Changing signature algorithms
MindFuq
mindfuq@comcast.net
Thu Oct 17 06:06:02 2002
* David Picón Álvarez <eleuteri@myrealbox.com> [2002-10-16 20:14]:
> > Another problem is that with the --cipher-algo switch, I cannot change
> > the algorithm used to encrypt the hash on my signature. In fact, this
> > switch won't even let me select the default DSA algorithm.
>
> I don't understand what you mean by that. Sorry.
Tell me if I'm wrong- when I sign a message, the first thing that
happens is a hash is created (usually SHA1). Then that SHA1 hash is
encrypted with my private asymmetric key. So not only do I have a
choice of hashes (SHA1, MD5, RipeMD5), but I also have a choice of
asymmetric crptosystems (RSA, DSA, ..).
Using defaults and a default generated key, my signatures are composed
of an SHA1 hash which is encrypted with my private key using the DSA
algorithm. Suppose instead I want my signature to be created by
hashing with SHA1 and encrypting with RSA.
I should be able to do that using this command:
gpg --clearsign --cipher-algo RSA text_msg
but I get an error:
gpg: selected cipher algorithm is invalid
> The --cypher-algo is used to choose the asymmetric algorithm you use when
> you encrypt something to other people.
Or if I'm encrypting to myself. I just tried to encrypt a message to
myself, using my public key; and when I use the --cipher-algo switch
as follows:
gpg -ea --cipher-algo RSA text_msg
I get:
gpg: selected cipher algorithm is invalid
It doesn't matter what public algorithm I specify. Then for kicks I
specified a symmetric algorithm, and it worked! So it seems
--cipher-algo is used to select which *symmetric* algorithm to use.
If that's true, then what does the --s2k-cipher-algo switch do
differently?
> The symmetric cyphers are not listed because they're obvious. If your key is
> RSA it's going to use RSA. There's nothing to do about that. The preferred
> cyphers on a sign-only key don't mean much. However, you can add a RSA
> encryption subkey to your RSA sign-only key and thus use RSA for everything
> with no problem whatsoever.
I will try adding the subkey next. However, it doesn't seem right to
have to do this, because when I do a pgpdump on an RSA sign-only key,
one of the lines reads:
Pub alg - RSA Encrypt or Sign(pub 1)
This indicates to me that this sign-only key can be used to encrypt as
well; so I'm not sure what's causing the limitation. Also, the
following lines are also listed in the pgpdump of the sign-only key:
Sym alg - AES with 128-bit key(sym 7)
Sym alg - CAST5(sym 3)
Sym alg - Triple-DES(sym 2)
This is another indicator that this 'sign-only' key can be used for
encrypting, because symmetric algorithms aren't used to sign.
What am I missing?