SHA2 digest, V2 smartcard and gpg-agent problem

Joke de Buhr joke at
Sat May 22 12:54:59 CEST 2010

I've detected the same problem.

If I disable the gpg-agent and use gnupg v1 instead gnupg is able to connect 
to the pcsc daemon and use sha256 (and above) digests. If gnupg uses the agent 
every attempt to do sha256 signing (--digest-algo sha256) fails.

So this is most likely an issue of gpg-agent.

On Saturday 01 May 2010 22:52:15 Stanislav Sidorenko wrote:
> Hi!
> I've tried to use SHA256 digest for signing using openpgp V2 smartcard and
> got the following error:
> gpg: checking created signature failed: bad signature
> gpg: signing failed: bad signature
> gpg: signing failed: bad signature
> It happens only if gpg uses gpg-agent which is configured to use scdaemon
> for accesing smartcards.
> If I disable gpg-agent usage (--no-use-agent switch) and enter card PIN
> code in the console then signing with SHA256 work perfectly. In case of
> enabled gpg-agent only SHA1 and RIPEMD160 can be used. It looks like an
> issue in gpg- agent or scdaemon.
> The issue was found on gpg 1.4.10 and gpg-agent 2.0.14.
> Thanks,
> Stanislav
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 706 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20100522/ed3f9429/attachment.pgp>

More information about the Gnupg-users mailing list