mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
* getkey.c (get_pubkey_direct): Don't cache keys retrieved via this
function as they may not have all their fields filled in. * sig-check.c (signature_check2): Use new is_primary flag to check rather than comparing main_keyid with keyid as this still works in the case of a not fully filled in pk.
This commit is contained in:
David Shaw
parent
2e21d851e9
commit
d1738ac243
3 changed files with 15 additions and 5 deletions
|
|
@ -75,9 +75,7 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest,
|
|||
}
|
||||
else if( get_pubkey( pk, sig->keyid ) )
|
||||
rc = G10ERR_NO_PUBKEY;
|
||||
else if(!pk->is_valid &&
|
||||
(pk->main_keyid[0]!=pk->keyid[0] ||
|
||||
pk->main_keyid[1]!=pk->keyid[1]))
|
||||
else if(!pk->is_valid && !pk->is_primary)
|
||||
rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an
|
||||
invalid subkey */
|
||||
else {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue