Bug 274941 - Got error "secret key not available" when signing RPMs
Got error "secret key not available" when signing RPMs
Status: CLOSED WORKSFORME
Product: Fedora
Classification: Fedora
Component: rpm (Show other bugs)
7
x86_64 Linux
medium Severity low
: ---
: ---
Assigned To: Panu Matilainen
Fedora Extras Quality Assurance
:
: 274931 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-09-03 03:47 EDT by Ashish Shukla
Modified: 2008-01-28 02:44 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-28 02:44:44 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
.rpmmacros from my box (298 bytes, text/plain)
2007-09-03 03:47 EDT, Ashish Shukla
no flags Details

  None (edit)
Description Ashish Shukla 2007-09-03 03:47:09 EDT
Description of problem:
Unable to sign any RPMs with GPG key.

Version-Release number of selected component (if applicable):
gnupg2-2.0.5.x86_64
gnupg-1.4.7.x86_64
rpm-4.4.2.1.x86_64


How reproducible:
Reproducible every time.

Steps to Reproduce:
1. Download any RPM. e.g.

[wahjava@chatteau ~]$ wget
http://wahjava.googlepages.com/apt-cacher-1.5.3-1fc6.noarch.rpm
--13:10:15--  http://wahjava.googlepages.com/apt-cacher-1.5.3-1fc6.noarch.rpm
           => `apt-cacher-1.5.3-1fc6.noarch.rpm'
Resolving wahjava.googlepages.com... 72.14.203.118
Connecting to wahjava.googlepages.com|72.14.203.118|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 59,990 (59K) [application/octet-stream]

100%[===============================================================>] 59,990  
     17.86K/s    ETA 00:00

13:10:21 (17.81 KB/s) - `apt-cacher-1.5.3-1fc6.noarch.rpm' saved [59990/59990]

2. Sign it with "rpm --addsign" .

[wahjava@chatteau ~]$ rpm --addsign apt-cacher-1.5.3-1fc6.noarch.rpm 
Enter pass phrase: 
Pass phrase is good.
apt-cacher-1.5.3-1fc6.noarch.rpm:
gpg: WARNING: standard input reopened
gpg: skipped "Ashish Shukla (आशीष शुक्ल) <wahjava@gmail.com>":
secret key not available
gpg: signing failed: secret key not available
error: gpg exec failed (2)

Actual results:

Got error.

Expected results:

No error.

Additional info:

[wahjava@chatteau ~]$ echo Hello, World |gpg --armor -sb

You need a passphrase to unlock the secret key for
user: "Ashish Shukla (आशीष शुक्ल) <wahjava@gmail.com>"
1024-bit DSA key, ID 762E5E74, created 2006-11-25

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQBG27r2Hy+EEHYuXnQRApqtAJ4pCcS/aLG9tO5qXO5d2Pbfzx675QCg5LRm
Zp54swwnYqBFEnMG43coaeU=
=q3l7
-----END PGP SIGNATURE-----
Comment 1 Ashish Shukla 2007-09-03 03:47:09 EDT
Created attachment 185111 [details]
.rpmmacros from my box
Comment 2 Jeff Johnson 2007-09-03 09:08:20 EDT
This seems to be a gpg error with stdin usage.
Comment 3 Panu Matilainen 2007-09-03 09:18:52 EDT
*** Bug 274931 has been marked as a duplicate of this bug. ***
Comment 4 Panu Matilainen 2007-09-05 08:45:07 EDT
I do get the warning about stdin reopened too, but other than that worksforme...

I'd guess the issue is with mixed up encodings wrt gpg_name (at least here the
output for this is very strange):
"gpg: skipped "Ashish Shukla (आशीष शुक्ल) "

Try using the following instead of what you have now in ~/.rpmmacros:
%_gpg_name <wahjava@gmail.com>
Comment 5 Panu Matilainen 2007-09-05 10:11:28 EDT
BTW here's the explanation about the gpg "stdin reopened" complaint, dunno...
http://lists.gnupg.org/pipermail/gnupg-commits/2006-May/006485.html

Comment 6 Ashish Shukla 2007-09-05 10:49:53 EDT
%_gpg_name <wahjava@gmail.com>

Well above worked. But %_gpg_name with Unicode comment also used to work 
earlier.

What I suspect is that Unicode support in rpm is broken in this version, as 
you can see how "rpm --addsign" emitted Unicode characters, looks like "rpm" 
is assuming ISO-8859-1 encoding. Whereas "gpg" emitted expected Unicode 
characters. And both snippets are copy-pasted from same "xterm" instance. What 
say ? Hmm... ?
Comment 7 Panu Matilainen 2007-09-06 01:11:53 EDT
The related code in rpm hasn't changed in ages, I'd say it's just copy-paste
into editor having messed up things (wouldn't be the first time), ~/.rpmmacros
encoding being non UTF-8 or something like that.
Comment 8 Ashish Shukla 2007-09-09 15:09:46 EDT
-- begin dump --
[wahjava@chatteau ~]$ hexdump -C .rpmmacros
00000000  25 5f 74 6f 70 64 69 72  20 20 20 20 20 20 25 28  |%_topdir      %(|
00000010  65 63 68 6f 20 24 48 4f  4d 45 29 2f 72 70 6d 62  |echo $HOME)/rpmb|
00000020  75 69 6c 64 0a 25 5f 73  6d 70 5f 6d 66 6c 61 67  |uild.%_smp_mflag|
00000030  73 20 20 2d 6a 33 0a 25  5f 5f 61 72 63 68 5f 69  |s  -j3.%__arch_i|
00000040  6e 73 74 61 6c 6c 5f 70  6f 73 74 20 20 20 2f 75  |nstall_post   /u|
00000050  73 72 2f 6c 69 62 2f 72  70 6d 2f 63 68 65 63 6b  |sr/lib/rpm/check|
00000060  2d 72 70 61 74 68 73 20  20 20 2f 75 73 72 2f 6c  |-rpaths   /usr/l|
00000070  69 62 2f 72 70 6d 2f 63  68 65 63 6b 2d 62 75 69  |ib/rpm/check-bui|
00000080  6c 64 72 6f 6f 74 0a 25  5f 73 69 67 6e 61 74 75  |ldroot.%_signatu|
00000090  72 65 20 67 70 67 0a 25  5f 67 70 67 5f 70 61 74  |re gpg.%_gpg_pat|
000000a0  68 20 2f 68 6f 6d 65 2f  77 61 68 6a 61 76 61 2f  |h /home/wahjava/|
000000b0  2e 67 6e 75 70 67 0a 25  5f 67 70 67 5f 6e 61 6d  |.gnupg.%_gpg_nam|
000000c0  65 20 41 73 68 69 73 68  20 53 68 75 6b 6c 61 20  |e Ashish Shukla |
000000d0  28 e0 a4 86 e0 a4 b6 e0  a5 80 e0 a4 b7 20 e0 a4  |(............ ..|
000000e0  b6 e0 a5 81 e0 a4 95 e0  a5 8d e0 a4 b2 29 20 3c  |.............) <|
000000f0  77 61 68 6a 61 76 61 40  67 6d 61 69 6c 2e 63 6f  |wahjava@gmail.co|
00000100  6d 3e 0a 25 5f 67 70 67  62 69 6e 20 2f 75 73 72  |m>.%_gpgbin /usr|
00000110  2f 62 69 6e 2f 67 70 67  0a 25 64 69 73 74 20 20  |/bin/gpg.%dist  |
00000120  20 20 20 20 20 20 66 63  37 0a                    |      fc7.|
0000012a
-- end dump --

Above is the hex dump of my ".rpmmacros". Doesn't it look like UTF-8 encoded 
file, hmm... I know UTF-8 BOM is missing, but it used to work without BOM 
also.
Comment 9 Panu Matilainen 2008-01-28 02:44:44 EST
Rpm doesn't know anything about UTF-8 BOM, the current locale is used.
Likely a mismatch between the locale (well character encoding) between
.rpmmacros creation vs your current one, but I don't see a bug here...

Note You need to log in before you can comment on or make changes to this bug.