[Rpm-maint] [rpm-software-management/rpm] Ignore NOTTRUSTED results in verification (PR #4020)
Jakub Jelen
notifications at github.com
Tue Nov 11 12:08:07 UTC 2025
@Jakuje commented on this pull request.
> +runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm
+],
+[0],
+[/tmp/hello-2.0-1.x86_64.rpm:
+ Header OpenPGP V4 ECDSA/SHA512 signature, key fingerprint: e8a62c0512b06b5d2183ba207f1c21f95f65bbe8: OK
+ Header OpenPGP V4 EdDSA/SHA512 signature, key fingerprint: 152bb32fd9ca982797e835cfb0645aec757bf69e: OK
+ Header OpenPGP V4 RSA/SHA512 signature, key fingerprint: 771b18d3d7baa28734333c424344591e1964c5fc: NOTTRUSTED
+ Header SHA256 digest: OK
+ Payload SHA256 digest: OK
+],
+[ignore])
+
+# EDDSA disabled
+RPMTEST_CHECK([
+runroot cp -f /tmp/rpm-sequoia.config /etc/crypto-policies/back-ends/
+runroot sed -i '/^cv25519/s/always/never/g' /etc/crypto-policies/back-ends/rpm-sequoia.config
This should be fixed with sequoia-openpgp-2.1.0 (https://gitlab.com/sequoia-pgp/sequoia/-/merge_requests/1799), but it will take some time before it will make it through the components to downstreams.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/4020#discussion_r2513998218
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/4020/review/3447763492 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20251111/a09dd16b/attachment.htm>
More information about the Rpm-maint
mailing list