Kevin.C

`rpm -qip digilent.waveforms_beta_3.22.19.x86_64.rpm` warning: digilent.waveforms_beta_3.22.19.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID eb58bc22: NOKEY Name : digilent.waveforms Version : 3.22.19 Release : 1 Architecture: x86_64 Install Date: (not installed) Group : Engineering/misc Size : 68199451 License : see /usr/share/doc/digilent-waveforms/copyright Signature : RSA/SHA256, Tue Apr 23 11:54:07 2024, Key ID 134da9ebeb58bc22 Source RPM : digilent.waveforms-3.22.19-1.src.rpm Build Date : Mon Apr 22 09:47:27 2024 Build Host : attila-u16-64 Summary : Digilent WaveForms Description : Digilent WaveForms Application, Runtime and SDK. Support for Digilent Scopes & Instruments products. looks fine to me! is this the official 3.22.19 release?

Hi! Following up here -- let me know if I can help answer any more questions! Thank you guys so much for the help here. @JColvin @attila @malexander

Hi, SHA512 is fine! Thank you for the support here -- is there a general timeline for this this being done? When do you guys expect the next beta release for Waveforms to be? Thank you guys, and let me know if i can answer any more questions. @malexander @attila

Thanks, @JColvin! Would love to get this conversation started.

cc @attila Currently unable to run this on CentOS 9 as a result of this, could i get your help with getting the latest beta package signed with SHA256? Thank you so much for the help & support here!

Hey @malexander, just now seeing this! I'm unable to where exactly this is available after surfing through multiple download pages. Could you provide a link for Digilent Waveforms?

Since SHA1 is not secure & and it's disabled by default in centos 9 and later, could we get the beta packages / next major release to be signed with SHA256 instead of SHA1? Thank you for your guys help!

Per title. I see that the public signature is 134da9ebeb58bc22 from running: `rpm -qip *`, warning: digilent.waveforms_beta_3.22.15.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID eb58bc22: NOKEY Name : digilent.waveforms Version : 3.22.15 Release : 1 Architecture: x86_64 Install Date: (not installed) Group : Engineering/misc Size : 68151327 License : see /usr/share/doc/digilent-waveforms/copyright Signature : RSA/SHA1, Tue Apr 2 09:55:35 2024, Key ID 134da9ebeb58bc22 Source RPM : digilent.waveforms-3.22.15-1.src.rpm Build Date : Tue Apr 2 09:55:17 2024 Build Host : attila-u16-64 Summary : Digilent WaveForms But I've been unable to locate where the public key GPG is. So three main questions: 1. What is the GPG public key for x86_64 beta version: 3.22.15 for Digilent Waveforms? 2. How can I validate that the public key is the right one with a package? 3. How can I find the corresponding GPG public keys for other future beta releases? Thank you for the help!

Hey @JColvin, thanks for the response here! One last question: Where could I find the corresponding public key that I can use to verify that the signed beta versions were signed? Looking for a GPG key here

Hi! Where can I find the public key? @attila

Hi! Where can I find the public key?

Hey @JColvin, thank you for the quick response here! This is certainly very useful. Is there anyway that we could get a repository of these that we could pull from?

We're looking to get access to a repository with signed packages for the Digilent Waveforms RPM (the ones that can be downloaded here: https://lp.digilent.com/complete-waveforms-download/). Specifically looking for the x86_64 linux rpm, but the rest of them wouldnt hurt either. Where can I get help with this?