From caff669212d2465a3a387571305a7230d394c0e0 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu, 4 Aug 2016 16:21:39 +0900
Subject: [PATCH] g10: Fix checking key for signature validation.

* g10/sig-check.c (signature_check2): Not only subkey, but also primary
key should have flags.valid=1.

--

(backport of master
commit 6f284e6ed63f514b15fe610f490ffcefc87a2164)

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 g10/sig-check.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/g10/sig-check.c b/g10/sig-check.c
index fc5e1fa41..7178d069f 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -82,9 +82,9 @@ signature_check2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
       }
     else if( get_pubkey( pk, sig->keyid ) )
 	rc = G10ERR_NO_PUBKEY;
-    else if(!pk->is_valid && !pk->is_primary)
+    else if(!pk->is_valid)
         rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an
-				 invalid subkey */
+				 invalid key */
     else
       {
         if(r_expiredate)