could not check signature
David Shaw
dshaw at jabberwocky.com
Thu Mar 24 05:12:41 CET 2005
On Thu, Mar 24, 2005 at 03:54:08AM +0100, Henk de Bruijn wrote:
> On Wed, 23 Mar 2005 21:33:18 -0500GMT (24-3-2005, 3:33 +0100, where I
> live), David Shaw wrote:
>
> > On Thu, Mar 24, 2005 at 03:21:08AM +0100, Henk de Bruijn wrote:
>
> >> Sorry for not telling relevant information. As you can see in my
> >> signature I am using The Bat! Further I use GnuPG 1.4.1 with GPGShell
> >> 3.40rc2.
> >> In GPGshell under Preferences GnuPG, on the second tab I changed the
> >> digest algo from default to RIPEMD160.
> >> After having kept this change, the gpg.conf has a line:
> >> digest-algo RIPEMD160
> >>
> >> When I now send messages signed inlined, these messages verify ok but
> >> when I send a message like this one, signed PGP/MIME, I get this error
> >> message.
>
> > You get the error when you *send* a message, or when you *verify* a
> > message?
>
> Not while sending, but when I verify a message.
>
> > What happens if you remove the 'digest-algo RIPEMD160' line from
> > gpg.conf?
>
> If I do that and save the new gpg.conf the second tab shows digest
> algo default.
But does the message verify correctly if you remove the 'digest-algo
RIPEMD160' ?
> > I see also that you are using The Bat! v3.0.9.9. That version is a
> > pre-beta that came out yesterday. You're not the first person who is
> > reporting this error with The Bat! so I'm wondering if the Bat folks
> > changed something internally.
>
> We are talking about this possibility in tbbeta too.
>
> But what I find strange is that when I change within
> The Bat! from GnuPG to PGP, these messages verify ok.
Yes, PGP and GnuPG have a difference in their sig verification
routines. GnuPG is more strict to the standard. PGP actually allows
you to (for example) present a message that claims to be SHA1 but is
really RIPEMD160 and will successfully verify it.
I'm curious how The Bat! verifies PGP/MIME signed messages. That
particular error sort of implies that they are constructing a brand
new OpenPGP message out of the various MIME parts and passing it to
GnuPG.
David
More information about the Gnupg-users
mailing list