Red Hat Bugzilla – Bug 123650
[PATCH] b64encode() doesn't like leading NUL (was 'tgpg' fails to check some packages)
Last modified: 2007-11-30 17:10:42 EST
Description of problem:
is signed correctly, but 'tgpg' fails because of a malformed CRC.
| # wget http://www.fedora.us/FEDORA-GPG-KEY
| # rpm --import FEDORA-GPG-KEY
| # gpg --import FEDORA-GPG-KEY
| # wget http://download.fedora.us/fedora/fedora/2/i386/RPMS.stable/lzo-1.08-0.fdr.2.2.i386.rpm
| # rpm -K lzo-1.08-0.fdr.2.2.i386.rpm
| lzo-1.08-0.fdr.2.2.i386.rpm: (sha1) dsa sha1 md5 gpg OK
| # /usr/lib/rpm/tgpg lzo-1.08-0.fdr.2.2.i386.rpm
| gpg: malformed CRC
I know some other rpms also:
Btw, it would be nice when 'tgpg' could be used in scripts. E.g. be
more quietly and return a meaningful return code.
Version-Release number of selected component (if applicable):
Fedora Core 2 is now maintained by the Fedora Legacy project for
security updates only. If this problem is a security issue, please
reopen and reassign to the Fedora Legacy product. If it is not a
security issue and hasn't been resolved in the current FC3 updates or
in the FC4 test release, reopen and change the version to match.
gnupg-1.4.1-1 handles the rpm armored output correctly,
but that looks like the two bugs cancelling each other.
The RPM output doesn't seem to be a valid ASCII armor,
Created attachment 113689 [details]
Don't return "" for binary data starting with NUL
The attached patch (I'll send it upstream shortly) fixes b64encode().
The check for "" is invalid for binary data. For NUL-terminated
data it is superfluous, the function does the right thing for zero-length
Paul, if you want me to build an updated package, just yell.
Mitr - if you could build a beecrypt with this in that'd be great.