Use apt's trusted.gpg for pkg verification

6 years ago · 3b34603b56
1 changed files with 2 additions and 2 deletions
--- a/build-package.sh
+++ b/build-package.sh
@ -524,12 +524,12 @@ termux_step_get_repo_files() {
 			done<SYMLINKS.txt
 			rm SYMLINKS.txt
 		)
+		# Import Fornwalls key:
+		gpg --import packages/apt/trusted.gpg
 		(
 			cd ${TERMUX_COMMON_CACHEDIR}
 			curl --fail -LO "$TERMUX_REPO_URL/$TERMUX_REPO_DISTRIBUTION/InRelease" \
 			    || termux_error_exit "Download of $TERMUX_REPO_URL/$TERMUX_REPO_DISTRIBUTION/InRelease failed"
-			# Import Fornwalls key:
-			gpg -k $TERMUX_REPO_SIGNING_KEY 2>/dev/null || gpg --keyserver pool.sks-keyservers.net --recv $TERMUX_REPO_SIGNING_KEY
 			gpg --verify InRelease
 		)
 		for arch in all $TERMUX_ARCH; do