FS#56194 - GPG - Support new format packet
Attached to Project:
Pacman
Opened by Morten Linderud (Foxboron) - Wednesday, 01 November 2017, 11:53 GMT
Last edited by Allan McRae (Allan) - Tuesday, 06 February 2018, 01:19 GMT
Opened by Morten Linderud (Foxboron) - Wednesday, 01 November 2017, 11:53 GMT
Last edited by Allan McRae (Allan) - Tuesday, 06 February 2018, 01:19 GMT
|
Details
Summary and Info:
There are two types of packet formats for openpgp. pacman only supports the old format packet https://tools.ietf.org/html/rfc4880#section-4.2.2 Relevant code section: https://git.archlinux.org/pacman.git/tree/lib/libalpm/signing.c#n1002 New format packet: $ gpg --list-packets pass-otp-1.0.0-1-any.pkg.tar.xz.sig # off=0 ctb=c2 tag=2 hlen=3 plen=540 new-ctb :signature packet: algo 1, keyid 9C02FF419FECBE16 version 4, created 1509025693, md5len 0, sigclass 0x00 digest algo 8, begin of digest 42 2b hashed subpkt 2 len 4 (sig created 2017-10-26) hashed subpkt 16 len 8 (issuer key ID 9C02FF419FECBE16) data: [4094 bits] Steps to Reproduce: Add repository http://pkgbuild.com/~foxboron/repos/x86_64/ attempt to install pass-otp, signature will fail. Signature is created with the golang openpgp implementaton by this project: https://github.com/Foxboron/clave |
This task depends upon
Closed by Allan McRae (Allan)
Tuesday, 06 February 2018, 01:19 GMT
Reason for closing: Implemented
Additional comments about closing: git commit e8462a4f
Tuesday, 06 February 2018, 01:19 GMT
Reason for closing: Implemented
Additional comments about closing: git commit e8462a4f
$ sudo pacman -S foxboron/pass-otp
resolving dependencies...
looking for conflicting packages...
Package (1) New Version Net Change
foxboron/pass-otp 1.0.0-1 0.01 MiB
Total Installed Size: 0.01 MiB
:: Proceed with installation? [Y/n]
(1/1) checking keys in keyring [#############################] 100%
error: pass-otp: unsupported signature format
(0/1) checking package integrity
(1/1) checking package integrity [#############################] 100%
(1/1) loading package files [#############################] 100%
(1/1) checking for file conflicts [#############################] 100%
(1/1) checking available disk space [#############################] 100%
:: Processing package changes...
(1/1) installing pass-otp [#############################] 100%
Optional dependencies for pass-otp
qrencode: for generating QR code images [installed]
https://lists.archlinux.org/pipermail/pacman-dev/2018-January/022249.html