[Rpm-maint] [rpm-software-management/rpm] Give error message for failed PGP key import (PR #2097)
Neal H. Walfield
notifications at github.com
Wed Jun 29 08:53:42 UTC 2022
Even if subkeys aren't used, there can still be multiple signatures.
Here is `567E 347A D004 4ADE 55BA 8A5F 199E 2F91 FD43 1D51` (Red Hat, Inc. (release key 2) <security at redhat.com>):
```
$ sq keyserver -s hkps://keyserver.ubuntu.com get '567E 347A D004 4ADE 55BA 8A5F 199E 2F91 FD43 1D51' | sq packet dump
Public-Key Packet, new CTB, 525 bytes
Version: 4
Creation time: 2009-10-22 11:59:55 UTC
Pk algo: RSA
Pk size: 4096 bits
Fingerprint: 567E347AD0044ADE55BA8A5F199E2F91FD431D51
KeyID: 199E2F91FD431D51
User ID Packet, new CTB, 51 bytes
Value: Red Hat, Inc. (release key 2) <security at redhat.com>
Signature Packet, new CTB, 589 bytes
Version: 4
Type: PositiveCertification
Pk algo: RSA
Hash algo: SHA1
Hashed area:
Signature creation time: 2009-10-22 11:59:55 UTC
Key flags: CS
Symmetric algo preferences: AES256, AES192, AES128, CAST5, TripleDES
Hash preferences: SHA1, SHA256, RipeMD
Compression preferences: Zlib, BZip2, Zip
Features: MDC
Keyserver preferences: no modify
Unhashed area:
Issuer: 199E2F91FD431D51
Issuer Fingerprint: 567E347AD0044ADE55BA8A5F199E2F91FD431D51
Digest prefix: 6CE9
Level: 0 (signature over data)
Signature Packet, new CTB, 563 bytes
Version: 4
Type: GenericCertification
Pk algo: RSA
Hash algo: SHA512
Hashed area:
Issuer Fingerprint: E99661DB6683EA305704ED3A4B5C7470051BB332
Signature creation time: 2022-05-13 07:27:46 UTC
Unhashed area:
Issuer: 4B5C7470051BB332
Digest prefix: B07C
Level: 0 (signature over data)
Signature Packet, new CTB, 156 bytes
Version: 4
Type: GenericCertification
Pk algo: RSA
Hash algo: SHA1
Hashed area:
Signature creation time: 2010-08-10 08:57:09 UTC
Unhashed area:
Issuer: EEAD4CFD49A563D9
Digest prefix: A30F
Level: 0 (signature over data)
```
There are three signature packets on the User ID packet, two of them use SHA-1. Note: an OpenPGP certificate is not valid without at least one valid self signature.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2097#issuecomment-1169710523
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/2097/c1169710523 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220629/37e95abf/attachment.html>
More information about the Rpm-maint
mailing list