[Enigmail] Setting which Hash Algorithm

John Clizbe John at Mozilla-Enigmail.org
Mon Jun 23 18:39:45 PDT 2008 

Charly Avital wrote:
> Robert J. Hansen wrote the following on 6/23/08 12:52 PM:
>> Charly Avital wrote:
>>> I would like Enigmail to use the digest-algo  [value] I set in
>>> gpg.conf.
>> 
>> Enigmail has no influence over your cipher and algorithm settings.  We
>> use what you've told GnuPG to use.
> 
> I must have misunderstood a previous statement:
> 'Enigmail knows *nothing* of the options in gpg.conf.'

I'd be sorry if you did. It was a pretty direct statement without room for
ambiguity to sneak in.

I think Rob {sh,c}ould have added "...unless you've instructed Enigmail to
override GnuPG, in which case, things are passed on the command line.

>> The only exception to this is
>> .mimeHashAlgorithm, which is only used for PGP/MIME messages.

Explained below.

The values for mimeHashAlgorithm are (from enigmail.js):

0 null (default)
1 SHA-1
2 RIPEMD160
3 SHA-256
4 SHA-384
5 SHA-512
6 SHA-224

Anything other that the default case will get passed on Enigmail's command line
with --digest-algo <blah>.

From the beginning, PGP/MIME presented a problem in that it is necessary to know
the digest algorithm *before* invoking GnuPG as part of constructing the
messages MIME headers. If one looks at teh source of a PGP/MIME signed message,
s/he'll see the MIME header:
    Content-Type: multipart/signed; micalg=pgp-sha1;
     protocol="application/pgp-signature";
     boundary=blah

pgp-sha1 being MIME-speak for OpenPGP's SHA-1.

The initial solution to this problem was to select a hash as part of Enigmail's
preferences and then pass that to GnuPG, overriding whatever the key or gpg.conf
said to use.

Later, Patrick developed a solution that signs a small test message and examines
that to determine the hash used, constructs the MIME header and passes things to
GnuPG for signing and possibly encryption.

Patrick, please whack my knuckles with a ruler and correct me if I've bungled
this explanation.

-- 
John P. Clizbe                      Inet:   John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A
"what's the key to success?"        / "two words: good decisions."
"what's the key to good decisions?" /  "one word: experience."
"how do i get experience?"          / "two words: bad decisions."

"Just how do the residents of Haiku, Hawai'i hold conversations?"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 677 bytes
Desc: OpenPGP digital signature
Url : http://www.mozdev.org/pipermail/enigmail/attachments/20080623/cf4311c8/attachment.bin

More information about the Enigmail mailing list