gpg-agent 2.0.30 not able to create SHA-2 signatures with scute
Closed, WontfixPublic

Description

Unfortunately the commit

https://git.gnupg.org/cgi-bin/gitweb.cgi?
p=gnupg.git;a=commitdiff;h=1c09def22d97de3738a2bec4970504bfc155680b

got not backported to the stable 2.0 branch, see

https://lists.gnupg.org/pipermail/gnupg-devel/2014-September/028759.html

for details.

My symptom is like follows:


$ gpg-connect-agent

SIGKEY 44A7BBB8FD7AEBB001E0DA06A0A892EFC341C71E

OK

SETHASH 8 79E12A66EFAAD785A443BB9787C8EF8A87F0DF4AA9669C452FCEBC67D323C42B

OK

PKSIGN

ERR 100663351 Invalid value <SCD>


Please backport the SHA-2 fix to gnupg-2.0 now that SHA-1 is deprecated for 6 years.

TIA, Wolfgang
wglas85 set External Link to https://lists.gnupg.org/pipermail/gnupg-devel/2014-September/028759.html.
wglas85 set Version to 2.0.30.
wglas85 added a subscriber: wglas85.
werner added a subscriber: werner.Mar 22 2017, 12:28 PM

Given that 2.0 will reach EOL in 9 months I don't think it is worth to backport
and test that patch.

werner lowered the priority of this task from Unbreak Now! to Normal.Mar 22 2017, 12:28 PM
werner renamed this task from gpg-agent 2.0.30 not able to create SHA-2 signatures to gpg-agent 2.0.30 not able to create SHA-2 signatures with scute.
werner added projects: scd, gnupg (gpg20), Won't Fix.

Hello Werner,

The problem is, that some projects liek gpgtools for MacOS are reluctantly sticking to
gnupg-2.0 :-/

So, I'd love to have this patch committed in order to ease the transition phase from

2.0 to 2.1 for them.

Regards, Wolfgang
marcus closed this task as Wontfix.Jul 17 2017, 5:42 PM
marcus claimed this task.
marcus added a subscriber: marcus.

gpgtools will have to update.