Re: rfc1991: required or not? Was: Re: GPG says bad signature when PGP reports OK

[brian moore <bem@cmc.net>]

On Fri, Nov 19, 1999 at 09:32:45AM +1100, Brian May wrote:
> >>>>> "Peter" == Peter Van Eynde <pvaneynd@debian.org> writes:
> 
>     Peter> ~/tmp$ gpg --clearsign --rfc1991 < t | gpg --verify
> 
> That command works for me...
> 
>     Peter> You need a passphrase to unlock the secret key for user:
>     Peter> "Peter Van Eynde (Lisper) <pvaneynd@debian.org>" 1024-bit
>     Peter> DSA key, ID 4B729625, created 1999-09-09
> 
> However, I have an RSA key (ie PGP). So maybe rfc1991 is broken
> unless you use a RSA key?

Yep, that's exactly it.

[gimli:~] 6:48:51pm 187 % diff test.rfc1991 test.notrfc1991 
1a2
> Hash: SHA1
(and then the actual sigs)

If you manually add the Hash: line back in, it will verify.

Not sure if it's a GNU PG bug per se, since it -is- what you asked for,
but it's wrong to combine --rfc1991 with DSA signatures, since the lack of
a Hash line will imply MD5 as the hash.  (PGP5 will still verify it,
though, since it waits until the end to determine which hash to use
instead of trusting rfc2440's requirement that a Hash line be present if
the hash is other than MD5.)

-- 
Brian Moore                       | Of course vi is God's editor.
      Sysadmin, C/Perl Hacker     | If He used Emacs, He'd still be waiting
      Usenet Vandal               |  for it to load on the seventh day.
      Netscum, Bane of Elves.