OS: CentOS 7.9

Not sure if this is the correct place to log this, but we recently tried to update our existing nvidia-drive-cuda-libs installation and started receiving signature failure messages:

Total size: 60 M
Installed size: 229 M
Is this ok [y/d/N]: y
Downloading packages:
error: skipping package /var/cache/yum/x86_64/7/epel-nvidia/packages/nvidia-driver-cuda-libs-525.89.02-1.el7.x86_64.rpm with unverifiable signature

If we choose to skip gpg-check, yum refuses to install, with no error summary provided.

Transaction check error:
Unknown error during transaction test in RPM

Upon checking https://negativo17.org/repos/RPM-GPG-KEY-slaanesh, it looks like a recent update resulted in a much smaller key. Perhaps the key is corrupt? To confirm, below is the repo we are configured to use:

[epel-nvidia]
name=negativo17 - Nvidia
baseurl=https://negativo17.org/repos/nvidia/epel-$releasever/$basearch/
enabled=1
skip_if_unavailable=1
gpgcheck=1
gpgkey=https://negativo17.org/repos/RPM-GPG-KEY-slaanesh
enabled_metadata=1
metadata_expire=6h
type=rpm-md
repo_gpgcheck=0

Hi, I had an issue with my previous gpg key (~2008, SHA1 based), of course it's no longer up to standards and it's no longer allowed in non-default crypto policies in EL8/EL9/Fedora and in the default one for Fedora 38.

I generated a new ECC based one, which was all good except I forgot to check if ECC was actually supported on old EL releases. Turned out it's not supported by EL7/EL8 and in that case the system can't even assess what type of file the signed RPMs are.

Long story short, reissued a "more modern" GPG key, resigned everything in all repos and reuploaded everything online. It should be fixed now, just clear the cache and you should be asked to import the new key.

Thank you. I have confirmed that the package install works now on CentOS 7.9 after clearing Yum metadata.