From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040502 Epiphany/1.2.4 Description of problem: If you use a rsa gpg key to sign a package, import the public gpg key, then run rpm -K on the package the gpg key is not verified correctly. On the other hand a dsa key works correctly. This however is not documented. The man page says that rsa key work. Version-Release number of selected component (if applicable): 4.2.1-4.4 How reproducible: Always Steps to Reproduce: 1. make rsa gpg key 2. sign package with said key 3. import public key into rpm db 4. run rpm -K on the package Actual Results: you get something like: [elliot@rkbuild rpms]$ sudo rpm -K autofs-4.1.2-1.i386.rpm autofs-4.1.2-1.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#092dc02c) Expected Results: should get something like: [elliot@rkbuild rpms]$ rpm -K autofs-4.1.2-1.i386.rpm autofs-4.1.2-1.i386.rpm: (sha1) dsa sha1 md5 gpg OK Additional info:
rsa keys are known to work, RPM-PGP-KEY is an RSA key. Your problem is either unsupported algorithms or additional OpenPGP packets, as rpm supports only a subset of OpenPGP. The very first thing to check is whether you generated a version 3 or version 4 key. Only version 3 keys are supported by rpm. See the packets that are known supported in the RPM-PGP-KEY file included in the rpm package.