Red Hat Bugzilla – Bug 122990
rsa gpg keys don't work
Last modified: 2007-11-30 17:07:01 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6)
Description of problem:
If you use a rsa gpg key to sign a package, import the public gpg key,
then run rpm -K on the package the gpg key is not verified correctly.
On the other hand a dsa key works correctly. This however is not
documented. The man page says that rsa key work.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. make rsa gpg key
2. sign package with said key
3. import public key into rpm db
4. run rpm -K on the package
Actual Results: you get something like:
[elliot@rkbuild rpms]$ sudo rpm -K autofs-4.1.2-1.i386.rpm
autofs-4.1.2-1.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING
Expected Results: should get something like:
[elliot@rkbuild rpms]$ rpm -K autofs-4.1.2-1.i386.rpm
autofs-4.1.2-1.i386.rpm: (sha1) dsa sha1 md5 gpg OK
rsa keys are known to work, RPM-PGP-KEY is an RSA key.
Your problem is either unsupported algorithms or
additional OpenPGP packets, as rpm supports only
a subset of OpenPGP.
The very first thing to check is whether you generated
a version 3 or version 4 key. Only version 3 keys are
supported by rpm.
See the packets that are known supported in the RPM-PGP-KEY
file included in the rpm package.