mirror of git://git.gnupg.org/gnupg.git
gpg: Stop early when trying to create a primary Elgamal key.
* g10/misc.c (openpgp_pk_test_algo2): Add extra check. -- The problem is that --key-gen --batch with a parameter file didn't detect that Elgamal is not capable of signing and so an error was only triggered at the time the self-signature was created. See the code comment for details. GnuPG-bug-id: 4329 Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch
parent
e6d613711a
commit
f97dc55ff1
|
|
@ -723,6 +723,13 @@ openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use)
|
|||
if (!ga)
|
||||
return gpg_error (GPG_ERR_PUBKEY_ALGO);
|
||||
|
||||
/* Elgamal in OpenPGP used to support signing and Libgcrypt still
|
||||
* does. However, we removed the signing capability from gpg ages
|
||||
* ago. This function should reflect this so that errors are thrown
|
||||
* early and not only when we try to sign using Elgamal. */
|
||||
if (ga == GCRY_PK_ELG && (use & (PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG)))
|
||||
return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
|
||||
|
||||
/* Now check whether Libgcrypt has support for the algorithm. */
|
||||
return gcry_pk_algo_info (ga, GCRYCTL_TEST_ALGO, NULL, &use_buf);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue