Ported changes from 1.4.

Add copyright notices.

g10/ChangeLog

@@ -1,3 +1,58 @@
+2007-10-25  David Shaw  <dshaw@jabberwocky.com>  (wk)
+
+	From 1.4 (October):
+
+	* gpg.c (main): Add --require-cross-certification to
+	--openpgp/--rfc4880 mode.
+
+	* gpg.c (main): Disable --rfc2440-text and --force-v3-sigs by
+	default.  Enable --require-cross-certification by default.
+	--openpgp (--rfc4880) is the same as --rfc2440 except with
+	"--enable-dsa2 --no-rfc2440-text --escape-from-lines".
+
+	* misc.c (compliance_option_string, compliance_failure): Minor
+	cleanup.
+
+	* armor.c (is_armor_header): Comment about 4880.
+
+	* options.h, gpg.c (main): Add --rfc4880, and make --openpgp an
+	alias to it.  --rfc2440 now stands alone.  For now, use the old
+	2440 defaults for 4880.
+	* misc.c (compliance_option_string): Ditto.
+	
+	* keyedit.c (keyedit_menu): Use compliance_option_string() instead
+	of printing the compliance modes here.
+
+2007-10-25  David Shaw  <dshaw@jabberwocky.com>  (wk)
+
+	From 1.4 (September):
+
+	* import.c (collapse_uids): Significant speedup for de-duping user
+	IDs.
+
+2007-10-25  David Shaw  <dshaw@jabberwocky.com>  (wk)
+
+	From 1.4 (July):
+	
+	* armor.c (parse_header_line): Improve test so that the header
+	test only allows "Hash" in the signed data section.
+
+	* armor.c (is_armor_tag): New.  Detect if an armor header matches
+	2440bis-21.
+	(parse_header_line): Call it here, as bis-21 requires warning the
+	user (but continuing to process the message) when seeing an
+	unknown header.
+
+	* encode.c (encode_crypt): Missed one call to
+	setup_plaintext_name().  This is bug#809.
+
+	* sign.c (mk_notation_policy_etc): Expect all sigs that this is
+	called for are >=v4.
+	(write_signature_packets, make_keysig_packet): Only call it for
+	>=v4 sigs.  This allows --force-v3-sigs and --force-v4-certs to
+	enable or disable notations, policies, and keyserver URLs.  This
+	is bug#800.
+
 2007-10-19  Werner Koch  <wk@g10code.com>
 
 	* passphrase.c (passphrase_get): Use new utf8 switching fucntions.

g10/armor.c

@@ -1,6 +1,6 @@
 /* armor.c - Armor flter
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- *               2006 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+ *               2007 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -308,7 +308,19 @@ parse_hash_header( const char *line )
     return found;
 }
 
+/* Returns true if this is a valid armor tag as per RFC-2440bis-21. */
+static int
+is_armor_tag(const char *line)
+{
+  if(strncmp(line,"Version",7)==0
+     || strncmp(line,"Comment",7)==0
+     || strncmp(line,"MessageID",9)==0
+     || strncmp(line,"Hash",4)==0
+     || strncmp(line,"Charset",7)==0)
+    return 1;
 
+  return 0;
+}
 
 /****************
  * Check whether this is a armor line.
@@ -338,7 +350,8 @@ is_armor_header( byte *line, unsigned len )
        --rfc2440 is set since 2440 reads "The header lines, therefore,
        MUST start at the beginning of a line, and MUST NOT have text
        following them on the same line."  It is unclear whether "text"
-       refers to all text or just non-whitespace text. */
+       refers to all text or just non-whitespace text.  4880 clarified
+       this was only non-whitespace text. */
 
     if(RFC2440)
       {
@@ -418,16 +431,32 @@ parse_header_line( armor_filter_context_t *afx, byte *line, unsigned int len )
 	putc('\n', stderr);
     }
 
-    if( afx->in_cleartext ) {
+    if( afx->in_cleartext )
+      {
 	if( (hashes=parse_hash_header( line )) )
-	    afx->hashes |= hashes;
+	  afx->hashes |= hashes;
 	else if( strlen(line) > 15 && !memcmp( line, "NotDashEscaped:", 15 ) )
-	    afx->not_dash_escaped = 1;
-	else {
+	  afx->not_dash_escaped = 1;
+	else
+	  {
 	    log_error(_("invalid clearsig header\n"));
 	    return -1;
-	}
-    }
+	  }
+      }
+    else if(!is_armor_tag(line))
+      {
+	/* Section 6.2: "Unknown keys should be reported to the user,
+	   but OpenPGP should continue to process the message."  Note
+	   that in a clearsigned message this applies to the signature
+	   part (i.e. "BEGIN PGP SIGNATURE") and not the signed data
+	   ("BEGIN PGP SIGNED MESSAGE").  The only key allowed in the
+	   signed data section is "Hash". */
+
+	log_info(_("unknown armor header: "));
+	print_string( stderr, line, len, 0 );
+	putc('\n', stderr);
+      }
+
     return 1;
 }
 

g10/encode.c

@@ -598,22 +598,8 @@ encode_crypt( const char *filename, strlist_t remusr, int use_symkey )
     if(use_symkey && (rc=write_symkey_enc(symkey_s2k,symkey_dek,cfx.dek,out)))
       goto leave;
 
-    if (!opt.no_literal) {
-	/* setup the inner packet */
-	if( filename || opt.set_filename ) {
-	    char *s = make_basename( opt.set_filename ? opt.set_filename
-						      : filename,
-				     iobuf_get_real_fname( inp ) );
-	    pt = xmalloc( sizeof *pt + strlen(s) - 1 );
-	    pt->namelen = strlen(s);
-	    memcpy(pt->name, s, pt->namelen );
-	    xfree(s);
-	}
-	else { /* no filename */
-	    pt = xmalloc( sizeof *pt - 1 );
-	    pt->namelen = 0;
-	}
-    }
+    if (!opt.no_literal)
+      pt=setup_plaintext_name(filename,inp);
 
     if (!iobuf_is_pipe_filename (filename) && *filename && !opt.textmode )
       {

g10/gpg.c

@@ -1,6 +1,6 @@
 /* gpg.c - The GnuPG utility (main for gpg)
  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- *               2006 Free Software Foundation, Inc.
+ *               2006, 2007 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -194,6 +194,7 @@ enum cmd_and_opt_values
     oGnuPG,
     oRFC1991,
     oRFC2440,
+    oRFC4880,
     oOpenPGP,
     oPGP2,
     oPGP6,
@@ -520,6 +521,7 @@ static ARGPARSE_OPTS opts[] = {
     { oGnuPG, "no-pgp8", 0, "@"},
     { oRFC1991, "rfc1991",   0, "@"},
     { oRFC2440, "rfc2440", 0, "@" },
+    { oRFC4880, "rfc4880", 0, "@" },
     { oOpenPGP, "openpgp", 0, N_("use strict OpenPGP behavior")},
     { oPGP2, "pgp2", 0, N_("generate PGP 2.x compatible messages")},
     { oPGP6, "pgp6", 0, "@"},
@@ -1902,8 +1904,8 @@ main (int argc, char **argv )
     opt.marginals_needed = 3;
     opt.max_cert_depth = 5;
     opt.pgp2_workarounds = 1;
-    opt.force_v3_sigs = 1;
     opt.escape_from = 1;
+    opt.flags.require_cross_cert = 1;
     opt.import_options=IMPORT_SK2PK;
     opt.export_options=EXPORT_ATTRIBUTES;
     opt.keyserver_options.import_options=IMPORT_REPAIR_PKS_SUBKEY_BUG;
@@ -1917,7 +1919,6 @@ main (int argc, char **argv )
     opt.min_cert_level=2;
     set_screen_dimensions();
     opt.keyid_format=KF_SHORT;
-    opt.rfc2440_text=1;
     opt.def_sig_expire="0";
     opt.def_cert_expire="0";
     set_homedir ( default_homedir () );
@@ -2303,11 +2304,34 @@ main (int argc, char **argv )
 	    opt.escape_from = 1;
 	    break;
 	  case oOpenPGP:
+	  case oRFC4880:
+	    /* This is effectively the same as RFC2440, but with
+	       "--enable-dsa2 --no-rfc2440-text --escape-from-lines
+	       --require-cross-certification". */
+	    opt.compliance = CO_RFC4880;
+	    opt.flags.dsa2 = 1;
+	    opt.flags.require_cross_cert = 1;
+	    opt.rfc2440_text = 0;
+	    opt.allow_non_selfsigned_uid = 1;
+	    opt.allow_freeform_uid = 1;
+	    opt.pgp2_workarounds = 0;
+	    opt.escape_from = 1;
+	    opt.force_v3_sigs = 0;
+	    opt.compress_keys = 0;	    /* not mandated, but we do it */
+	    opt.compress_sigs = 0;	    /* ditto. */
+	    opt.not_dash_escaped = 0;
+	    opt.def_cipher_algo = 0;
+	    opt.def_digest_algo = 0;
+	    opt.cert_digest_algo = 0;
+	    opt.compress_algo = -1;
+            opt.s2k_mode = 3; /* iterated+salted */
+	    opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
+	    opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
+	    break;
 	  case oRFC2440:
-	    /* TODO: When 2440bis becomes a RFC, set new values for
-	       oOpenPGP. */
-	    opt.rfc2440_text=1;
 	    opt.compliance = CO_RFC2440;
+	    opt.flags.dsa2 = 0;
+	    opt.rfc2440_text = 1;
 	    opt.allow_non_selfsigned_uid = 1;
 	    opt.allow_freeform_uid = 1;
 	    opt.pgp2_workarounds = 0;

g10/import.c

@@ -1,6 +1,6 @@
 /* import.c - import a key into our key storage.
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- *               2006 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+ *               2007 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -1649,90 +1649,102 @@ delete_inv_parts( const char *fname, KBNODE keyblock,
  * It may happen that the imported keyblock has duplicated user IDs.
  * We check this here and collapse those user IDs together with their
  * sigs into one.
- * Returns: True if the keyblock hash changed.
+ * Returns: True if the keyblock has changed.
  */
 int
 collapse_uids( KBNODE *keyblock )
 {
-    KBNODE n, n2;
-    int in_uid;
-    int any=0;
+  KBNODE uid1;
+  int any=0;
 
-  restart:
-    for( n = *keyblock; n; n = n->next ) {
-	if( n->pkt->pkttype != PKT_USER_ID )
+  for(uid1=*keyblock;uid1;uid1=uid1->next)
+    {
+      KBNODE uid2;
+
+      if(uid1->pkt->pkttype!=PKT_USER_ID)
+	continue;
+
+      for(uid2=uid1->next;uid2;uid2=uid2->next)
+	{
+	  if(uid2->pkt->pkttype!=PKT_USER_ID)
 	    continue;
-	for( n2 = n->next; n2; n2 = n2->next ) {
-	    if( n2->pkt->pkttype == PKT_USER_ID
-		&& !cmp_user_ids( n->pkt->pkt.user_id,
-				  n2->pkt->pkt.user_id ) ) {
-		/* found a duplicate */
-		any = 1;
-		if( !n2->next
-		    || n2->next->pkt->pkttype == PKT_USER_ID
-		    || n2->next->pkt->pkttype == PKT_PUBLIC_SUBKEY
-		    || n2->next->pkt->pkttype == PKT_SECRET_SUBKEY  ) {
-		    /* no more signatures: delete the user ID
-		     * and start over */
-		    remove_kbnode( keyblock, n2 );
+
+	  if(cmp_user_ids(uid1->pkt->pkt.user_id,
+			  uid2->pkt->pkt.user_id)==0)
+	    {
+	      /* We have a duplicated uid */
+	      KBNODE sig1,last;
+
+	      any=1;
+
+	      /* Now take uid2's signatures, and attach them to
+		 uid1 */
+	      for(last=uid2;last->next;last=last->next)
+		{
+		  if(last->next->pkt->pkttype==PKT_USER_ID
+		     || last->next->pkt->pkttype==PKT_PUBLIC_SUBKEY
+		     || last->next->pkt->pkttype==PKT_SECRET_SUBKEY)
+		    break;
 		}
-		else {
-		    /* The simple approach: Move one signature and
-		     * then start over to delete the next one :-( */
-		    move_kbnode( keyblock, n2->next, n->next );
+
+	      /* Snip out uid2 */
+	      (find_prev_kbnode(*keyblock,uid2,0))->next=last->next;
+
+	      /* Now put uid2 in place as part of uid1 */
+	      last->next=uid1->next;
+	      uid1->next=uid2;
+	      remove_kbnode(keyblock,uid2);
+
+	      /* Now dedupe uid1 */
+	      for(sig1=uid1->next;sig1;sig1=sig1->next)
+		{
+		  KBNODE sig2;
+
+		  if(sig1->pkt->pkttype==PKT_USER_ID
+		     || sig1->pkt->pkttype==PKT_PUBLIC_SUBKEY
+		     || sig1->pkt->pkttype==PKT_SECRET_SUBKEY)
+		    break;
+
+		  if(sig1->pkt->pkttype!=PKT_SIGNATURE)
+		    continue;
+
+		  for(sig2=sig1->next,last=sig1;sig2;last=sig2,sig2=sig2->next)
+		    {
+		      if(sig2->pkt->pkttype==PKT_USER_ID
+			 || sig2->pkt->pkttype==PKT_PUBLIC_SUBKEY
+			 || sig2->pkt->pkttype==PKT_SECRET_SUBKEY)
+			break;
+
+		      if(sig2->pkt->pkttype!=PKT_SIGNATURE)
+			continue;
+
+		      if(cmp_signatures(sig1->pkt->pkt.signature,
+					sig2->pkt->pkt.signature)==0)
+			{
+			  /* We have a match, so delete the second
+			     signature */
+			  remove_kbnode(&uid1,sig2);
+			  sig2=last;
+			}
+		    }
 		}
-		goto restart;
 	    }
 	}
     }
-    if( !any )
-	return 0;
 
-  restart_sig:
-    /* now we may have duplicate signatures on one user ID: fix this */
-    for( in_uid = 0, n = *keyblock; n; n = n->next ) {
-	if( n->pkt->pkttype == PKT_USER_ID )
-	    in_uid = 1;
-	else if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY
-		 || n->pkt->pkttype == PKT_SECRET_SUBKEY )
-	    in_uid = 0;
-	else if( in_uid ) {
-	    n2 = n;
-	    do {
-		KBNODE ncmp = NULL;
-		for( ; n2; n2 = n2->next ) {
-		    if(    n2->pkt->pkttype == PKT_USER_ID
-			|| n2->pkt->pkttype == PKT_PUBLIC_SUBKEY
-			|| n2->pkt->pkttype == PKT_SECRET_SUBKEY )
-			break;
-		    if( n2->pkt->pkttype != PKT_SIGNATURE )
-			;
-		    else if( !ncmp )
-			ncmp = n2;
-		    else if( !cmp_signatures( ncmp->pkt->pkt.signature,
-						n2->pkt->pkt.signature )) {
-			remove_kbnode( keyblock, n2 );
-			goto restart_sig;
-		    }
-		}
-		n2 = ncmp? ncmp->next : NULL;
-	    } while( n2 );
-	}
+  if(any && !opt.quiet)
+    {
+      const char *key="???";
+
+      if( (uid1=find_kbnode( *keyblock, PKT_PUBLIC_KEY )) )
+	key=keystr_from_pk(uid1->pkt->pkt.public_key);
+      else if( (uid1 = find_kbnode( *keyblock, PKT_SECRET_KEY )) )
+	key=keystr_from_sk(uid1->pkt->pkt.secret_key);
+
+      log_info(_("key %s: duplicated user ID detected - merged\n"),key);
     }
 
-    if(!opt.quiet)
-      {
-	const char *key="???";
-
-	if( (n = find_kbnode( *keyblock, PKT_PUBLIC_KEY )) )
-	  key=keystr_from_pk(n->pkt->pkt.public_key);
-	else if( (n = find_kbnode( *keyblock, PKT_SECRET_KEY )) )
-	  key=keystr_from_sk(n->pkt->pkt.secret_key);
-
-	log_info(_("key %s: duplicated user ID detected - merged\n"),key);
-      }
-
-    return 1;
+  return any;
 }
 
 /* Check for a 0x20 revocation from a revocation key that is not

g10/keyedit.c

@@ -1803,7 +1803,7 @@ keyedit_menu( const char *username, strlist_t locusr,
               {
                 tty_printf(
                    _("This command is not allowed while in %s mode.\n"),
-		   RFC2440?"OpenPGP":PGP2?"PGP2":"RFC-1991");
+		   compliance_option_string());
                 break;
               }
 	    photo=1;

g10/misc.c

@@ -831,47 +831,64 @@ default_compress_algo(void)
 const char *
 compliance_option_string(void)
 {
-  switch(opt.compliance)
-    {
-    case CO_RFC2440:
-      return "--openpgp";
-    case CO_PGP2:
-      return "--pgp2";
-    case CO_PGP6:
-      return "--pgp6";
-    case CO_PGP7:
-      return "--pgp7";
-    case CO_PGP8:
-      return "--pgp8";
-    default:
-      return "???";
-    }
-}
+  char *ver="???";
 
-static const char *
-compliance_string(void)
-{
   switch(opt.compliance)
     {
-    case CO_RFC2440:
-      return "OpenPGP";
-    case CO_PGP2:
-      return "PGP 2.x";
-    case CO_PGP6:
-      return "PGP 6.x";
-    case CO_PGP7:
-      return "PGP 7.x";
-    case CO_PGP8:
-      return "PGP 8.x";
-    default:
-      return "???";
+    case CO_GNUPG:   return "--gnupg";
+    case CO_RFC4880: return "--openpgp";
+    case CO_RFC2440: return "--rfc2440";
+    case CO_RFC1991: return "--rfc1991";
+    case CO_PGP2:    return "--pgp2";
+    case CO_PGP6:    return "--pgp6";
+    case CO_PGP7:    return "--pgp7";
+    case CO_PGP8:    return "--pgp8";
     }
+
+  return ver;
 }
 
 void
 compliance_failure(void)
 {
-  log_info(_("this message may not be usable by %s\n"),compliance_string());
+  char *ver="???";
+
+  switch(opt.compliance)
+    {
+    case CO_GNUPG:
+      ver="GnuPG";
+      break;
+
+    case CO_RFC4880:
+      ver="OpenPGP";
+      break;
+
+    case CO_RFC2440:
+      ver="OpenPGP (older)";
+      break;
+
+    case CO_RFC1991:
+      ver="old PGP";
+      break;
+
+    case CO_PGP2:
+      ver="PGP 2.x";
+      break;
+
+    case CO_PGP6:
+      ver="PGP 6.x";
+      break;
+
+    case CO_PGP7:
+      ver="PGP 7.x";
+      break;
+
+    case CO_PGP8:
+      ver="PGP 8.x";
+      break;
+    }
+
+  log_info(_("this message may not be usable by %s\n"),ver);
   opt.compliance=CO_GNUPG;
 }
 

g10/options.h

@@ -1,6 +1,6 @@
 /* options.h
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- *               2006 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+ *               2007 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -103,7 +103,8 @@ struct
   int force_ownertrust;
   enum
     {
-      CO_GNUPG=0, CO_RFC2440, CO_RFC1991, CO_PGP2, CO_PGP6, CO_PGP7, CO_PGP8
+      CO_GNUPG, CO_RFC4880, CO_RFC2440, CO_RFC1991, CO_PGP2,
+      CO_PGP6, CO_PGP7, CO_PGP8
     } compliance;
   enum
     {
@@ -290,10 +291,12 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
 #define GNUPG   (opt.compliance==CO_GNUPG)
 #define RFC1991 (opt.compliance==CO_RFC1991 || opt.compliance==CO_PGP2)
 #define RFC2440 (opt.compliance==CO_RFC2440)
+#define RFC4880 (opt.compliance==CO_RFC4880)
 #define PGP2    (opt.compliance==CO_PGP2)
 #define PGP6    (opt.compliance==CO_PGP6)
 #define PGP7    (opt.compliance==CO_PGP7)
 #define PGP8    (opt.compliance==CO_PGP8)
+#define PGPX    (PGP2 || PGP6 || PGP7 || PGP8)
 
 /* Various option flags.  Note that there should be no common string
    names between the IMPORT_ and EXPORT_ flags as they can be mixed in

g10/sign.c

@@ -1,6 +1,6 @@
 /* sign.c - sign data
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- *               2006 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+ *               2007 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -66,32 +66,17 @@ mk_notation_policy_etc( PKT_signature *sig,
     struct notation *nd=NULL;
     struct expando_args args;
 
+    assert(sig->version>=4);
+
     memset(&args,0,sizeof(args));
     args.pk=pk;
     args.sk=sk;
 
-    /* It is actually impossible to get here when making a v3 key
-       signature since keyedit.c:sign_uids will automatically bump a
-       signature with a notation or policy url up to v4, but it is
-       good to do these checks anyway. */
-
     /* notation data */
     if(IS_SIG(sig) && opt.sig_notations)
-      {
-	if(sig->version<4)
-	  log_error(_("can't put notation data into v3 (PGP 2.x style) "
-		      "signatures\n"));
-	else
-	  nd=opt.sig_notations;
-      }
+      nd=opt.sig_notations;
     else if( IS_CERT(sig) && opt.cert_notations )
-      {
-	if(sig->version<4)
-	  log_error(_("can't put notation data into v3 (PGP 2.x style) "
-		      "key signatures\n"));
-	else
-	  nd=opt.cert_notations;
-      }
+      nd=opt.cert_notations;
 
     if(nd)
       {
@@ -116,21 +101,9 @@ mk_notation_policy_etc( PKT_signature *sig,
 
     /* set policy URL */
     if( IS_SIG(sig) && opt.sig_policy_url )
-      {
-	if(sig->version<4)
-	  log_error(_("can't put a policy URL into v3 (PGP 2.x style) "
-		      "signatures\n"));
-	else
-	  pu=opt.sig_policy_url;
-      }
+      pu=opt.sig_policy_url;
     else if( IS_CERT(sig) && opt.cert_policy_url )
-      {
-	if(sig->version<4)
-	  log_error(_("can't put a policy URL into v3 key (PGP 2.x style) "
-		      "signatures\n"));
-	else
-	  pu=opt.cert_policy_url;
-      }
+      pu=opt.cert_policy_url;
 
     for(;pu;pu=pu->next)
       {
@@ -153,12 +126,7 @@ mk_notation_policy_etc( PKT_signature *sig,
 
     /* preferred keyserver URL */
     if( IS_SIG(sig) && opt.sig_keyserver_url )
-      {
-	if(sig->version<4)
-	  log_info("can't put a preferred keyserver URL into v3 signatures\n");
-	else
-	  pu=opt.sig_keyserver_url;
-      }
+      pu=opt.sig_keyserver_url;
 
     for(;pu;pu=pu->next)
       {
@@ -689,8 +657,10 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash,
           BUG ();
 
 	if (sig->version >= 4)
+          {
 	    build_sig_subpkt_from_sig (sig);
-	mk_notation_policy_etc (sig, NULL, sk);
+            mk_notation_policy_etc (sig, NULL, sk);
+          }
 
         hash_sigversion_to_magic (md, sig);
 	gcry_md_final (md);
@@ -1487,8 +1457,10 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
       sig->expiredate=sig->timestamp+duration;
     sig->sig_class = sigclass;
     if( sig->version >= 4 )
+      {
 	build_sig_subpkt_from_sig( sig );
-    mk_notation_policy_etc( sig, pk, sk );
+	mk_notation_policy_etc( sig, pk, sk );
+      }
 
     /* Crucial that the call to mksubpkt comes LAST before the calls
        to finalize the sig as that makes it possible for the mksubpkt