RPM Community Forums

Mailing List Message of <rpm-users>

Re: MD5 BAD Expected : extended by two extra zeros

From: Jeffrey Johnson <n3npq@me.com>
Date: Wed 23 Sep 2015 - 21:09:06 CEST
Message-id: <141E9C9D-6C44-46D1-BD1B-3C61102CE3E8@me.com> 

> On Sep 23, 2015, at 1:55 PM, Divya Vyas <edivya.vyas@gmail.com> wrote:
> 
> 
> Hi,
> 
> root@host:~# gpg --list-keys
> gpg: /home/root/.gnupg/trustdb.gpg: trustdb created
> 
> root@host:~#  rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n'
> package gpg-pubkey is not installed
> 
> I dont have the keys installed on my host. Why rpm command is saying 
> 
> root@host:~# rpm -K -v pth-2.0.7-r3.1.x86_64.rpm
> pth-2.0.7-r3.1.x86_64.rpm:
>     Header V4 RSA/SHA1 signature: OK, key ID 8b5cccb3
>     Header SHA1 digest: OK (c326a31810f026daac89aa4fd7928c3b574671ea)
>     MD5 digest: BAD Expected(bdaefdc3ddfd1c4ab4fabdd48c117fb800) != (bdaefdc3ddfd1c4ab4fabdd48c117fb8)
> 
> I am signing my rpms ( rpm --addsign) on target with key id 8b5cccb3 and copying to host. How md5 appended to extended zeros.
> 
> @target
> 
> rpm -K -v pth-2.0.7-r3.1.x86_64.rpm
> pth-2.0.7-r3.1.x86_64.rpm:
>     Header V4 RSA/SHA1 Signature, key ID 8b5cccb3: OK
>     Header SHA1 digest: OK (
> c326a31810f026daac89aa4fd7928c3b574671ea)
>     V4 RSA/SHA1 Signature, key ID 8b5cccb3: OK
>     MD5 digest: OK (bdaefdc3ddfd1c4ab4fabdd48c117fb8)
> 
> Target is rpm 4.9 and host is rpm 5.4
> 
> Why two extra zeros 
> 

(as described privately)

There was a subtle alignment/padding problem that manifested itself
with the size of the MD5 header+payload digest ending up as 17 bytes
with additional signature tags added to the signature header.

Fixed ~1.5y ago in rpm-5.4.15.

73 de Jeff
Received on Wed Sep 23 22:09:20 2015
Driven by Jeff Johnson and the RPM project team.
Hosted by OpenPKG and Ralf S. Engelschall.
Powered by FreeBSD and OpenPKG.