Bug 1962234

Summary: GPG generated with default algorithm is not accepted by rpm --addsign
Product: Red Hat Enterprise Linux 9 Reporter: Jan Blazek <jblazek>
Component: rpmAssignee: Michal Domonkos <mdomonko>
Status: CLOSED CURRENTRELEASE QA Contact: Eva Mrakova <emrakova>
Severity: high Docs Contact: Mariya Pershina <mpershin>
Priority: high    
Version: 9.0CC: jpazdziora, jwboyer, mdomonko, mpershin, ssorce
Target Milestone: betaKeywords: TestBlocker, Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: rpm-4.16.1.3-4.el9 Doc Type: Enhancement
Doc Text:
.RPM now supports the EdDSA public key algorithm With this enhancement, the `rpm` command supports signing keys using the EdDSA public key algorithm. As a result, signing keys generated using EdDSA can now be used for signing and verifying packages. Note that, however signing keys using EdDSA are now supported, RSA continues to be the default public key algorithm in GnuPG.
 Story Points: ---
Clone Of:
: 2001937 (view as bug list) Environment:
Last Closed: 2021-12-07 21:44:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2001937    

Description Jan Blazek 2021-05-19 14:44:54 UTC 
Description of problem:
In upstream test suite for DNF (ci-dnf-stack) that we use also for RHEL downstream testing we generate GPG keys with `gpg --quick-gen-key [...] default` to have sane default keys for every platform (RHEL 8, RHEL 9, Fedora).
Unfortunately, in RHEL 9 this key is not accepted by rpm --add-sign afterwards.

Although I can workaround this by temporarily setting the key algorithm to for example dsa I guess that defaults for GPG keys in RHEL-9 are not correct.

Version-Release number of selected component (if applicable):
gnupg2-2.3.1-1.el9.x86_64

How reproducible:
always

Steps to Reproduce:
gpg2 --batch --passphrase '' --quick-gen-key dnf-ci-gpg default default 0


Actual results:
+ gpg2 --batch --passphrase '' --quick-gen-key dnf-ci-gpg default default 0
gpg: directory '/tmp/tmp.Xtn5xdKjvi/gpghome/.gnupg' created
gpg: keybox '/tmp/tmp.Xtn5xdKjvi/gpghome/.gnupg/pubring.kbx' created
gpg: /tmp/tmp.Xtn5xdKjvi/gpghome/.gnupg/trustdb.gpg: trustdb created
gpg: key 84FEB6FF8A687698 marked as ultimately trusted
gpg: directory '/tmp/tmp.Xtn5xdKjvi/gpghome/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/tmp/tmp.Xtn5xdKjvi/gpghome/.gnupg/openpgp-revocs.d/9F6AEE8AE7C95E34E8F4031C84FEB6FF8A687698.rev'
[...]
+ rpm --addsign /opt/ci/dnf-behave-tests/fixtures/gpgkeys/../repos/dnf-ci-gpg/noarch/setup-2.12.1-1.fc29.noarch.rpm
warning: Could not set GPG_TTY to stdin: Inappropriate ioctl for device
error: Unsupported PGP pubkey algorithm 22

Expected results:
+ gpg2 --batch --passphrase '' --quick-gen-key dnf-ci-gpg default default 0
gpg: directory '/tmp/tmp.Xtn5xdKjvi/gpghome/.gnupg' created
gpg: keybox '/tmp/tmp.Xtn5xdKjvi/gpghome/.gnupg/pubring.kbx' created
gpg: /tmp/tmp.Xtn5xdKjvi/gpghome/.gnupg/trustdb.gpg: trustdb created
gpg: key 84FEB6FF8A687698 marked as ultimately trusted
gpg: directory '/tmp/tmp.Xtn5xdKjvi/gpghome/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/tmp/tmp.Xtn5xdKjvi/gpghome/.gnupg/openpgp-revocs.d/9F6AEE8AE7C95E34E8F4031C84FEB6FF8A687698.rev'
+ rpm --addsign /opt/ci/dnf-behave-tests/fixtures/gpgkeys/../repos/dnf-ci-gpg/noarch/setup-2.12
.1-1.fc29.noarch.rpm
warning: Could not set GPG_TTY to stdin: Inappropriate ioctl for device
warning: Could not set GPG_TTY to stdin: Inappropriate ioctl for device
/opt/ci/dnf-behave-tests/fixtures/gpgkeys/../repos/dnf-ci-gpg/noarch/setup-2.12.1-1.fc29.noarch.rpm:

Additional info:
Logs from building the test image on RHEL-9:
https://beaker-archive.host.prod.eng.bos.redhat.com/beaker-logs/2021/05/53675/5367529/9980957/125905578/taskout.log
Comment 1 Jakub Jelen 2021-05-20 07:00:36 UTC 
> error: Unsupported PGP pubkey algorithm 22

It looks like the default public key algorithm indeed changed to EdDSA. I missed this in release notes, but it is indeed there for 2.3.0:

> * gpg: Switch to ed25519/cv25519 as default public key algorithms.

It would be great if rpm could support this algorithm. It already has the defines for it so it knows it exists, but it can probably not handle it.

Given that this is a new upstream default and rpm is the on failing to process the new signature, I think we should change this bug to rpm.

But we should not use it for signing real rpm packages in RHEL at least for the FIPS sake, where this algorithm is not allowed these days.
Comment 2 Michal Domonkos 2021-05-20 12:16:18 UTC 
This is already supported upstream (RPM 4.17), so should be trivial to backport if need be:
https://github.com/rpm-software-management/rpm/commit/23770e1a4f28c56a31fe600cae332c77333b60b6
Comment 4 Simo Sorce 2021-05-24 21:32:25 UTC 
Jakub,
I think we should consider reverting the default for RHEL-9 or it will be hard to deal with different defaults between FIPS and non-FIPS mode, unless 186-5 (draft) gets approved soon...