From 0ba69e5581914f23f7efdd4d38b890f6def8967a Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Sat, 19 Mar 2022 13:38:37 +0900
Subject: [PATCH] gpg: Always use version >= 4 to generate signature.

* g10/sign.c (update_keysig_packet): Make sure sig->version >= 4.

--

GnuPG-bug-id: 5809
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 g10/sign.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/g10/sign.c b/g10/sign.c
index 2ab76c99b..385254987 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1928,6 +1928,15 @@ update_keysig_packet (ctrl_t ctrl,
   /* Create a new signature packet.  */
   sig = copy_signature (NULL, orig_sig);
 
+  /* Don't generate version 3 signature, but newer.  */
+  if (sig->version == 3)
+    {
+      if (pk->version > 3)
+        sig->version = pk->version;
+      else
+        sig->version = 4;
+    }
+
   sig->digest_algo = digest_algo;
 
   /* We need to create a new timestamp so that new sig expiration