From: Jacob Bachmeyer <jcb@gnu.org>
Date: Sat, 12 Nov 2022 03:21:56 +0000 (-0600)
Subject: Use new detached signature verification
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=2eeeb629eaf3ab258b0c69519eba09dabee66b11;p=gatekeeper.git

Use new detached signature verification
---

diff --git a/gatekeeper.pl b/gatekeeper.pl
index 280068e..b2efe10 100755
--- a/gatekeeper.pl
+++ b/gatekeeper.pl
@@ -2419,18 +2419,10 @@ sub check_files {
     summary => "no keyring for package $header->{package}"
       unless @keyrings;
 
-  my $valid = 0;
-  foreach my $keyring (@keyrings) {
-    # Verify that the file has been correctly signed with a valid signature.
-    my @gpgv_args = ('--keyring' => $keyring, $sig_file, $upload_file);
-    if (0 == system { GPGV_BIN } 'gpgv', @gpgv_args) {
-      $valid = 1;
-      last;
-    }
-  }
+  my $sig_info = verify_detached_signature($upload_file, $sig_file, @keyrings);
   throw signature_error => sig_info => undef,
     summary => "gpg verify of upload file ($header->{filename}) failed"
-      unless $valid;
+      if $sig_info->{exitcode} != 0 || defined $sig_info->{TILT};
 
   check_vulnerabilities($upload_file);