> On Sep 23, 2015, at 1:55 PM, Divya Vyas <edivya.vyas@gmail.com> wrote:
>
>
> Hi,
>
> root@host:~# gpg --list-keys
> gpg: /home/root/.gnupg/trustdb.gpg: trustdb created
>
> root@host:~# rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n'
> package gpg-pubkey is not installed
>
> I dont have the keys installed on my host. Why rpm command is saying
>
> root@host:~# rpm -K -v pth-2.0.7-r3.1.x86_64.rpm
> pth-2.0.7-r3.1.x86_64.rpm:
> Header V4 RSA/SHA1 signature: OK, key ID 8b5cccb3
> Header SHA1 digest: OK (c326a31810f026daac89aa4fd7928c3b574671ea)
> MD5 digest: BAD Expected(bdaefdc3ddfd1c4ab4fabdd48c117fb800) != (bdaefdc3ddfd1c4ab4fabdd48c117fb8)
>
> I am signing my rpms ( rpm --addsign) on target with key id 8b5cccb3 and copying to host. How md5 appended to extended zeros.
>
> @target
>
> rpm -K -v pth-2.0.7-r3.1.x86_64.rpm
> pth-2.0.7-r3.1.x86_64.rpm:
> Header V4 RSA/SHA1 Signature, key ID 8b5cccb3: OK
> Header SHA1 digest: OK (
> c326a31810f026daac89aa4fd7928c3b574671ea)
> V4 RSA/SHA1 Signature, key ID 8b5cccb3: OK
> MD5 digest: OK (bdaefdc3ddfd1c4ab4fabdd48c117fb8)
>
> Target is rpm 4.9 and host is rpm 5.4
>
> Why two extra zeros
>
(as described privately)
There was a subtle alignment/padding problem that manifested itself
with the size of the MD5 header+payload digest ending up as 17 bytes
with additional signature tags added to the signature header.
Fixed ~1.5y ago in rpm-5.4.15.
73 de Jeff
Received on Wed Sep 23 22:09:20 2015