in rpmsignature.c it reads if (rpmReadSignature(fdi, &sig, lead.signature_type, NULL) != RPMRC_OK) { // do stuff.. but it should be if (rpmReadSignature(fdi, &sig, lead.signature_type, NULL) != RPMRC_OK) { exit(1) } // do stuff.. Now, if the sig is read in correctly, it exits with exit code 1
rpmsignature.c ain't been changed for >5 years, while rpm has. I'm not sure this is worh fixing, rpm-4.1 and later use a whole different interface and API; rpmsignature has never been more than an illustration of a now largely defunct (but still present) API. See rpm2cpio.sh for an example of how to extract the signature blob from shell, not hard.