Hi Werner, thank you! Attached is the result of a good and a bad signature using the attached script. I see no difference in the trailer or signed data or swdb.lst
Do you have any ideas what might be going on? Thank you, John On Thu, Jan 29, 2026 at 2:49 AM Werner Koch <[email protected]> wrote: > On Wed, 28 Jan 2026 10:38, John Soo said: > > Thanks Werner! > > > > I tried with -v --debug hashing and the content for hashing was not > > printed, is there another flag I need to use? > > Let's see using some arbitrary signature > > $ gpg --verify --debug hashing swdb.lst.sig swdb.lst > > gpg: reading options from '/home/wk/.gnupg/gpg.conf' > gpg: reading options from '[cmdline]' > gpg: reading options from '/home/wk/.gnupg/common.conf' > gpg: NOTE: THIS IS A DEVELOPMENT VERSION! > gpg: It is only intended for test purposes and should NOT be > gpg: used in a production environment or with production keys! > gpg: enabled debug flags: hashing > gpg: enabled compatibility flags: > gpg: Signature made Fri 23 Feb 2024 02:34:37 PM CET > gpg: using EDDSA key > 6DAA6E64A76D2840571B4902528897B826403ADA > gpg: using pgp trust model > gpg: please do a --check-trustdb > gpg: Good signature from "Werner Koch (dist signing 2020)" [ultimate] > gpg: binary signature, digest algorithm SHA256, key algorithm ed25519 > gpg: secmem usage: 0/32768 bytes in 0 blocks > > $ ls -lt | head -3 > total 29839972 > -rw-r--r-- 1 wk wk 4725 Jan 29 10:44 dbgmd-00001.verify > -rw-r--r-- 1 wk wk 41 Jan 29 10:44 dbgmd-00002.unknown > > dbgmd-00001.verify is the same as swdb.lst > dbgmd-00002.unknown is the trailer hashed after swdb.lst. > > When creating the signature you should have seen > dbgmd-00001.sign with the to be signed data > dbgmd-00001.unknown with the trailer. > > dbgmd-00001.unknown gets overwritten so you need to store it away for > later comparing. > > > Salam-Shalom, > > Werner > > > -- > The pioneers of a warless world are the youth that > refuse military service. - A. Einstein >
invalid-sigs-macos.tar
Description: Unix tar archive
_______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
