Re: Wrong signature hash detection?

Thu, 06 May 2010 20:17:38 -0700 

On 05/06/2010 10:43 PM, Hauke Laging wrote:
> It says SHA1 though according to my understanding
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.14 (GNU/Linux)
> 
> iQFMBAABAgA2BQJL43F6LxpodHRwOi8vd3d3LmhhdWtlLWxhZ2luZy5kZS9vcGVu
> cGdwL3BvbGljeS5odG1sAAoJEDlYRfZ/Y35735kIAIP2LgRqxhySQ0kaOSnFZfWs
> YgvqeYYGHUeLIQzfGCbxD2VE0CzSQPNN3GabpsXF2DQ5xUh25n+9pu34gPAMvD6v
> QKM8B31vkSj/KEuCZUXMOBiEDVBQn6ypR9ZmOSo991Lm84fIaOhx8rQ0d1kWxWuH
> CRHemF49FSCxF/5CMcx+HMWjN6lKhQFK3z61In23Xjmf+dRFYxbPkInqu4tw6q4b
> OODVVsK8FhCWz2aUNBSgWzwhmwwCD1R4/IblMejrStsbT0tFNzVbg3KKIQ7bHUD5
> k++hjk0K332ZXnR4X9jZku7FPpgAtp44/k0Op+yGZqW6RW6zu5s5fFPnkijef6U=
> =eaxc
> -----END PGP SIGNATURE-----
> 
> is obviously not an SHA1 signature. The check deliveres the correct result 
> for 
> the signature of the other key (which I created immediately before on the 
> same 
> system):


What makes you say this is "obviously not an SHA1 signature" ?  When i
pipe it through pgpdump, i get this:

Old: Signature Packet(tag 2)(332 bytes)
        Ver 4 - new
        Sig type - Signature of a binary document(0x00).
        Pub alg - RSA Encrypt or Sign(pub 1)
        Hash alg - SHA1(hash 2)
        Hashed Sub: signature creation time(sub 2)(4 bytes)
                Time - Thu May  6 21:48:42 EDT 2010
        Hashed Sub: policy URL(sub 26)(46 bytes)
                URL - http://www.hauke-laging.de/openpgp/policy.html
        Sub: issuer key ID(sub 16)(8 bytes)
                Key ID - 0x395845F67F637E7B
        Hash left 2 bytes - df 99
        RSA m^d mod n(2048 bits) - ...
                -> PKCS-1


and gpg --list-packets shows this:

:signature packet: algo 1, keyid 395845F67F637E7B
        version 4, created 1273196922, md5len 0, sigclass 0x00
        digest algo 2, begin of digest df 99
        hashed subpkt 2 len 4 (sig created 2010-05-07)
        hashed subpkt 26 len 46 (policy:
http://www.hauke-laging.de/openpgp/policy.html)
        subpkt 16 len 8 (issuer key ID 395845F67F637E7B)
        data: [2048 bits]


Both of which suggest that the digest used is in fact SHA1.

Are you judging based on the size of the block?  RSA signatures are
significantly larger than DSA signatures, even though they sign over the
same digest algorithm.

        --dkg

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to