* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,

get_seckey_byname2): Disallow use of encrypt-only v3 Elgamal keys for anything except revocations. * sign.c (do_sign): Add Elgamal encrypt-only keys to the signature catchall. * trustdb.c (mark_usable_uid_certs): Disallow signatures to and from Elgamal encrypt-only keys in the trustdb. Granted, this sounds strange, but there are historical keys that fit this description.
2025-07-03 22:56:33 +02:00 · 2003-12-05 04:13:47 +00:00 · 2003-12-05 04:13:47 +00:00 · f9fffa826c
commit f9fffa826c
parent f7264fb7f6
4 changed files with 27 additions and 9 deletions
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -1194,7 +1194,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
        continue; /* we only look at these signature classes */
      if (!is_in_klist (klist, sig))
        continue;  /* no need to check it then */
-      if(sig->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+      if(is_ELGAMAL(sig->pubkey_algo))
 	{
 	  if(opt.verbose)
 	    log_info(_("signature from Elgamal signing key %08lX "
@ -1202,7 +1202,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
 		     (ulong)sig->keyid[1],(ulong)main_kid[1]);
 	  continue;
 	}
-      if(keyblock->pkt->pkt.public_key->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+      if(is_ELGAMAL(keyblock->pkt->pkt.public_key->pubkey_algo))
 	{
 	  if(opt.verbose)
 	    log_info(_("signature from %08lX to Elgamal signing key "