SHA2 digest, V2 smartcard and gpg-agent problems

Stanislav Sidorenko stanislav at sidorenko.biz
Sat May 1 22:30:53 CEST 2010


Hi!

I've tried to use SHA256 digest for signing using openpgp V2 smartcard and got 
the following error:

gpg: checking created signature failed: bad signature
gpg: signing failed: bad signature
gpg: signing failed: bad signature

It happens only if gpg uses gpg-agent which is configured to use scdaemon for 
accesing smartcards.

If I disable gpg-agent usage (--no-use-agent switch) and enter card PIN code 
in the console then signing with SHA256 work perfectly. In case of enabled 
gpg-agent only SHA1 and RIPEMD160 can be used. It looks like an issue in gpg-
agent or scdaemon.

The issue was found on gpg 1.4.10 and gpg-agent 2.0.14.

Thanks,

Stanislav



More information about the Gnupg-users mailing list