* getkey.c (get_pubkey_direct): Don't cache keys retrieved via this

function as they may not have all their fields filled in.

* sig-check.c (signature_check2): Use new is_primary flag to check rather
than comparing main_keyid with keyid as this still works in the case of a
not fully filled in pk.

g10/ChangeLog

@@ -1,3 +1,12 @@
+2002-10-04  David Shaw  <dshaw@jabberwocky.com>
+
+	* getkey.c (get_pubkey_direct): Don't cache keys retrieved via
+	this function as they may not have all their fields filled in.
+
+	* sig-check.c (signature_check2): Use new is_primary flag to check
+	rather than comparing main_keyid with keyid as this still works in
+	the case of a not fully filled in pk.
+
 2002-10-04  Werner Koch  <wk@gnupg.org>
 
 	* import.c (import_keys_internal): s/inp/inp2/ to avoid shadowing

g10/getkey.c

@@ -417,7 +417,10 @@ get_pubkey_direct (PKT_public_key *pk, u32 *keyid)
            ||  keyblock->pkt->pkttype == PKT_PUBLIC_SUBKEY );
   copy_public_key (pk, keyblock->pkt->pkt.public_key );
   release_kbnode (keyblock);
-  cache_public_key (pk);
+
+  /* Not caching key here since it won't have all of the fields
+     properly set. */
+
   return 0;
 }
 

g10/sig-check.c

@@ -75,9 +75,7 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest,
     }
     else if( get_pubkey( pk, sig->keyid ) )
 	rc = G10ERR_NO_PUBKEY;
-    else if(!pk->is_valid &&
-	    (pk->main_keyid[0]!=pk->keyid[0] ||
-	     pk->main_keyid[1]!=pk->keyid[1]))
+    else if(!pk->is_valid && !pk->is_primary)
         rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an
 				 invalid subkey */
     else {