* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,

get_seckey_byname2): Disallow use of encrypt-only v3 Elgamal keys for
anything except revocations.

* sign.c (do_sign): Add Elgamal encrypt-only keys to the signature
catchall.

* trustdb.c (mark_usable_uid_certs): Disallow signatures to and from
Elgamal encrypt-only keys in the trustdb.  Granted, this sounds strange,
but there are historical keys that fit this description.

g10/ChangeLog

@@ -1,3 +1,17 @@
+2003-12-04  David Shaw  <dshaw@jabberwocky.com>
+
+	* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
+	get_seckey_byname2): Disallow use of encrypt-only v3 Elgamal keys
+	for anything except revocations.
+
+	* sign.c (do_sign): Add Elgamal encrypt-only keys to the signature
+	catchall.
+
+	* trustdb.c (mark_usable_uid_certs): Disallow signatures to and
+	from Elgamal encrypt-only keys in the trustdb.  Granted, this
+	sounds strange, but there are historical keys that fit this
+	description.
+
 2003-12-03  Werner Koch  <wk@gnupg.org>
 
 	* mainproc.c (check_sig_and_print): Removed the "0x" again.

g10/getkey.c

@@ -1051,7 +1051,8 @@ get_seckey_byname2( GETKEY_CTX *retctx,
         if (!rc && sk )
 	  {
 	    sk_from_block ( &ctx, sk, kb );
-	    if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+	    if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
+	       || (sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL_E && sk->version<4))
 	      rc=G10ERR_UNU_SECKEY;
 	  }
         release_kbnode ( kb );
@@ -1660,8 +1661,10 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
             key_usage &= x; 
     }
 
-    /* Type 20 Elgamal keys are not usable. */
+    /* Type 20 Elgamal keys and the old v3 Elgamal keys are not
-    if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+       usable. */
+    if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
+       || (pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL_E && pk->version<4))
       key_usage=0;
 
     pk->pubkey_usage = key_usage;
@@ -1879,10 +1882,11 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
             key_usage &= x; 
     }
 
-    /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are
+    /* Type 20 Elgamal subkeys, any subkey on a type 20 primary, or
-       not usable. */
+       any subkey on an old v3 Elgamal(e) primary are not usable. */
     if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
-       || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+       || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
+       || (mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL_E && mainpk->version<4))
       key_usage=0;
 
     subpk->pubkey_usage = key_usage;

g10/sign.c

@@ -270,7 +270,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
        sign+encrypt keys.  Note that this allows for Elgamal
        designated revocations as well, but that's arguably a good
        thing. */
-    if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL && sig->sig_class!=0x20)
+    if(is_ELGAMAL(sk->pubkey_algo) && sig->sig_class!=0x20)
       return G10ERR_UNU_SECKEY;
 
     print_pubkey_algo_note(sk->pubkey_algo);

g10/trustdb.c

@@ -1194,7 +1194,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
         continue; /* we only look at these signature classes */
       if (!is_in_klist (klist, sig))
         continue;  /* no need to check it then */
-      if(sig->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+      if(is_ELGAMAL(sig->pubkey_algo))
 	{
 	  if(opt.verbose)
 	    log_info(_("signature from Elgamal signing key %08lX "
@@ -1202,7 +1202,7 @@ mark_usable_uid_certs (KBNODE keyblock, KBNODE uidnode,
 		     (ulong)sig->keyid[1],(ulong)main_kid[1]);
 	  continue;
 	}
-      if(keyblock->pkt->pkt.public_key->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+      if(is_ELGAMAL(keyblock->pkt->pkt.public_key->pubkey_algo))
 	{
 	  if(opt.verbose)
 	    log_info(_("signature from %08lX to Elgamal signing key "