interesting, but yes, when I attempt to sign with SHA256 I receive
'gpg: signing failed: Bad signature'. I seem to recall a discussion
around this and it wasn't the signing that was failing but rather the
post validation check of the newly made signature. I could be wrong.
___________________
Chris Ruff
jcruff at gmail.com
GPG Key: 0x307A351B4EC4B6A1
FGPR: BF2F 2497 22E7 FEB5 C805
075C 307A 351B 4EC4 B6A1
"No one can see past a choice they don't understand." --The Oracle
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 527 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20101221/c6904adc/attachment.pgp>
More information about the Gnupg-users
mailing list