security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-02-01 16:33:02 +01:00
Code Activity

gpg: Fix extra check for sign usage of a data signature.

Browse Source 
* g10/sig-check.c (check_signature_end_simple):
--

Obviously we should not ignore a back signature here.

Fixes-commit: 214b0077264e35c079e854a8b6374704aea45cd5
GnuPG-bug-id: 4014
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit b6275f3bda8edff34274c5b921508567f491ab9c)
This commit is contained in:
Werner Koch 2018-10-08 16:14:17 +02:00
parent 7e2b0488d1
commit b0d6e26bf3
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
g10/sig-check.c
View File

@ -481,7 +481,8 @@ check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
} }
/* For data signatures check that the key has sign usage. */ /* For data signatures check that the key has sign usage. */
if (IS_SIG (sig) && !(pk->pubkey_usage & PUBKEY_USAGE_SIG)) if (!IS_BACK_SIG (sig) && IS_SIG (sig)
&& !(pk->pubkey_usage & PUBKEY_USAGE_SIG))
{ {
rc = gpg_error (GPG_ERR_WRONG_KEY_USAGE); rc = gpg_error (GPG_ERR_WRONG_KEY_USAGE);
if (!opt.quiet) if (!opt.quiet)