Can't check signature, DSA key 9C973C92 requires a 256 bit or larger hash
Juha Heljoranta
juha.heljoranta at iki.fi
Sat Mar 15 20:53:44 CET 2014
Hi,
I am not able to get the gpg to verify a signature.
Any advice how to fix this?
Or could the key 9C973C92 be invalid/broken?
$ mkdir -m 700 newgnupg
$ echo foo > zinc-0.2.0.jar
$ wget http://repo1.maven.org/maven2/com/typesafe/zinc/zinc/0.2.0/zinc-0.2.0.jar.asc
$ gpg -vvv --homedir newgnupg --version
gpg (GnuPG) 1.4.16
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: newgnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA (S1), 3DES (S2), CAST5 (S3), BLOWFISH (S4), AES (S7),
AES192 (S8), AES256 (S9), TWOFISH (S10), CAMELLIA128 (S11),
CAMELLIA192 (S12), CAMELLIA256 (S13)
Hash: MD5 (H1), SHA1 (H2), RIPEMD160 (H3), SHA256 (H8), SHA384 (H9),
SHA512 (H10), SHA224 (H11)
Compression: Uncompressed (Z0), ZIP (Z1), ZLIB (Z2), BZIP2 (Z3)
$ gpg -vvv \
--homedir newgnupg \
--auto-key-locate keyserver \
--keyserver pgp.mit.edu \
--keyserver-options auto-key-retrieve \
--verify zinc-0.2.0.jar.asc zinc-0.2.0.jar
gpg: using character set `utf-8'
gpg: keyring `newgnupg/pubring.gpg' created
gpg: armor: BEGIN PGP SIGNATURE
gpg: armor header: Version: BCPG v1.46
:signature packet: algo 17, keyid 04918EA99C973C92
version 4, created 1352169028, md5len 0, sigclass 0x00
digest algo 2, begin of digest 6f 81
hashed subpkt 2 len 4 (sig created 2012-11-06)
subpkt 16 len 8 (issuer key ID 04918EA99C973C92)
data: [255 bits]
data: [255 bits]
gpg: Signature made Tue 06 Nov 2012 04:30:28 AM EET using DSA key ID 9C973C92
gpg: requesting key 9C973C92 from hkp server pgp.mit.edu
gpg: armor: BEGIN PGP PUBLIC KEY BLOCK
gpg: armor header: Version: SKS 1.1.4
gpg: armor header: Comment: Hostname: pgp.mit.edu
:public key packet:
version 4, algo 17, created 1330048372, expires 0
pkey[0]: [2048 bits]
pkey[1]: [256 bits]
pkey[2]: [2047 bits]
pkey[3]: [2047 bits]
keyid: 04918EA99C973C92
:user ID packet: "Peter Vlugter <pvlugter at gmail.com>"
:signature packet: algo 17, keyid 04918EA99C973C92
version 4, created 1330048372, md5len 0, sigclass 0x13
digest algo 8, begin of digest 21 9c
hashed subpkt 2 len 4 (sig created 2012-02-24)
hashed subpkt 27 len 1 (key flags: 03)
hashed subpkt 11 len 5 (pref-sym-algos: 9 8 7 3 2)
hashed subpkt 21 len 5 (pref-hash-algos: 8 2 9 10 11)
hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
hashed subpkt 30 len 1 (features: 01)
hashed subpkt 23 len 1 (key server preferences: 80)
subpkt 16 len 8 (issuer key ID 04918EA99C973C92)
data: [255 bits]
data: [255 bits]
:signature packet: algo 1, keyid 7CF8D72BE29DF322
version 4, created 1330052726, md5len 0, sigclass 0x10
digest algo 2, begin of digest 51 b6
hashed subpkt 2 len 4 (sig created 2012-02-24)
subpkt 16 len 8 (issuer key ID 7CF8D72BE29DF322)
data: [2047 bits]
:public sub key packet:
version 4, algo 16, created 1330048372, expires 0
pkey[0]: [2048 bits]
pkey[1]: [3 bits]
pkey[2]: [2047 bits]
keyid: 4E7C8F86CA55236D
:signature packet: algo 17, keyid 04918EA99C973C92
version 4, created 1330048372, md5len 0, sigclass 0x18
digest algo 8, begin of digest 0d ec
hashed subpkt 2 len 4 (sig created 2012-02-24)
hashed subpkt 27 len 1 (key flags: 0C)
subpkt 16 len 8 (issuer key ID 04918EA99C973C92)
data: [254 bits]
data: [254 bits]
gpg: pub 2048D/9C973C92 2012-02-24 Peter Vlugter <pvlugter at gmail.com>
gpg: writing to `newgnupg/pubring.gpg'
gpg: newgnupg/trustdb.gpg: trustdb created
gpg: using PGP trust model
gpg: key 9C973C92: public key "Peter Vlugter <pvlugter at gmail.com>" imported
gpg: 1 keys cached (3 signatures)
gpg: 0 keys processed (0 validity counts cleared)
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
gpg: DSA key 9C973C92 requires a 256 bit or larger hash
gpg: Can't check signature: general error
More information about the Gnupg-users
mailing list