From 15c38a10db58c0ce13bd75834e4d770b1ee62a4e Mon Sep 17 00:00:00 2001
From: Ehab Younes <ehab.alyounes@gmail.com>
Date: Fri, 23 Jan 2026 13:15:52 +0300
Subject: [PATCH 1/2] Fix GPG verification with reformatted keys

Allow signature verification to succeed when public keys have been
reformatted by enabling allowInsecureVerificationWithReformattedKeys
in the OpenPGP config.
---
 src/pgp.ts | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/pgp.ts b/src/pgp.ts
index 0e38029f..cfd80a7d 100644
--- a/src/pgp.ts
+++ b/src/pgp.ts
@@ -68,6 +68,9 @@ export async function verifySignature(
 			message,
 			signature,
 			verificationKeys: publicKeys,
+			config: {
+				allowInsecureVerificationWithReformattedKeys: true,
+			},
 		});
 		for await (const _ of verificationResult.data) {
 			// The docs indicate this data must be consumed; it triggers the

From 179d73aecc936e02a9d629da200f31245de4dd82 Mon Sep 17 00:00:00 2001
From: Ehab Younes <ehab.alyounes@gmail.com>
Date: Fri, 23 Jan 2026 13:36:58 +0300
Subject: [PATCH 2/2] Add rational comment

---
 src/pgp.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/pgp.ts b/src/pgp.ts
index cfd80a7d..417ce54b 100644
--- a/src/pgp.ts
+++ b/src/pgp.ts
@@ -69,6 +69,7 @@ export async function verifySignature(
 			signature,
 			verificationKeys: publicKeys,
 			config: {
+				// Rational https://github.com/coder/vscode-coder/pull/748#issuecomment-3789538490
 				allowInsecureVerificationWithReformattedKeys: true,
 			},
 		});