How do I see what algorithm is used for a signature

Thu Oct 9 14:29:11 CEST 2014

On Thu,  9 Oct 2014 11:42, ben at adversary.org said:

> Except the reference to MD5 indicates the interest is more in which
> hashing algorithm was used on a particular message.  In that case, the

Add --verbose (or -v) to the gpg command line and it will show you that.
For scripting use --status-fd and watch out for a VALIDSIG status line
like

[GNUPG:] VALIDSIG D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 \
         2014-10-03 1412344497 0 4 0 1 8 00                \
         D8692123C4065DEA5E0F3AB5249B39D24F25E3B6

    The args are:

    - <fingerprint_in_hex>
    - <sig_creation_date>
    - <sig-timestamp>
    - <expire-timestamp>
    - <sig-version>
    - <reserved>
    - <pubkey-algo>
    - <hash-algo>
    - <sig-class>
    - [ <primary-key-fpr> ]

We see 8 here which is SHA256.  See doc/DETAILS for the full reference.

Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.