v1.4: How to check user ID-binding hash with `gpg --list-packets`?

Nutchanon Wetchasit xwindows at xwindows.in.th
Sat Nov 2 11:52:12 CET 2024 

Hello,

I have few PGP keys I generated years ago with GPG Classic 1.4,
around the time that I changed its `cert-digest-algo` configuration key
from its default value to "SHA512". [1] And now, I would like to use
one of these in actual encrypted correspondences, but I'm not sure which one
was actually generated after the config change. I have also used one of them
for signing certain public document; so I would like to avoid generating
new key as much as possible...

So the question is: how could I verify, from `gpg --list-packets` output,
that the public key file in question uses sufficiently-secure
hash functions (SHA-256/384/512 in case of RSA-based keys)
in its user ID certificate binding signature?

- In case this mattered: one of the keys I would like to check is:
  <https://savannah.gnu.org/people/viewgpg.php?user_id=82809>

  I guess the information I'm looking for is around here
  in the `gpg --list-packets` listing:

  > :signature packet: algo 1, keyid F1D9FE7298C60B03
  >         version 4, created 1619409428, md5len 0, sigclass 0x13
  >         digest algo 2, begin of digest 54 a3

  ^ But does the "digest algo 2" really mean the same thing as
    what's so-called "H2" in the `pref` command output of
    `gpg --edit-key` shell?

As far as I understand, the information I'm looking for is considered
under-the-hood and isn't available directly from interactive
`gpg --edit-key` interface in this GPG version 1.4 at least.
(Please correct me if I'm wrong about this)

Note: I know that the hard way to do this is opening the tome
      of RFC 2440 [2] and try identifying everything from the beginning
      to the point that revealed the information I wanted to know;
      but that method is quite error prone, so I would like to
      know about a specific point to look for, before trying
      to plow my way through.

Regards,
Nutchanon Wetchasit

GnuPG: 1.4.12 (Debian)
System: Debian GNU/Linux 7.0 "Wheezy" i386

-----

[1] As far as I understand, GPG classic uses SHA-1 hash for user ID binding
    signature unless configured otherwise. With SHA-1 being considered dodgy
    for security use, I proceeded to change that setting (and associated
    default cipher/hash preferences), for it to continue to be usable
    with meaningful level of secrecy.

[2] https://www.rfc-editor.org/rfc/rfc2440.html

More information about the Gnupg-users mailing list