Backport multiple signature support to 4.20 #3713

ffesti · 2025-04-10T07:54:40Z

Multiple signature support will allow using both current and future (post quantum) signatures in a package. As 4.20 will be round for quite a while we want the multiple signature support there, too.

pmatilai · 2025-05-26T07:18:07Z

AC:

rpmsign supports --addsign/--resign/--delsign with rpm v6 signatures
rpmsign can properly handle v4 and v6 package signing:
- signing defaults vs --rpmv4 and --rpmv6 requests
- signature space reservation tag differs between v4 and v6 packages
rpm can verify rpm v4 and v6 signatures on v4 and v6 packages

ffesti added backport crypto Signatures, keys, hashes and their verification labels Apr 10, 2025

ffesti self-assigned this Apr 10, 2025

ffesti added this to RPM Apr 10, 2025

github-project-automation bot moved this to Backlog in RPM Apr 10, 2025

ffesti moved this from Backlog to In Progress in RPM Apr 10, 2025

ffesti mentioned this issue Apr 10, 2025

Backport multiple signatures to 4.20 #3715

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Backport multiple signature support to 4.20 #3713

Backport multiple signature support to 4.20 #3713

ffesti commented Apr 10, 2025

pmatilai commented May 26, 2025

Uh oh!

Backport multiple signature support to 4.20 #3713

Backport multiple signature support to 4.20 #3713

Comments

ffesti commented Apr 10, 2025

pmatilai commented May 26, 2025

Uh oh!