Bug 115445 - rpm refuses to import keys with harmless blanks, accepted by gpg
rpm refuses to import keys with harmless blanks, accepted by gpg
Status: CLOSED DEFERRED
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: rpm (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jeff Johnson
Mike McLean
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-02-12 11:35 EST by Pancrazio `ezio' de Mauro
Modified: 2007-11-30 17:07 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-02-12 15:10:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
This key is accepted by rpm --import and gpg (1.30 KB, text/plain)
2004-02-12 11:37 EST, Pancrazio `ezio' de Mauro
no flags Details
This key is rejected by rpm --import but accepted by gpg (1.30 KB, text/plain)
2004-02-12 11:38 EST, Pancrazio `ezio' de Mauro
no flags Details

  None (edit)
Description Pancrazio `ezio' de Mauro 2004-02-12 11:35:06 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5)
Gecko/20031007 Firebird/0.7 StumbleUpon/1.89

Description of problem:
Blank spaces can cause rpm to refuse to import a valid GPG key

Version-Release number of selected component (if applicable):
Verified on rpm-4.2.1-4.4

How reproducible:
Always

Steps to Reproduce:
1. generate a key with gpg --keygen
2. export it with gpg --armor --export KEYID > key.asc
3. verify that rpm accepts it with rpm --import key.asc
4. add a single space in the blank line between the headers and the
actual key
5. verify that rpm rejects it: rpm --import key.asc returns "import
read failed"

Actual Results:  See "Steps to reproduce"

Expected Results:  rpm should strip off unnecessary blanks and accept
the key. Unnecessary blanks are sometimes inserted when the key is
emailed, copy-pasted, etc.

Additional info:
For this specific test case, the relevant code snippet is in
rpmio/rpmpgp.c in function pgpReadPkts

            if (*t != '\n') {
                pstate = 0;
                continue;
            }

i.e. if the empty line between the headers and the key contains just a
newline it is considered valid, otherwise the key is discarded
Comment 1 Pancrazio `ezio' de Mauro 2004-02-12 11:37:29 EST
Created attachment 97618 [details]
This key is accepted by rpm --import and gpg
Comment 2 Pancrazio `ezio' de Mauro 2004-02-12 11:38:04 EST
Created attachment 97619 [details]
This key is rejected by rpm --import but accepted by gpg
Comment 3 Jeff Johnson 2004-02-12 15:10:45 EST
rpm supports only a subset of OpenPGP, you need to generate your
keys correctly.

DEFFERED until whenever, you have known and valid work around.

Note You need to log in before you can comment on or make changes to this bug.