Red Hat Bugzilla – Bug 205080
cannot import bill stearns key with rpm --import
Last modified: 2008-01-25 12:27:15 EST
Description of problem:
When I try to import bill stearns' key (0xf322929d) which I got from this
All I see is the message 'error: stearns-key.txt: import failed.'. Adding -vv
does not get any extra useful information.
I can import this same key into gpg without any problem. Exporting the key
from gpg with: gpg --armor --export > foo.key
and then trying to import foo.key does not work either.
Version-Release number of selected component (if applicable):
RPM version 4.4.2
Steps to Reproduce:
1. rpm --import stearns-key.txt
error: stearns-key.txt: import failed.
attaching offending key
Created attachment 135468 [details]
this is the copy of the key I am working with
Created attachment 135470 [details]
Dump of the pubkey
A dump of the PGP packets in the pubkey.
The keyid is being set inappropriately, the command
rpm --import stearns
mis-identifies the keyid as 0x1b912a8c rather than
The cause of the bug is that there are v4 certification signatures on a v3 pubkey.
The simplest work around is to import the pubkey into gpg,
and edit out the certification signatures, leaving only the original
Off to fix the root problem ...
In fact, the last packet is what is unusual about Bill Stearns' pubkey:
V4 Signature(2) DSA(17) SHA1(2) Positive certification of a User ID and Public Key(19)
signature creation time(2) Sun May 5 22:56:21 2002(0x3cd5f0d5)
issuer key ID(16) 826ba3aa1b912a8c
r = [ 157]: 1a5d9c7b37d43ada64465ebad22cbfe83e0bf4d4
s = [ 159]: 6cba2ee7ffa55cffb754dab82816b72a4d36b383
Lose that packet (by editing with gpg) and the rest of the pubkey can probably be used as is
*** Bug 205081 has been marked as a duplicate of this bug. ***
Actually the problem is more fundamental, the last 8 bytes of the RSA modulus are the V3 pubkey keyid,
and that cannot be corrected by editing the pubkey. Apologies for my confusion.
Fixed in rpm cvs, will be in rpm-4.4.7. Thanks for reporting.
User firstname.lastname@example.org's account has been closed
Reassigning to owner after bugzilla made a mess, sorry about the noise...
Moving to devel, FC5 is EOL...
*** Bug 220448 has been marked as a duplicate of this bug. ***
Fixed in 22.214.171.124-0.1.rc1 in rawhide (finally). Thanks to Jeff for the fix.