软件包完整性校验返回WARNING或FAIL
软件包完整性校验如果返回WARNING或FAIL,则表示验证未通过,请参见表1处理建议解决。
验证结果场景 |
输出信息举例 |
验证结果 |
处理建议 |
|---|---|---|---|
签名验证通过,没有异常 |
gpg: Signature made Thu Jan 9 15:29:06 2014 CST using gpg: Good signature from "OpenPGP signature key for Huawei software (created on 30th Dec,2013) <support@huawei.com>" |
PASS |
NA |
签名验证失败 |
gpg: Signature made Thu Jan 9 15:29:06 2014 CST using RSA key ID 27A74824 gpg: BAD signature from "OpenPGP signature key for Huawei software (created on 30th Dec,2013) <support@huawei.com>" |
FAIL |
重新下载目标文件。 |
找不到公钥 |
gpg: Signature made Thu Jan 9 15:20:01 2014 CST using RSA key ID 27A74824 gpg: Can't check signature: public key not found |
FAIL |
重新下载公钥,请参见“安装鲲鹏DevKit>软件数字签名”章节。 |
签名验证通过,但是公钥没有被设置为完全信任 |
gpg: Signature made Thu Jan 9 15:29:06 2014 CST using RSA key ID 27A74824 gpg: Good signature from "OpenPGP signature key for Huawei software (created on 30th Dec,2013) <support@huawei.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B100 0AC3 8C41 525A 19BD C087 99AD 81DF 27A7 4824 |
WARNING |
确认key ID为27A74824后,将华为公钥设置为可信,请参见“安装鲲鹏DevKit>软件数字签名”章节。 |
找不到对应的源文件 |
gpg: no signed data gpg: can't hash datafile: No data |
FAIL |
重新下载目标文件。 |
签名已到期 |
gpg: Signature made 04/24/13 10:50:29 CST using RSA key ID 133B64E5 gpg: Expired signature from " OpenPGP signature test key <support@huawei.com>" gpg: Signature expired 04/25/13 10:50:29 CST |
FAIL |
下载更新过签名的目标文件。 |
签名验证通过,但是公钥已被撤销 |
gpg: Signature made 06/13/13 11:14:49 CST using RSA key ID 133B64E5 gpg: Good signature from " OpenPGP signature test key <support@huawei.com>" gpg: WARNING: This key has been revoked by its owner! gpg: This could mean that the signature is forged. gpg: reason for revocation: Key is no longer used gpg: revocation comment: |
WARNING |
下载最新公钥和更新了签名的目标文件。 |
源文件找不到对应的签名文件 |
无 |
WARNING |
下载目标文件对应的签名文件。 |