SHA2 digest on gpg smartcard
David Shaw
dshaw at jabberwocky.com
Wed Feb 24 19:25:17 CET 2010
On Feb 17, 2010, at 12:46 PM, Laurent Bigonville wrote:
> Hi,
>
> I've have a OpenGPG smartcard version 2.0 and I would generate digests
> stronger than SHA1.
>
> I've added "personal-digest-preferences SHA256" to my gpg.conf file,
> but when I sign a message the headers still uses SHA1. If I force with
> --digest-algo (which is not recommended according to the doc) to SHA256
> it works and I'm able to verify the signature.
>
> I've opened a bug[1], but I was told that it was not a bug.
> Then could someone enlighten me about the reasons of this?
I'm looking at this, and it seems the code that selects a hash does not currently differentiate between the V1 card (where only 160-bit hashes were usable) and the V2 card (where other hashes are possible).
David
More information about the Gnupg-users
mailing list