[Pkg-gnupg-maint] Bug#536768: cannot use hashes other than SHA1 with smartcard

David Shaw dshaw at jabberwocky.com
Mon Jul 13 12:58:11 UTC 2009


On Jul 13, 2009, at 7:42 AM, Simon Richter wrote:

> Package: gnupg
> Version: 1.4.9-4
> Severity: normal
>
> Hi,
>
> attempting to use any hash other than SHA1 fails:
>
> gpg: detected reader `Towitoko Chipdrive Reader 00 00'
> gpg: card does not support digest algorithm SHA256
> gpg: signing failed: invalid argument
> gpg: signing failed: invalid argument
>
> I'd like to migrate to a stronger hash soonish, this makes things  
> difficult
> however.

This is not a bug, but hardware reality.  The v1 smartcard does not  
internally permit any hash other than SHA-1 or RIPEMD/160.  The  
situation is different on the v2 cards which can support different  
hashes.

David






More information about the Pkg-gnupg-maint mailing list