clearsign failed: Bad signature

Hauke Laging mailinglisten at
Tue Dec 21 16:17:49 CET 2010

Am Dienstag 21 Dezember 2010 13:59:16 schrieb John Ruff:

> >> "Cards with Version < 2.0 sup port RIPEMD-160 and SHA-1 only and may
> >> check it, so other hash algorithms cannot be
> >> used."

> around this and it wasn't the signing that was failing but rather the
> post validation check of the newly made signature.  I could be wrong.

It seems that I have not understood the process of signing correctly. Does the 
smardcard create the hash value? Does not make sense IMHO. Or is this about 
the length of the value to be signed?

And I have no idea how tha smartcard could be involved in checking a signature 
as you don't need the secret key for that.

PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20101221/edc488db/attachment.pgp>

More information about the Gnupg-users mailing list