On Tue, Mar 15, 2011 at 09:25:47AM -0500, Derek Martin wrote: > On Tue, Mar 15, 2011 at 07:28:21AM -0600, Aaron Toponce wrote: > > On Mon, Mar 14, 2011 at 05:31:42PM -0500, Derek Martin wrote: > > > If this verifies, I just figured it out. > > > > Still a bad signature here. I wonder if it has anything to do with the > > fact that your signature is 159 bits, and not 160? > > Yeah, I checked, and the signatures from that message and the previous > one looked the same, cryptographically speaking. > > Here's what I see: > > $ gpg --list-packets foo2.txt > :signature packet: algo 17, keyid 1C49C048DFBEAD02 > version 3, created 1300141736, md5len 5, sigclass 01 > digest algo 2, begin of digest c9 92 > data: [159 bits] > data: [160 bits] > > Odd.
Actually, do either of these last two messages (this one, and the one
I'm replying to) verify correctly? I upgraded OpenSSL, and now I see
this:
$ gpg --list-packets foo4.txt
:signature packet: algo 17, keyid 1C49C048DFBEAD02
version 3, created 1300199147, md5len 5, sigclass 01
digest algo 2, begin of digest 57 51
data: [160 bits]
data: [160 bits]
Starting to look like an OpenSSL bug after all..
--
Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address. Replying to it will result in
undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgprC4Qct7Nur.pgp
Description: PGP signature
