When using GnuPG to clear sign a text, there is a hash part in signed message. Take the example:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
abc
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEZZvqE5j3koIxs9Xim0+E4a5Vo2cFAlkRdvQACgkQm0+E4a5V
o2ew2QgAzHuvZ7Hlb6+3qRLjc9Yhdi+6tBmNWXbWpKoAQxpzx6jKQp/FSpQeGWuj
RxcYnqU3pk4ycMLtaCFcfnHEW5N0B95eXGcurgMGz7A6xhy0hy25x8WBdeKVAQ+2
PLA2ytJLUn2L1S3ueqJWcdVUBRaiczOOsYvvO
...
...
-----END PGP SIGNATURE-----
But the hash algorithm is different for different keys (or servers), sometimes SHA1, sometimes SHA256, SHA512.
What determines this, the key or GnuPG client? I can't find info on this, when you use gpg
create new keys , there is no option to specify the hash algorithm.
update: to clearify my question, I added more info below.
the command used to generate the example output above, is :
gpg --clearsign
( The gpg version is gpg2 on my system. )
then , I typed some random text and there comes the result above.
I wish to know, how to generate output with specific "Hash:" values ? say, SHA1 ?
Best Answer
The hashing algorithm is chosen by the implementation of OpenPGP, in your case GnuPG. Which one gets selected
gpg --version
prints a list),For encrypting messages, additionally the recipient's preferences stored in the public key are considered.