Stanislav Sidorenko writes:
> I've made a quick&dirty fix that enables using SHA256 instead of RIPEMD160.
> hashalgo == GCRY_MD_SHA256? "--hash=sha256 ": "",
>
Okay. I just fixed that and gnupg 1 will now allow all hash
algorithms. Note that this change is only required if
> Or is this saying >=2.0 OpenPGP cards can generate SHA2 hashes but
> cannot verify them?
Cards do not used to verify signatures. In my case GPG checks a signature
generated by card and fails because signature is invalid.
But it seems I've already found the issue, it is not in gpg-agent, but in
On 05/01/2010 04:52 PM, Stanislav Sidorenko wrote:
> Hi!
>
> I've tried to use SHA256 digest for signing using openpgp V2 smartcard and
> got
> the following error:
>
> gpg: checking created signature failed: bad signature
> gpg: signing failed: bad signature
> gpg: signing failed: bad signatur
I've detected the same problem.
If I disable the gpg-agent and use gnupg v1 instead gnupg is able to connect
to the pcsc daemon and use sha256 (and above) digests. If gnupg uses the agent
every attempt to do sha256 signing (--digest-algo sha256) fails.
So this is most likely an issue of gpg-age
Hi!
I've tried to use SHA256 digest for signing using openpgp V2 smartcard and got
the following error:
gpg: checking created signature failed: bad signature
gpg: signing failed: bad signature
gpg: signing failed: bad signature
It happens only if gpg uses gpg-agent which is configured to use sc
