* revoke.c (gen_desig_revoke): Specify in the comment when a designated

revocation is generated.

* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Disallow use of sign+encrypt Elgamal keys for
anything except revocations.

* sign.c (do_sign): Catchall for any Elgamal signatures except
revocations.

g10/ChangeLog

@@ -1,9 +1,19 @@
 2003-11-29  David Shaw  <dshaw@jabberwocky.com>
 
+	* revoke.c (gen_desig_revoke): Specify in the comment when a
+	designated revocation is generated.
+
+	* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
+	get_seckey_byname2): Disallow use of sign+encrypt Elgamal keys for
+	anything except revocations.
+
+	* sign.c (do_sign): Catchall for any Elgamal signatures except
+	revocations.
+
 	* trustdb.c (validate_keys): Reset the trustdb before checking if
 	we have any ultimately trusted keys.  This ensures that if we
 	lose all our ultimately trusted keys, we don't leave behind the
-	old validity calculations.
+	old validity calculations.  Noted by Peter Palfrader.
 
 2003-11-20  David Shaw  <dshaw@jabberwocky.com>
 

g10/getkey.c

@@ -1049,7 +1049,11 @@ get_seckey_byname2( GETKEY_CTX *retctx,
 	ctx.items[0].mode = KEYDB_SEARCH_MODE_FIRST;
 	rc = lookup( &ctx, &kb, 1 );
         if (!rc && sk )
-            sk_from_block ( &ctx, sk, kb );
+	  {
+	    sk_from_block ( &ctx, sk, kb );
+	    if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+	      rc=G10ERR_UNU_SECKEY;
+	  }
         release_kbnode ( kb );
 	get_seckey_end( &ctx );
     }
@@ -1655,6 +1659,11 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
         if ( x ) /* mask it down to the actual allowed usage */
             key_usage &= x; 
     }
+
+    /* Type 20 Elgamal keys are not usable. */
+    if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+      key_usage=0;
+
     pk->pubkey_usage = key_usage;
 
     if ( !key_expire_seen ) {
@@ -1869,6 +1878,13 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
         if ( x ) /* mask it down to the actual allowed usage */
             key_usage &= x; 
     }
+
+    /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are
+       not usable. */
+    if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
+       || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+      key_usage=0;
+
     subpk->pubkey_usage = key_usage;
     
     p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);

g10/revoke.c

@@ -313,7 +313,7 @@ gen_desig_revoke( const char *uname )
 	      goto leave;
 
 	    afx.what = 1;
-	    afx.hdrlines = "Comment: A revocation certificate should follow\n";
+	    afx.hdrlines = "Comment: A designated revocation certificate should follow\n";
 	    iobuf_push_filter( out, armor_filter, &afx );
 
 	    /* create it */

g10/sign.c

@@ -266,6 +266,12 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
 	    return G10ERR_TIME_CONFLICT;
     }
 
+    /* For safety, only allow revocation sigs from Elgamal
+       sign+encrypt keys.  Note that this allows for Elgamal
+       designated revocations as well, but that's arguably a good
+       thing. */
+    if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL && sig->sig_class!=0x20)
+      return G10ERR_UNU_SECKEY;
 
     print_pubkey_algo_note(sk->pubkey_algo);