mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Disallow use of encrypt-only v3 Elgamal keys for anything except revocations. * sign.c (do_sign): Add Elgamal encrypt-only keys to the signature catchall. * trustdb.c (mark_usable_uid_certs): Disallow signatures to and from Elgamal encrypt-only keys in the trustdb. Granted, this sounds strange, but there are historical keys that fit this description.
This commit is contained in:
David Shaw
parent
f7264fb7f6
commit
f9fffa826c
4 changed files with 27 additions and 9 deletions
|
|
@ -270,7 +270,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
|
|||
sign+encrypt keys. Note that this allows for Elgamal
|
||||
designated revocations as well, but that's arguably a good
|
||||
thing. */
|
||||
if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL && sig->sig_class!=0x20)
|
||||
if(is_ELGAMAL(sk->pubkey_algo) && sig->sig_class!=0x20)
|
||||
return G10ERR_UNU_SECKEY;
|
||||
|
||||
print_pubkey_algo_note(sk->pubkey_algo);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue