[Rpm-maint] [rpm-software-management/rpm] Add support for multiple signature verification (Issue #4089)

[Fellipe Henrique]

fhbash left a comment (rpm-software-management/rpm#4089)

Hi @pmatilai sorry for late response...

So, the reason for create this is: now if we have multiple keys/signatures, and one of that is not valid (key and/or signature expired etc) but we have valid signatures, there's no way to check this using rpm backend.

I made this PR for `gpgme` https://github.com/rpm-software-management/librepo/pull/354  but using rpm backend as far as I know, it's not possible because rpm do not expose anything I can use to make this check. (Maybe I missed something?)

I understand the what you mention regarding to a full rewriting of `gpg_rpm.c` and the cost of it and tbh I don't know how to proceed with this..

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/4089#issuecomment-3842050761
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/issues/4089/3842050761 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20260203/0404ccae/attachment.htm>