[Rpm-maint] [rpm-software-management/rpm] EdDSA-signed RPMs signable but not installable (Issue #1877)
Jan Engelhardt
notifications at github.com
Mon Jan 3 21:11:12 UTC 2022
I'm on rpm-4.17.0 and gpg2-2.3.4 on openSUSE Tumbleweed.
```
$ gpg --list-keys
pub ed25519/0xF76EFE5D0C223A8F 2022-01-03 [SC] [expires: 2027-01-02]
Key fingerprint = BCA0 C5C3 09CA C569 E74A 921C F76E FE5D 0C22 3A8F
$ gpg -a --export 0xF76EFE5D0C223A8F >1.key
# rpm --import 1.key
$ echo "%_gpg_name 0xF76EFE5D0C223A8F" >>~/.rpmmacros
$ rpm --resign xbomb-2.2b-1.24.x86_64.rpm
(any rpm file will do)
Please enter the passphrase...[...]
# rpm -Uhv xbomb-2.2b-1.24.x86_64.rpm
error: xbomb-2.2b-1.24.x86_64.rpm: Header V4 EdDSA/SHA512 Signature, key ID 0c223a8f: BAD
error: xbomb-2.2b-1.24.x86_64.rpm cannot be installed
```
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1877
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/1877 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220103/ac4a8bb4/attachment.html>
More information about the Rpm-maint
mailing list