From 1c16ac8e1a732619f0f9cfb9f0076010d1174219 Mon Sep 17 00:00:00 2001
From: "Neal H. Walfield" <neal@pep.foundation>
Date: Thu, 24 Mar 2022 14:05:41 +0100
Subject: Force gpg to use SHA256 when generating signatures.

Some versions of gpg appear to default to using SHA512.  This breaks
several tests' assumption that gpg generates a SHA256 hash.  Force gpg
to use SHA256 by passing `--digest-algo sha256` to rpmsign.

Fixes #2002.

(cherry picked from commit 4814bc84c5948d52998f6e33869d53ace9a0e753)
---
 tests/rpmsigdig.at | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at
index 7fab79b1a..d5478080f 100644
--- a/tests/rpmsigdig.at
+++ b/tests/rpmsigdig.at
@@ -533,7 +533,7 @@ AT_CHECK([
 RPMDB_INIT
 
 cp "${RPMTEST}"/data/RPMS/hello-2.0-1.x86_64.rpm "${RPMTEST}"/tmp/
-run rpmsign --key-id 1964C5FC --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
+run rpmsign --key-id 1964C5FC --digest-algo sha256 --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64.rpm > /dev/null
 echo PRE-IMPORT
 runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm|grep -v digest
 echo POST-IMPORT
@@ -560,7 +560,7 @@ AT_CHECK([
 RPMDB_INIT
 
 cp "${RPMTEST}"/data/RPMS/hello-2.0-1.x86_64-signed.rpm "${RPMTEST}"/tmp/
-run rpmsign --key-id 1964C5FC --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64-signed.rpm 2>&1 |grep -q "already contains identical signature, skipping"
+run rpmsign --key-id 1964C5FC --digest-algo sha256 --addsign "${RPMTEST}"/tmp/hello-2.0-1.x86_64-signed.rpm 2>&1 |grep -q "already contains identical signature, skipping"
 ],
 [0],
 [],
@@ -574,7 +574,7 @@ pkg="hello-2.0-1.x86_64.rpm"
 cp "${RPMTEST}"/data/RPMS/${pkg} "${RPMTEST}"/tmp/${pkg}
 dd if=/dev/zero of="${RPMTEST}"/tmp/${pkg} \
    conv=notrunc bs=1 seek=333 count=4 2> /dev/null
-run rpmsign --key-id 1964C5FC --addsign "${RPMTEST}/tmp/${pkg}" >/dev/null 2> stderr
+run rpmsign --key-id 1964C5FC --digest-algo sha256 --addsign "${RPMTEST}/tmp/${pkg}" >/dev/null 2> stderr
 echo $?
 grep -c "error: not signing corrupt package " stderr
 runroot rpmkeys -Kv /tmp/hello-2.0-1.x86_64.rpm
-- 
cgit v1.2.1