Bug 146896 - Fix for gpg V4 signatures
Fix for gpg V4 signatures
Product: Fedora
Classification: Fedora
Component: rpm (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jeff Johnson
Mike McLean
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2005-02-02 11:56 EST by Michael Schröder
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-02-02 13:32:51 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
proposed patch (5.56 KB, patch)
2005-02-02 11:57 EST, Michael Schröder
no flags Details | Diff

  None (edit)
Description Michael Schröder 2005-02-02 11:56:02 EST
The attached patch makes V4 signatures work
Comment 1 Michael Schröder 2005-02-02 11:57:41 EST
Created attachment 110558 [details]
proposed patch
Comment 2 Jeff Johnson 2005-02-02 13:16:27 EST
Hmm, V4 signatures define the hash differently than V3.
I do not see that change in the patch (but I have not
looked deeply at V4 signatures several years now).

Are you sure that V4 signatures "work"? If so, very very cool!
Comment 3 Michael Schröder 2005-02-02 13:22:56 EST
Yes V4 sigs work with that patch (although the code should probably 
check the signature expiration date and check for signature 
revocations, as gpg does). I was surprised that most of the code was 
already there, just the removal of the ifdef NOTYET in signature.c, 
the V3 error message changes and some bugfixes were required. 
Comment 4 Jeff Johnson 2005-02-02 13:32:51 EST
WORKSFORME! Thanks for identifying my brain fart:

-#ifdef	NOTYET	/* XXX not for binary/text document signatures. */
-	if (sigp->sigtype == 4) {
-	    int nb = dig->nbytes + sigp->hashlen;
+	if (sigp->version == 4) {
+	    int nb = sigp->hashlen;

CHeck in on HEAD and rpm-4_4 momentarily, will be in rpm-4.4.1-0.16
and later when built.

Note You need to log in before you can comment on or make changes to this bug.