[Rpm-maint] [rpm-software-management/rpm] Ignore NOTTRUSTED results in verification (PR #4020)
Panu Matilainen
notifications at github.com
Thu Nov 6 08:35:17 UTC 2025
@pmatilai commented on this pull request.
> +runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm
+],
+[0],
+[/tmp/hello-2.0-1.x86_64.rpm:
+ Header OpenPGP V4 ECDSA/SHA512 signature, key fingerprint: e8a62c0512b06b5d2183ba207f1c21f95f65bbe8: OK
+ Header OpenPGP V4 EdDSA/SHA512 signature, key fingerprint: 152bb32fd9ca982797e835cfb0645aec757bf69e: OK
+ Header OpenPGP V4 RSA/SHA512 signature, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: NOTTRUSTED
+ Header SHA256 digest: OK
+ Payload SHA256 digest: OK
+],
+[ignore])
+
+# EDDSA disabled
+RPMTEST_CHECK([
+runroot cp -f /tmp/rpm-sequoia.config /etc/crypto-policies/back-ends/
+runroot sed -i '/^cv25519/s/always/never/g' /etc/crypto-policies/back-ends/rpm-sequoia.config
This is all Greek to me, but https://gitlab.com/sequoia-pgp/sequoia/-/blob/main/openpgp/src/policy.rs?ref_type=heads#L1574 looks suspicious:
```
[...]
Curve::Ed25519 => Cv25519,
Curve::Cv25519 => Cv25519,
[...]
```
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/4020#discussion_r2498010218
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/4020/review/3426901614 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20251106/2b263e65/attachment.htm>
More information about the Rpm-maint
mailing list