rpm --nosignature reversed meaning
Jeffrey Johnson
n3npq at me.com
Tue Aug 30 12:01:35 CEST 2016
> On Aug 30, 2016, at 5:57 AM, Tomasz Pala <gotar at polanet.pl> wrote:
>
> On Tue, Aug 30, 2016 at 11:50:45 +0200, Tomasz Pala wrote:
>
>>> D: PUB: AF3F93BC E4F1BC2D V4 DSA
>>> D: SIG: AF3F93BC E4F1BC2D V4 DSA-SHA1 POSITIVE
>>> D: PUB: 732FDFDE EAE6F8B8 V4 RSA
>>> D: SIG: 732FDFDE EAE6F8B8 V4 RSA-SHA1 POSITIVE
>>> D: UID: RSApub (PLD Linux Distribution 3.0 (Th)) <th-admin at pld-linux.org>
>>> D: ========== DSA pubkey id af3f93bc e4f1bc2d (h#968[0])
>>> error: keepassx-2.0.2-2.x86_64.rpm: Header V4 DSA signature: BAD, key ID e4f1bc2d
>>>
>>> Am I simply wrong, or is it the same DSA key signature with different results?
>>
>> http://ha.pool.sks-keyservers.net/pks/lookup?op=hget&search=5B9E545012899D925DE92F364995E354
> [...]
>> from this place rpm -qi gpg-pubkey follows (additional lines):
>>
>> hUsAoJ44g5TWhmvGqXUiDOIAjfw6QXSvAKCLWEANVGfXOihK7zxAMvXqZj2wepiNBEezUgYB
>> BADTsxN1pG5XtEcXwLayVtr1frEKNIE5ckWmKxx8040/ql+p9tzWtteRL5uAh5VbtfdQnFt4
>> gFoZJPsm1zMFsx9+LhV5nm5ZIowztde3vxyxCRuO90+PJy+N2DFHmIQMeuDzATN6O8VKUO2K
>> 1yzAaMmZdPC56cEidSjg9M95v/814wARAQABtEFSU0FwdWIgKFBMRCBMaW51eCBEaXN0cmli
>> dXRpb24gMy4wIChUaCkpIDx0aC1hZG1pbkBwbGQtbGludXgub3JnPoi2BBMBAgAgBQJHs1IG
>> AhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQcy/f3urm+Lg8dwP7BdZCN5OTnwbwskRo
>> Ae4Hxs9t9hxW05maLJD5zyQTm+eL2o2uvIkzq67soB2aUVNPm0RCqnzh99BaqQSAGj4bpBcj
>> eFup2mhGy706QS6eaVl9cNigsfi3ehvAE5Qd5N5V12olY4Sik7q/F9MH+F/GAiPRdCpzLM2x
>
> Apparently rpm concatenated DSA with RSA and uses it as a single key:
>
Um, please stop guessing at the cause.
The lines displayed before are pubkey certification signatures, not package signatures.
> ~: rpm -qi gpg-pubkey
> Summary : gpg(RSApub (PLD Linux Distribution 3.0 (Th)) <th-admin at pld-linux.org>)
>
> while this is DSA+RSA.
And there is no “DSA+RSA” signature scheme.
73 de Jeff
>
> --
> Tomasz Pala <gotar at pld-linux.org>
> _______________________________________________
> pld-devel-en mailing list
> pld-devel-en at lists.pld-linux.org
> http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
More information about the pld-devel-en
mailing list