--digest-algo ignored on gnupg-1.4.9?
Robert J. Hansen
rjh at sixdemonbag.org
Wed Jan 5 20:01:10 CET 2011
On 01/05/2011 01:37 PM, freejack at is-not-my.name wrote:
> Hi, it appears --digest-algo is ignored for symmetric encryption using gpg
Using --digest-algo is pretty dangerous. It's easy to create messages
your recipients can't parse. --personal-digest-preferences is what you
want to use instead.
Anyway, I can't recreate this bug:
[rjh at localhost]$ gpg --list-packets test.asc
:symkey enc packet: version 4, cipher 2, s2k 3, hash 2
salt 6cbb4c1e2c0fbae1, count 65536 (96)
gpg: 3DES encrypted data
:encrypted data packet:
gpg: encrypted with 1 passphrase
:compressed packet: algo=1
:literal data packet:
mode b (62), created 1294253512, name="test.txt",
raw data: 2385 bytes
gpg: WARNING: message was not integrity protected
SHA-1 is used in the symmetric packet, as is expected. See RFC4880,
section 5.13: "Symmetrically Encrypted Integrity Protected Data Packet":
SHA-1 is the only option for digest algorithms for this particular packet.
--digest-algo will let you determine which algorithm to use, whenever
there is a choice of which algorithm to use. There is no choice here.
More information about the Gnupg-users