When verifying a file with a detached signature information about the signature is not shown if the certificate of the signer is expired.
Output:
gpgsm --verify test.sig test.data gpgsm: Signature made [date not given] gpgsm: using nistp256 key 60ECCA6D9073C8F8164318AADF3634E266A25385 gpgsm: certificate has expired gpgsm: (expired at 2025-12-31 00:00:00) gpgsm: invalid certification chain: Certificate expired
Expected output:
gpgsm --verify test.sig test.data gpgsm: Signature made [date not given] gpgsm: using nistp256 key 60ECCA6D9073C8F8164318AADF3634E266A25385 gpgsm: certificate has expired gpgsm: (expired at 2025-12-31 00:00:00) gpgsm: Good signature from "/CN=Koch, Werner/C=DE/SerialNumber=4/GN=Werner/SN=Koch" gpgsm: aka "werner.koch@g10code.com"
This regression was introduced by rGfa1ac5c23d16: gpgsm: add a certificate chain check for de-vs compliance in GnuPG 2.5.19.