verify-sig.eclass: Revert "Use gemato openpgp-verify-detached"

This is causing verification failures when verifying old signatures made with now-expired keys. Reverts: 75ea89a Bug: https://bugs.gentoo.org/894164 Signed-off-by: Michał Górny <[email protected]>
johu · Feb 13, 2023 · 014a26b · 014a26b
1 parent e046fb0
commit 014a26b
Showing 1 changed file with 4 additions and 6 deletions.
diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass
@@ -65,9 +65,8 @@ case ${VERIFY_SIG_METHOD} in
 		BDEPEND="
 			verify-sig? (
 				app-crypt/gnupg
-				>=app-portage/gemato-18.0
-			)
-		"
+				>=app-portage/gemato-16
+			)"
 		;;
 	signify)
 		BDEPEND="verify-sig? ( app-crypt/signify )"
@@ -145,9 +144,8 @@ verify-sig_verify_detached() {
 			# gpg can't handle very long TMPDIR
 			# https://bugs.gentoo.org/854492
 			local -x TMPDIR=/tmp
-			gemato openpgp-verify-detached -K "${key}" \
-				"${extra_args[@]}" \
-				"${sig}" "${file}" ||
+			gemato gpg-wrap -K "${key}" "${extra_args[@]}" -- \
+				gpg --verify "${sig}" "${file}" ||
 				die "PGP signature verification failed"
 			;;
 		signify)