Bug 111611 - rpm --import fails for GPG 1.2.2 keys
rpm --import fails for GPG 1.2.2 keys
Status: CLOSED WORKSFORME
Product: Fedora
Classification: Fedora
Component: rpm (Show other bugs)
1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Jeff Johnson
Mike McLean
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-12-06 04:41 EST by deniz
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-12-06 08:33:02 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description deniz 2003-12-06 04:41:42 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1)
Gecko/20031114

Description of problem:
When trying to import a key into rpm, I did the following: 

gpg --recv-keys --keyserver pgp.mit.edu 8df56d05
gpg --armor --export 8df56d05 > /etc/apt/FEDORA-SECURITY-KEY
rpm --import /etc/apt/FEDORA-SECURITY-KEY

Nothing happens (no error message) and the key does not show up in 
rpm -qa gpg-pubkey*

looking at the key file, it has: 
Version: GnuPG v1.2.2 (GNU/Linux)

I then downloaded the key file from 
http://www.fedora.us/FEDORA-GPG-KEY

which has: 
Version: GnuPG v1.2.1 (GNU/Linux)

rpm --import works fine on this file. 

Same goes for redhat fedora keys, file from
/usr/share/rhn/RPM-GPG-KEY-fedora can be imported successfully into
rpm, but the same key received through: 

gpg --recv-keys --keyserver pgp.mit.edu 4f2a6fd2

does not work. 




Version-Release number of selected component (if applicable):
rpm-4.2.1-0.30, gnupg-1.2.2-3

How reproducible:
Always

Steps to Reproduce:
1.make sure rpm does not have the key imported already. (check rpm -qa
gpg-pubkey*) 
2. gpg --recv-keys --keyserver pgp.mit.edu 4f2a6fd2
3. gpg --armor --export 4f2a6fd2 > tmpkey
4. rpm --import tmpkey
5. rpm -qa gpg-pubkey* --> you won't see the new key.
6. If you have the file in usr/share/rhn/RPM-GPG-KEY-fedora, 
rpm --import /usr/share/rhn/RPM-GPG-KEY-fedora
7. rpm -qa gpg-pubkey* -> you will see the new key.

Either RPM does not recognize version 1.2.2 GPG keys, or GPG-1.2.2 is
at fault. 

Additional info:
Comment 1 Jeff Johnson 2003-12-06 08:33:02 EST
rpm supports only a subset of OpenPGP, sufficient for verifying
packages.

If your key came from a server, then you will need to import
the key using gpg, and edit out the signature added by the server
before exporting.

Note You need to log in before you can comment on or make changes to this bug.