Parse RSA header tag for signature info

[wagoodman]

Today there is PGP processing that reads RPMTAG_PGP and populates the PGP field, however the RPMTAG_RSAHEADER is ignored. Moving forward we should expect to see the PGP tag really only being used for legacy cases while the newer RSAHEADER tag to be used more reliably. This PR does not remove the old field or processing but instead adds the PackageInfo.RSAHeader field and applies the same PGP parsing logic that is there today. The only other alteration done was to key PGP v4 vs older shapes based off of a version range check instead of a hardcoded value (otherwise newer versions as used in rockylinux 9 will default to the older pgp data shape).

• By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[wagoodman]

One question I have about this is the ability to get the raw header out (instead of the summarized RSA/SHA1, Tues May 2, ... strings), which would enable signature verification -- is there any interest in adding that as an option?

[knqyf263]

Great. Thanks!

[knqyf263]

One question I have about this is the ability to get the raw header out (instead of the summarized RSA/SHA1, Tues May 2, ... strings), which would enable signature verification -- is there any interest in adding that as an option?

It sounds like a good idea.