Why does resigning of third party RPM packages fail?
Issue
- Attempting to resign a third party RPM package results in invalid signature:
# rpm -Kv gskcrypt64-8.0.55.14.linux.x86_64.rpm
gskcrypt64-8.0.55.14.linux.x86_64.rpm:
Header V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)
# rpm --resign gskcrypt64-8.0.55.14.linux.x86_64.rpm
Enter pass phrase:
Pass phrase is good.
gskcrypt64-8.0.55.14.linux.x86_64.rpm:
# rpm -Kv gskcrypt64-8.0.55.14.linux.x86_64.rpm
gskcrypt64-8.0.55.14.linux.x86_64.rpm:
Header V4 DSA/SHA1 Signature, key ID f5300cbc: OK
Verify signature: BAD PARAMETERS (268 0x1b28ce0 280 (nil) 0x1b25fb0) <------
Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
Verify signature: BAD PARAMETERS (1002 0x1b2a320 280 (nil) 0x1b25fb0) <------
MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)
MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)
V4 DSA/SHA1 Signature, key ID f5300cbc: OK
- Attempting to delete the existing signature results in a duplicate digest entry:
# rpm -Kv /gskcrypt64-8.0.55.14.linux.x86_64.rpm
/gskcrypt64-8.0.55.14.linux.x86_64.rpm:
Header V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)
# rpm --delsign /gskcrypt64-8.0.55.14.linux.x86_64.rpm
/gskcrypt64-8.0.55.14.linux.x86_64.rpm:
# rpm -Kv /gskcrypt64-8.0.55.14.linux.x86_64.rpm
/gskcrypt64-8.0.55.14.linux.x86_64.rpm:
Header V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)
MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)
Environment
- Red Hat Enterprise Linux 7
- Third party RPM packages
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.