[Rpm-ecosystem] possible signature types

Panu Matilainen pmatilai at redhat.com
Wed May 9 08:43:04 UTC 2018


On 05/09/2018 11:27 AM, Miroslav Suchý wrote:
> Hi,
> I am working on updating documentation about signing a packages using rpmsign. In the old documentation there is:
> 
>> The "Generating signature" message appears in both the binary and source packaging sections. The number following the message indicates that the signature added was created using PGP.
>>
>> [NOTE]
>> --
>> The list of possible signature types can be found in the RPM sources, specifically signature.h in RPM's lib subdirectory.
>> --
>>
> 
> 
> The problem is that I see nothing relevant in current signature.h.
> So what is the recommended way to get list of possible signatures nowadays?

The comment about signature.h refers to something so old you don't want 
know, much less care.

There's only one type of signature that rpm currently supports: OpenPGP.

Note that in rpm internal jargon, header/package level hashes are 
sometimes referred to as signatures too due to them residing in the so 
called signature header. Which can be confusing even if you know it.

	- Panu -


More information about the Rpm-ecosystem mailing list