tika-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Luis (JIRA)" <j...@apache.org>
Subject [jira] [Created] (TIKA-1345) Bad signature in gpg, md5 and sha1 verification
Date Thu, 19 Jun 2014 16:20:24 GMT
Luis created TIKA-1345:
--------------------------

             Summary: Bad signature in gpg, md5 and sha1 verification
                 Key: TIKA-1345
                 URL: https://issues.apache.org/jira/browse/TIKA-1345
             Project: Tika
          Issue Type: Bug
          Components: packaging
    Affects Versions: 1.5
            Reporter: Luis


Either source and jar files show the same "BAD signature warning":

$ gpg --import KEYS                 
gpg: key A355A63E: "Jukka Zitting <jukka@apache.org>" not changed
gpg: key B876884A: "Chris Mattmann (CODE SIGNING KEY) <mattmann@apache.org>" not changed
gpg: key 9740DD55: "David Meikle (CODE SIGNING KEY) <dmeikle@apache.org>" not changed
gpg: key AEA8C6AB: "David Meikle (CODE SIGNING KEY) <dmeikle@apache.org>" not changed
gpg: key 0EB30B07: "David Meikle (CODE SIGNING KEY) <dmeikle@apache.org>" not changed
gpg: Número total processado: 5
gpg:              não modificados: 5


$ gpg --verify tika-app-1.5.jar.asc 
gpg: Signature made Dom 09 Fev 2014 21:42:27 WET using RSA key ID 0EB30B07
gpg: BAD signature from "David Meikle (CODE SIGNING KEY) <dmeikle@apache.org>"


And md5sum and sha1sum show different hashes for files.  I used firefox to download them and
then wget to confirm it was not an issue regarding the download client.

$ md5sum tika-1.5-src.zip
649b68df4fe628ea4a83da0e71542dbf  tika-1.5-src.zip
>From the site: MD5: 48477b2e70e0e62ece09af7ada5037fa

$ md5sum tika-app-1.5.jar
06e48845d4f2bfcc9c1f5c395ef90790  tika-app-1.5.jar
>From the site: MD5: 2124a77289efbb30e7228c0f7da63373




--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message