[Rpm-maint] [rpm-software-management/rpm] Add pgpVerifySignature2 (PR #2453)
Panu Matilainen
notifications at github.com
Fri Mar 31 07:25:38 UTC 2023
@pmatilai commented on this pull request.
> @@ -276,7 +276,18 @@ rpmRC rpmKeyringVerifySig(rpmKeyring keyring, pgpDigParams sig, DIGEST_CTX ctx)
pgpkey = key->pgpkey;
/* We call verify even if key not found for a signature sanity check */
- rc = pgpVerifySignature(pgpkey, sig, ctx);
+ char *errormsg = NULL;
+ rc = pgpVerifySignature2(pgpkey, sig, ctx, &errormsg);
+ if (errormsg) {
+ if (rc) {
+ rpmlog(RPMLOG_ERR, "Error verifying signature: %s",
+ errormsg);
+ } else {
+ rpmlog(RPMLOG_WARNING, "Warning verifying signature: %s",
Having now tested this, I wonder if even that is necessary because that context is already supplied by the Sequoia message:
> /home/pmatilai/Downloads/anydesk-6.1.1-1.el8.x86_64.rpm:
error: Error verifying signature: Verifying a signature using certificate D56311E5FF3B6F39D5A16ABE18DF3741CDFFDE29:
No binding signature at time 2021-04-13T11:08:37Z
error: Error verifying signature: Verifying a signature using certificate D56311E5FF3B6F39D5A16ABE18DF3741CDFFDE29:
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2453#discussion_r1154110865
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/2453/review/1366392071 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20230331/739d27cf/attachment-0001.html>
More information about the Rpm-maint
mailing list