Email encryption error

digger86 · 05-25-2010, 02:34 PM

When I use evolution to encrypt an email I get the following error

Code:

could not create message
Because "gpg: writing to `-'
gpg: DSA key AC806A0E requires a 256 bit or larger hash
gpg: signing failed: General error
", you may need to select different mail options.

information:

Code:

# gpg --version
gpg (GnuPG) 2.0.12
libgcrypt 1.4.4
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA
Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, 
        CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

# cat /etc/SuSE-brand
openSUSE
VERSION = 11.2

# egrep -v '^#' gpg.conf | egrep -v '^$'
require-cross-certification
keyserver  hkp://keys.gnupg.net
personal-digest-preferences SHA256
cert-digest-algo SHA256

thanks!

rweaver · 05-25-2010, 03:49 PM

Your key requires sha256 or better and evolution is probably defaulting to using sha1 (thats what its been every time I've seen this error in the past anyways.) You need to change it.
See: https://bugzilla.gnome.org/show_bug.cgi?id=304415

digger86 · 05-26-2010, 02:28 PM

Thanks! that is it.

Ashame that the bug has been around for 5 years and you have to use SHA1 over the new improved SHA2.

rweaver · 05-26-2010, 03:08 PM

I think there was a patch or evolution was changed so you could change what it uses, but where that's at I'm not sure anymore.