g10: Fix checking key for signature validation.
authorNIIBE Yutaka <gniibe@fsij.org>
Thu, 4 Aug 2016 07:21:39 +0000 (16:21 +0900)
committerNIIBE Yutaka <gniibe@fsij.org>
Thu, 4 Aug 2016 07:21:39 +0000 (16:21 +0900)
* g10/sig-check.c (check_signature2): Not only subkey, but also primary
key should have flags.valid=1.

--

The tweak of gpgv in e32c575e0f3704e7563048eea6d26844bdfc494b only makes
sense with this change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
g10/sig-check.c

index 7000b48..334add7 100644 (file)
@@ -118,9 +118,9 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
       }
     else if( get_pubkey( pk, sig->keyid ) )
        rc = GPG_ERR_NO_PUBKEY;
-    else if(!pk->flags.valid && !pk->flags.primary)
+    else if(!pk->flags.valid)
       {
-        /* You cannot have a good sig from an invalid subkey.  */
+        /* You cannot have a good sig from an invalid key.  */
         rc = GPG_ERR_BAD_PUBKEY;
       }
     else