What determines the clearsign hash algorithm used by GnuPG?

When using GnuPG to clear sign a text, there is a hash part in signed message. Take the example:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

abc
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEZZvqE5j3koIxs9Xim0+E4a5Vo2cFAlkRdvQACgkQm0+E4a5V
o2ew2QgAzHuvZ7Hlb6+3qRLjc9Yhdi+6tBmNWXbWpKoAQxpzx6jKQp/FSpQeGWuj
RxcYnqU3pk4ycMLtaCFcfnHEW5N0B95eXGcurgMGz7A6xhy0hy25x8WBdeKVAQ+2
PLA2ytJLUn2L1S3ueqJWcdVUBRaiczOOsYvvO
...
...

-----END PGP SIGNATURE-----

But the hash algorithm is different for different keys (or servers), sometimes SHA1, sometimes SHA256, SHA512.

What determines this, the key or GnuPG client? I can't find info on this, when you use gpg create new keys , there is no option to specify the hash algorithm.

update: to clearify my question, I added more info below. the command used to generate the example output above, is :

gpg --clearsign

( The gpg version is gpg2 on my system. )

then , I typed some random text and there comes the result above. I wish to know, how to generate output with specific "Hash:" values ? say, SHA1 ?


The hashing algorithm is chosen by the implementation of OpenPGP, in your case GnuPG. Which one gets selected

  • is obviously restricted to algorithms support by GnuPG (gpg --version prints a list),
  • depends on compliance options used and finally
  • depends on your personal preferences.

For encrypting messages, additionally the recipient's preferences stored in the public key are considered.


I wish to know, how to generate output with specific "Hash:" values ? say, SHA1 ?

To answer your question, use the --digest-algo SHA1 option.

As an example, here is a detached signature using SHA-256. I don't use --clearsign, so I'm not going to try to cobble it together:

gpg -a -u 1F8E37BD --digest-algo SHA256 --output test.txt.sig --detach-sig test.txt

-a produces the ASCII armour output. -u selects the signing key among different keys. --digest-algo selects the hash. --output is the output filename. The input filename must be last option.

The list of hashes and their values are available in RFC 4880, Section 9.4. SHA-1 is 2, and SHA-256 is 8.

You can audit the signature with:

$ cat test.txt.sig | gpg --list-packets | grep "digest algo"
    digest algo 8, begin of digest 05 94