mirror of git://git.gnupg.org/gnupg.git
g10: Fix checking key for signature validation.
* g10/sig-check.c (check_signature2): Not only subkey, but also primary
key should have flags.valid=1.
--
The tweak of gpgv in e32c575e0f
only makes
sense with this change.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
parent
993f36e23c
commit
6f284e6ed6
|
@ -118,9 +118,9 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
|
|||
}
|
||||
else if( get_pubkey( pk, sig->keyid ) )
|
||||
rc = GPG_ERR_NO_PUBKEY;
|
||||
else if(!pk->flags.valid && !pk->flags.primary)
|
||||
else if(!pk->flags.valid)
|
||||
{
|
||||
/* You cannot have a good sig from an invalid subkey. */
|
||||
/* You cannot have a good sig from an invalid key. */
|
||||
rc = GPG_ERR_BAD_PUBKEY;
|
||||
}
|
||||
else
|
||||
|
|
Loading…
Reference in New Issue