eclass/verify-sig: Sync with Gentoo

It's from Gentoo commit b36318ddfa467f2a65f6755bb5490a3f3527d0d3. Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
2026-05-05 04:06:33 +02:00 · 2025-11-03 07:11:10 +00:00 · 2025-11-03 07:11:10 +00:00 · e0d411bcd2
commit e0d411bcd2
parent 774014f77c
1 changed files with 7 additions and 3 deletions
--- a/sdk_container/src/third_party/portage-stable/eclass/verify-sig.eclass
+++ b/sdk_container/src/third_party/portage-stable/eclass/verify-sig.eclass
@ -58,7 +58,7 @@ IUSE="verify-sig"
 # Signature verification method to use.  The allowed value are:
 #
 #  - minisig -- verify signatures with (base64) Ed25519 public key using app-crypt/minisign
-#  - openpgp -- verify PGP signatures using app-crypt/gnupg (the default)
+#  - openpgp -- verify PGP signatures using app-alternatives/gpg (the default)
 #  - sigstore -- verify signatures using dev-python/sigstore
 #  - signify -- verify signatures with Ed25519 public key using app-crypt/signify
 : "${VERIFY_SIG_METHOD:=openpgp}"
@ -70,7 +70,10 @@ case ${VERIFY_SIG_METHOD} in
 	openpgp)
 		BDEPEND="
 			verify-sig? (
-				app-crypt/gnupg
+				|| (
+					app-alternatives/gpg
+					app-crypt/gnupg[-alternatives(-)]
+				)
 				>=app-portage/gemato-20
 			)
 		"
@ -276,7 +279,7 @@ verify-sig_verify_message() {
 			# https://bugs.gentoo.org/854492
 			local -x TMPDIR=/tmp
 			gemato gpg-wrap -K "${key}" "${extra_args[@]}" -- \
-				gpg --verify --output="${output_file}" "${file}" ||
+				"${GNUPG:-gpg}" --verify --output="${output_file}" "${file}" ||
 				die "PGP signature verification failed"
 			;;
 		signify)
@ -380,6 +383,7 @@ _gpg_verify_signed_checksums() {

 	verify-sig_verify_unsigned_checksums - "${algo}" "${files}" < <(
 		verify-sig_verify_message "${checksum_file}" - "${key}"
+		echo
 	)
 }