Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 2967

Summary: Summary: rpm-2.5.5 --sign fails with certain PGP pass phrases
Product: [Retired] Red Hat Linux Reporter: kevinc
Component: rpmAssignee: Jeff Johnson <jbj>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5.1CC: kevinc
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 1999-08-30 23:28:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description kevinc 1999-05-22 15:23:38 UTC 
When trying 'rpm --resign -vv foo.i386.rpm' while my
PGP passphrase is "99%secret" produces the following.

   Enter pass phrase:

   Error:  Bad pass phrase.
   Signature error

   For a usage summary, type:  pgp -h
   For more detailed help, consult the PGP User's Guide.
   Pass phrase check failed

PGP accepts the very same pass phrase above as valid -- yes,
I'm certain.  When I change my PGP pass phrase to something
else, "baddog" for instance, then the same RPM command
renders:

   Enter pass phrase:

   Key for user ID: Kevin Cosgrove <kevinc>
   1024-bit key, Key ID 14897F55, created 1996/01/31
   Also known as: Kevin Cosgrove <kevinc.tek.com>
   Also known as: Kevin Cosgrove <kevinc>
   Also known as: Kevin Cosgrove
<kevinc.tek.com>
   Also known as: Kevin Cosgrove <Kevin.E.Cosgrove>
   Pass phrase is good.
   xpt-1.11-1.src.rpm:
   D: New Header signature
   D: Signature size: 236
   D: Signature pad : 4
   D: sigsize         : 240
   D: Header + Archive: 17538
   D: expected size   : 17538
   Generating signature: 1002

   Key for user ID: Kevin Cosgrove <kevinc>
   1024-bit key, Key ID 14897F55, created 1996/01/31
   Also known as: Kevin Cosgrove <kevinc.tek.com>
   Also known as: Kevin Cosgrove <kevinc>
   Also known as: Kevin Cosgrove
<kevinc.tek.com>
   Also known as: Kevin Cosgrove <Kevin.E.Cosgrove>
   D: PGP sig size: 152
   D: Got 152 bytes of PGP sig
   D: Signature size: 236
   D: Signature pad : 4


Thanks.....
Comment 1 Jeff Johnson 1999-05-22 20:07:59 UTC 
OK, thanks for reporting. News at 11 ...
Comment 2 Jeff Johnson 2001-07-28 11:46:44 UTC 
The '%' in the password is/was almost certainly the problem.