> On Sep 23, 2015, at 1:55 PM, Divya Vyas <edivya.v...@gmail.com> wrote: > > > Hi, > > root@host:~# gpg --list-keys > gpg: /home/root/.gnupg/trustdb.gpg: trustdb created > > root@host:~# rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> > %{summary}\n' > package gpg-pubkey is not installed > > I dont have the keys installed on my host. Why rpm command is saying > > root@host:~# rpm -K -v pth-2.0.7-r3.1.x86_64.rpm > pth-2.0.7-r3.1.x86_64.rpm: > Header V4 RSA/SHA1 signature: OK, key ID 8b5cccb3 > Header SHA1 digest: OK (c326a31810f026daac89aa4fd7928c3b574671ea) > MD5 digest: BAD Expected(bdaefdc3ddfd1c4ab4fabdd48c117fb800) != > (bdaefdc3ddfd1c4ab4fabdd48c117fb8) > > I am signing my rpms ( rpm --addsign) on target with key id 8b5cccb3 and > copying to host. How md5 appended to extended zeros. > > @target > > rpm -K -v pth-2.0.7-r3.1.x86_64.rpm > pth-2.0.7-r3.1.x86_64.rpm: > Header V4 RSA/SHA1 Signature, key ID 8b5cccb3: OK > Header SHA1 digest: OK ( > c326a31810f026daac89aa4fd7928c3b574671ea) > V4 RSA/SHA1 Signature, key ID 8b5cccb3: OK > MD5 digest: OK (bdaefdc3ddfd1c4ab4fabdd48c117fb8) > > Target is rpm 4.9 and host is rpm 5.4 > > Why two extra zeros >
(as described privately) There was a subtle alignment/padding problem that manifested itself with the size of the MD5 header+payload digest ending up as 17 bytes with additional signature tags added to the signature header. Fixed ~1.5y ago in rpm-5.4.15. 73 de Jeff______________________________________________________________________ RPM Package Manager http://rpm5.org User Communication List rpm-users@rpm5.org