From ac5aea95455372145f3f06df2b4c1584d759d660 Mon Sep 17 00:00:00 2001
From: "Neal H. Walfield" <neal@g10code.com>
Date: Fri, 19 Feb 2016 14:10:09 +0100
Subject: [PATCH] gpg: Split the function check_signature_end.

* g10/sig-check.c (check_signature_end): Break the basic signature
check into...
(check_signature_end_simple): ... this new function.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
---
 g10/sig-check.c | 28 +++++++++++++++++++++++-----
 1 file changed, 23 insertions(+), 5 deletions(-)

diff --git a/g10/sig-check.c b/g10/sig-check.c
index 292adb96f..262afed37 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -40,6 +40,9 @@ static int check_signature_end (PKT_public_key *pk, PKT_signature *sig,
 				int *r_expired, int *r_revoked,
 				PKT_public_key *ret_pk);
 
+static int check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
+                                       gcry_md_hd_t digest);
+
 /* Check a signature.  This is shorthand for check_signature2 with
    the unnamed arguments passed as NULL.  */
 int
@@ -376,14 +379,32 @@ check_signature_end (PKT_public_key *pk, PKT_signature *sig,
 		     gcry_md_hd_t digest,
 		     int *r_expired, int *r_revoked, PKT_public_key *ret_pk)
 {
-    gcry_mpi_t result = NULL;
     int rc = 0;
-    const struct weakhash *weak;
 
     if ((rc = check_signature_metadata_validity (pk, sig,
 						 r_expired, r_revoked)))
         return rc;
 
+    if ((rc = check_signature_end_simple (pk, sig, digest)))
+      return rc;
+
+    if(!rc && ret_pk)
+      copy_public_key(ret_pk,pk);
+
+    return rc;
+}
+
+/* This function is similar to check_signature_end, but it only checks
+   whether the signature was generated by PK.  It does not check
+   expiration, revocation, etc.  */
+static int
+check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
+                            gcry_md_hd_t digest)
+{
+    gcry_mpi_t result = NULL;
+    int rc = 0;
+    const struct weakhash *weak;
+
     if (!opt.flags.allow_weak_digest_algos)
       for (weak = opt.weak_digests; weak; weak = weak->next)
         if (sig->digest_algo == weak->algo)
@@ -453,9 +474,6 @@ check_signature_end (PKT_public_key *pk, PKT_signature *sig,
 	rc = GPG_ERR_BAD_SIGNATURE;
       }
 
-    if(!rc && ret_pk)
-      copy_public_key(ret_pk,pk);
-
     return rc;
 }