From feed7eb7b3b5a2fa1f05a83380096636f7501226 Mon Sep 17 00:00:00 2001
From: Ludvig Michaelsson <ludvig.michaelsson@yubico.com>
Date: Thu, 29 Feb 2024 09:35:00 +0100
Subject: [PATCH] xxx

---
 windows/build.ps1  | 12 ++++++++++--
 windows/cygwin.ps1 | 10 +++++++---
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/windows/build.ps1 b/windows/build.ps1
index 60146f22..3ec1a13d 100644
--- a/windows/build.ps1
+++ b/windows/build.ps1
@@ -98,6 +98,13 @@ New-Item -Type Directory "${STAGE}\${LIBRESSL}" -Force
 New-Item -Type Directory "${STAGE}\${LIBCBOR}" -Force
 New-Item -Type Directory "${STAGE}\${ZLIB}" -Force
 
+# Create GNUPGHOME with an empty common.conf to disable use-keyboxd.
+# Recent default is to enable keyboxd which in turn ignores --keyring
+# arguments.
+$GpgHome = "${BUILD}\.gnupg"
+New-Item -Type Directory "${GpgHome}" -Force
+New-Item -Type File "${GpgHome}/common.conf" -Force
+
 # Create output directories.
 New-Item -Type Directory "${OUTPUT}" -Force
 New-Item -Type Directory "${OUTPUT}\${Arch}" -Force
@@ -117,8 +124,9 @@ try {
 		}
 
 		Copy-Item "$PSScriptRoot\libressl.gpg" -Destination "${BUILD}"
-		& $GPG --list-keys
-		& $GPG --quiet --no-default-keyring --keyring ./libressl.gpg `
+		& $GPG --homedir ${GpgHome} --list-keys
+		& $GPG --homedir ${GpgHome} --quiet --no-default-keyring `
+		    --keyring ./libressl.gpg `
 		    --verify .\${LIBRESSL}.tar.gz.asc .\${LIBRESSL}.tar.gz
 		if ($LastExitCode -ne 0) {
 			throw "GPG signature verification failed"
diff --git a/windows/cygwin.ps1 b/windows/cygwin.ps1
index b7539b3b..0d583d24 100755
--- a/windows/cygwin.ps1
+++ b/windows/cygwin.ps1
@@ -20,7 +20,6 @@ $Packages = 'gcc-core,pkg-config,cmake,make,libcbor-devel,libssl-devel,zlib-deve
 # Work directories.
 $Cygwin = "$PSScriptRoot\..\cygwin"
 $Root = "${Cygwin}\root"
-$GpgHome = "${Cygwin}\.gnupg"
 
 # Find GPG.
 $GPG = $(Get-Command gpg -ErrorAction Ignore | `
@@ -38,6 +37,11 @@ Write-Host "GPG: $GPG"
 # Create work directories.
 New-Item -Type Directory "${Cygwin}" -Force
 New-Item -Type Directory "${Root}" -Force
+
+# Create GNUPGHOME with an empty common.conf to disable use-keyboxd.
+# Recent default is to enable keyboxd which in turn ignores --keyring
+# arguments.
+$GpgHome = "${Cygwin}\.gnupg"
 New-Item -Type Directory "${GpgHome}" -Force
 New-Item -Type File "${GpgHome}/common.conf" -Force
 
@@ -51,8 +55,8 @@ try {
 		Invoke-WebRequest ${URL}/${Setup}.sig `
 		    -OutFile ${Cygwin}\${Setup}.sig
 	}
-	& $GPG --homedir $GpgHome --debug-all --list-keys
-	& $GPG --homedir $GpgHome --debug-all --quiet --no-default-keyring `
+	& $GPG --homedir ${GpgHome} --debug-all --list-keys
+	& $GPG --homedir ${GpgHome} --debug-all --quiet --no-default-keyring `
 	    --keyring ${PSScriptRoot}/cygwin.gpg `
 	    --verify ${Cygwin}\${Setup}.sig ${Cygwin}\${Setup}
 	if ($LastExitCode -ne 0) {