On Thu, Apr 4, 2013 at 8:15 PM, Tristan Seligmann
<mithra...@mithrandi.net>wrote:
> In fact, I believe there is no such thing as "signing the whole binary
> blob". When you use something like gpg --sign, what is actually signed with
> a public key signature algorithm is a hash of the content anyway. Thus,
> assuming you use the same hash algorithm as you would have instructed gpg
> to use (I think the default is SHA512 these days), there isn't any real
> difference between signing the content directly, and signing a hash of the
> content.
>
>
While you technically could sign the entire thing, yes, that is how (at
least DSA) works.
DSA, by default, used SHA-1; recent revisions support SHA-2. A few years
ago, GnuPG and several big users including Debian and Apache started
suggesting the move to RSA instead of DSA keys. The algorithms vary a bit
in speed and signature size, but the main reason was to allow newer hash
functions.
That said, I'm pretty sure GPG uses a newer revision of DSA: when I left
the defaults untouched near the end of 2012, it still seemed to prefer
DSA/ElGamal despite the news from a few years ago. IIRC, the first version
of the algorithm only allowed 1024 bit keys, whereas my DSA key is 3072.
Here's how you check what you support and in which preference:
===== SNIPPET FOLLOWS =====
~ ❯ gpg --edit-key E6D6AAAE
gpg (GnuPG) 1.4.13; Copyright (C) 2012 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Secret key is available.
pub 3072D/E6D6AAAE created: 2012-10-14 expires: 2016-10-14 usage: SCA
trust: ultimate validity: ultimate
sub 3072g/7EF5843E created: 2012-10-14 expires: 2016-10-14 usage: E
[ultimate] (1). Laurens Van Houtven <_...@lvh.io>
[ultimate] (2) Laurens Van Houtven <l...@twistedmatrix.com>
[ultimate] (3) Laurens Van Houtven <_...@lvh.cc>
gpg> showpref
[ultimate] (1). Laurens Van Houtven <_...@lvh.io>
Cipher: AES256, AES192, AES, CAST5, 3DES, IDEA
Digest: SHA256, SHA1, SHA384, SHA512, SHA224
Compression: ZLIB, BZIP2, ZIP, Uncompressed
Features: MDC, Keyserver no-modify
[ultimate] (2) Laurens Van Houtven <l...@twistedmatrix.com>
Cipher: AES256, AES192, AES, CAST5, 3DES
Digest: SHA256, SHA1, SHA384, SHA512, SHA224
Compression: ZLIB, BZIP2, ZIP, Uncompressed
Features: MDC, Keyserver no-modify
[ultimate] (3) Laurens Van Houtven <_...@lvh.cc>
Cipher: AES256, AES192, AES, CAST5, 3DES, IDEA
Digest: SHA256, SHA1, SHA384, SHA512, SHA224
Compression: ZLIB, BZIP2, ZIP, Uncompressed
Features: MDC, Keyserver no-modify
gpg>
===== SNIPPET ENDS =====
As you can see, the preferred hash is SHA-256. That's, as far as we know,
perfectly secure right now; IIUC the only reason SHA-512 isn't the default
is backwards compatibility. PGP (the proprietary version) and gpg have both
supported SHA-256 for *years and years* (and SHA-512 for years too, just
not as many of the years ;-))
Assuming your key is recent (but please check with showpref as I
demonstrated above), there isn't a problem with signing shasum files.
cheers
lvh
_______________________________________________
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
