How to Determine Digest Algorithm

Patrick Brunschwig patrick at mozilla-enigmail.org
Tue Jan 30 15:42:02 CET 2007


Werner Koch wrote:
> On Wed, 20 Dec 2006 17:40, patrick at mozilla-enigmail.org said:
> 
>>> At the moment, not really, but it's not impossible to add a way to ask
>>> GPG the question "if you were going to make a signature, which hash
>>> algorithm would you use".
>> That would be nice for the future, but I think in short term, I'll find
>> a way to cache the passphrase for the 2nd call to gpg.
> 
> I have implemented the following:
> 
>   [GNUPG:] GOOD_PASSPHRASE
>   [GNUPG:] BEGIN_SIGNING H2
>   [GNUPG:] SIG_CREATED S 1 2 00 1170166837 1DFED28E885CE98C170CEE80907B5D1640619DD0
> <kira> is a surgical war where you go give the foreign troops nose jobs?

> The thing here is that BEGIN_SIGANTURE is emitted before the input is
> processed.  This means that it will work with very long files.  This
> allows for constructing micalg while still right away.  Note, that
> SIG_CREATED will only be emitted after the signature has been created
> (i.e. after all input data has been processed) and for each signature
> created.
> 
> I general you will see only one argument, but be prepared that things
> like
>
> [GNUPG:] BEGIN_SIGNING H2 H8
>
> are also possible.  I suggest to take only the first one and ignore
> any possible extra hash algorithms (iirc, PGP/MIME does not allow to
> specify more than one micalg.


> This will be available in 2.0.2 and backported to 1.4

> Shalom-Salam,

Great, thanks a lot! This will make it easier and more consistent to
determine the hash algorithm.

-Patrick



More information about the Gnupg-devel mailing list