Why does resigning of third party RPM packages fail?

Issue

Attempting to resign a third party RPM package results in invalid signature:

# rpm -Kv gskcrypt64-8.0.55.14.linux.x86_64.rpm 
gskcrypt64-8.0.55.14.linux.x86_64.rpm:
    Header V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
    Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
    V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
    MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)

# rpm --resign gskcrypt64-8.0.55.14.linux.x86_64.rpm
Enter pass phrase: 
Pass phrase is good.
gskcrypt64-8.0.55.14.linux.x86_64.rpm:

# rpm -Kv gskcrypt64-8.0.55.14.linux.x86_64.rpm 
gskcrypt64-8.0.55.14.linux.x86_64.rpm:
    Header V4 DSA/SHA1 Signature, key ID f5300cbc: OK
    Verify signature: BAD PARAMETERS (268 0x1b28ce0 280 (nil) 0x1b25fb0)   <------
    Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
    Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
    Verify signature: BAD PARAMETERS (1002 0x1b2a320 280 (nil) 0x1b25fb0)  <------
    MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)
    MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)
    V4 DSA/SHA1 Signature, key ID f5300cbc: OK

Attempting to delete the existing signature results in a duplicate digest entry:

# rpm -Kv /gskcrypt64-8.0.55.14.linux.x86_64.rpm 
/gskcrypt64-8.0.55.14.linux.x86_64.rpm:
    Header V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
    Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
    V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
    MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)

# rpm --delsign /gskcrypt64-8.0.55.14.linux.x86_64.rpm 
/gskcrypt64-8.0.55.14.linux.x86_64.rpm:

# rpm -Kv /gskcrypt64-8.0.55.14.linux.x86_64.rpm 
/gskcrypt64-8.0.55.14.linux.x86_64.rpm:
    Header V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
    Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
    Header SHA1 digest: OK (139b6d610c4a89190ed703052b595704aa56f53e)
    V3 RSA/SHA256 Signature, key ID fbbfca9c: NOKEY
    MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)
    MD5 digest: OK (8ee06cbe4830ba470236ab13d2228470)

Environment

Red Hat Enterprise Linux 7
Third party RPM packages

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Select Your Language

Why does resigning of third party RPM packages fail?

Issue

Environment

Subscriber exclusive content

Current Customers and Partners

New to Red Hat?

Using a Red Hat product through a public cloud?

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Issue

Environment

Subscriber exclusive content

Current Customers and Partners

New to Red Hat?

Using a Red Hat product through a public cloud?

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links