Re: rpmbuild signature check failure

2019-11-14 Thread Björn Persson
Björn Persson wrote: >Baxi wrote: >> Hi. I am trying to package a program. The upstream provided sha256sum.asc >> file. Verifying tarball with that signature says, Can't check signature: No >> public key. I found his public key in key directory by searching his email >> and added that key. Now g

Re: rpmbuild signature check failure

2019-11-10 Thread Björn Persson
Baxi wrote: > Hi. I am trying to package a program. The upstream provided sha256sum.asc > file. Verifying tarball with that signature says, Can't check signature: No > public key. I found his public key in key directory by searching his email > and added that key. Now gpg says Bad signature from

Re: rpmbuild signature check failure

2019-11-09 Thread Baxi
That's right because I have a signature not a checksum. On Nov 10, 2019 10:19, Vascom wrote:It is about signatures, not checksums.вс, 10 нояб. 2019 г., 9:47 Baxi :I followed fedora source file verification and there was nothing about SHA checksum verification. Also it is 2048

Re: rpmbuild signature check failure

2019-11-09 Thread Vascom
It is about signatures, not checksums. вс, 10 нояб. 2019 г., 9:47 Baxi : > I followed fedora source file verification and there was nothing about SHA > checksum verification. Also it is 2048 bits long so I doubt it is SHA256 > checksum file. > > > https://docs.fedoraproject.org/en-US/packaging-gu

Re: rpmbuild signature check failure

2019-11-09 Thread Baxi
I followed fedora source file verification and there was nothing about SHA checksum verification. Also it is 2048 bits long so I doubt it is SHA256 checksum file.https://docs.fedoraproject.org/en-US/packaging-guidelines/#_source_file_verificationOn Nov 10, 2019 10:05, Vascom wrote:May be you need

Re: rpmbuild signature check failure

2019-11-09 Thread Vascom
May be you need use sha256sum instead gpg? вс, 10 нояб. 2019 г., 9:17 Baxi : > Hi. I am trying to package a program. The upstream provided sha256sum.asc > file. Verifying tarball with that signature says, Can't check signature: No > public key. I found his public key in key directory by searching

rpmbuild signature check failure

2019-11-09 Thread Baxi
Hi. I am trying to package a program. The upstream provided sha256sum.asc file. Verifying tarball with that signature says, Can't check signature: No public key. I found his public key in key directory by searching his email and added that key. Now gpg says Bad signature from that person. Also upst