On 7 Sep 2013, at 23:29, [email protected] wrote:
Detail: gpg: DSA key 2ADC63E5 requires a 224 bit or larger hash
Detail: gpg: signing failed: General error
So, the problem seems to be the option `--digest-algo SHA1` (sha1
generates a 160 bit hash). If I remove it, I can sign a file
successfully. This might be because my key is 2048 bit, I don't really
know though. The gpg2 documentation says about the `--digest-algo`
option:
As far as I understand the standards only require implementations to
support sha1. Using anything else might result in the recipient not
being able to verify the message (RFC 4880 Section 9.4).
I don't think the problem is the key being 2048 bit since my own key is
that as well.
Googling I found a mailing list message which indicates that the problem
might be how the key was generated:
http://lists.gnupg.org/pipermail/gnupg-users/2009-November/037617.html
Use name as the message digest algorithm. Running the program with
the command `--version` yields a list of supported algorithms. In
general, you do not want to use this option as it allows you to
violate the OpenPGP standard. `--personal-digest-preferences` is the
safe way to accomplish the same thing.
I don't have enough knowledge about gpg2 to say which option really is
required and which isn't. Maybe you can make it possible (somehow) to
let the user modify the options that are passed to gpg2? (as hidden
preference or something like that).
I could perhaps allow the user to change some select arguments, but most
of the default arguments are not something that should be allowed to be
changed. MailMate relies on them.
Note that quite a lot can be controlled using the preferences file:
~/.gnupg/gpg.conf
But regardless this issue, I wanted to tell you that you did a really
great job with MailMate. It's exactly what I was looking for :)
Thanks!
--
Benny
_______________________________________________
mailmate mailing list
[email protected]
http://lists.freron.com/listinfo/mailmate
