Hello Laurent ! Laurent Bigonville <l.bigonvi...@edpnet.be> wrote:
>> I've have a OpenGPG smartcard version 2.0 and I would generate digests >> stronger than SHA1. >> >> I've added "personal-digest-preferences SHA256" to my gpg.conf file, >> but when I sign a message the headers still uses SHA1. If I force with >> --digest-algo (which is not recommended according to the doc) to >> SHA256 it works and I'm able to verify the signat ure. >> >> I've opened a bug[1], but I was told that it was not a bug. >> Then could someone enlighten me about the reasons of this? In GPG.conf, you may put *your* preferences that will be confronted to those in the receipient key. I suppose the receipient you are encrypting to, doesn't support higher schemes. This is an opinion. I've this in my gpg.conf but don't forget you need to save your key after new settings and upload it to servers: default-preference-list S7 S11 S12 S13 S1 S10 S3 S4 S2 S9 S8 H3 H8 H9 H10 H11 H2 H1 Z1 Z2 Z3 Z0 personal-cipher-preferences S7 S11 S12 S13 S1 S10 S3 S4 S2 S9 S8 personal-digest-preferences H3 H8 H9 H10 H11 H2 H1 personal-compress-preferences Z1 Z2 Z3 Z0 To set the preferences, this can help (use H8 for SHA256): ?????????????????????????????????????????????????????????? ? Cipher-Algos: ? Digest-Algos: ? Compress-Algos: ? ?????????????????????????????????????????????????????????? ? ? ? Z0 Uncompressed ? ? S1 IDEA ? H1 MD5 ? Z1 ZIP ? ? S2 3DES ? H2 SHA1 ? Z2 ZLIB ? ? S3 CAST5 ? H3 RIPEMD160 ? Z3 BZIP2 ? ? S4 BLOWFISH ? ? ? ? ? ? ? ? ? ? ? ? S7 AES ? ? ? ? S8 AES192 ? H8 SHA256 ? ? ? S9 AES256 ? H9 SHA384 ? ? ? S10 TWOFISH ? H10 SHA512 ? ? ? S11 CAMELLIA128 ? H11 SHA224 ? ? ? S12 CAMELLIA192 ? ? ? ? S13 CAMELLIA256 ? ? ? ?????????????????????????????????????????????????????????? -- Laurent Jumet KeyID: 0xCFAF704C _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users