Page MenuHome GnuPG
Create Task
Maniphest T1194

SHA2 digests and GnuPG smartcard v2.0
Closed, ResolvedPublic
Actions

Description

Hi,

I've bought a GnuPG smartcard (v2.0), I've generated new keys and added them to
the card. But when I'm trying to sign something I'm only able to use SHA1 as
digest (I've added personal-digest-preferences SHA256 in gpg.conf).

If I really force it (by using --digest-algo which seems not recommended) I'm
able to sign and verify the signature. The specifications of the cards say that
it support digest up to SHA512 (§.7.2.8.1)

Is this intended or is this a bug?

Details

Version
1.4.10

Related Objects

Event Timeline

bigon set Version to 1.4.10.Feb 14 2010, 12:13 PM
bigon added projects: gnupg, Bug Report.
bigon added a subscriber: bigon.
werner closed this task as Resolved.Feb 17 2010, 9:36 AM
werner claimed this task.
werner added a project: Not A Bug.

That is not a bug. If you are interested in learning more about this, please
search the ML archives or ask on gnupg-users.

werner reopened this task as Open.Feb 25 2010, 9:49 AM
werner added a project: Restricted Project.

D123: 283_bug1194-fix.diff

werner added a comment.Feb 25 2010, 9:49 AM

Sorry, I mixed that up with something else. It is indeed a bug in 1.4.10 but
not in the current 2.0 code. I developed a fixed for this which detects a v1
card and forces sha1/rmd160 only in for these cards.

I'd appreciate if you can test the attached patch.

bigon added a comment.Feb 25 2010, 7:22 PM

The patch seems working

Thank you :)

bigon removed a project: Not A Bug.Feb 25 2010, 7:22 PM
werner closed this task as Resolved.Feb 26 2010, 10:46 AM

Thanks.

werner removed a project: Restricted Project.Feb 26 2010, 10:46 AM