[Pkg-rust-maintainers] Bug#969590: sqop: Cannot use certificates for signature verification?
Guillem Jover
guillem at debian.org
Sat Sep 5 16:20:26 BST 2020
Package: sqop
Version: 0.17.0-2
Severity: normal
Hi!
I was trying out sqop, to potentially add native support for it into
dpkg-dev, but when trying to verify a signature, it does not seem work
as expected and I'm at a loss due to the lack of man page (see the
other report :).
$ apt source libbsd
$ sqop verify libbsd_0.10.0.orig.tar.xz.asc \
libbsd-0.10.0/debian/upstream/signing-key.asc \
< libbsd_0.10.0.orig.tar.xz
Missing key 4F3E74F436050C10F5696574B972BF3EA4AE57A3, which is needed to verify signature.
No acceptable signatures found
$ sqop verify libbsd_0.10.0.orig.tar.xz.asc \
/usr/share/keyrings/debian-keyring.gpg \
< libbsd_0.10.0.orig.tar.xz
Failed to load key from file "/usr/share/keyrings/debian-keyring.gpg"
because: Invalid data type
(The error message output looks a bit mangled too.)
The latter does work with sqv, so its failure here is rather
confusing, and I'm not sure what to pass instead.
Thanks,
Guillem
More information about the Pkg-rust-maintainers
mailing list