Page MenuHome GnuPG

Provide strong v5 fingerprints also for v4 keys
Closed, ResolvedPublic


For certain operations the use of the standard v4 (i.e. SHA-1 based) fingerprints is not sufficient. Thus we need to specifiy and provide SHA-256 based fingerprints also for OpenPGP v4 keys. The way we compute them is indentical to the way fingerprints for v5 keys are computed wit the difference that the 6th hashed octet is 4 (and not 5).

gpg will emit them in "fp2" records (same as gpgsm) does iff the --with-v5-fingerprint option is used. For GPGME a new mode GPGME_KEYLIST_MODE_WITH_V5FPR needs to be used.