From fcefffcb005d4df0fd075fb0d0f210a465a8156c Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Thu, 3 Oct 2002 19:20:37 +0000
Subject: [PATCH] * keylist.c (print_capabilities): Secret-parts-missing keys
 should show that fact in the capabilities, and only primary signing keys can
 certify other keys.

* packet.h, parse_packet.c (parse_key): Add is_primary flag for public
keys (it already exists for secret keys).
---
 g10/ChangeLog      |  9 +++++++++
 g10/keylist.c      | 20 +++++++++++++++-----
 g10/packet.h       |  1 +
 g10/parse-packet.c |  1 +
 4 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 40049fe1c..89937f294 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,12 @@
+2002-10-03  David Shaw  <dshaw@jabberwocky.com>
+
+	* keylist.c (print_capabilities): Secret-parts-missing keys should
+	show that fact in the capabilities, and only primary signing keys
+	can certify other keys.
+
+	* packet.h, parse_packet.c (parse_key): Add is_primary flag for
+	public keys (it already exists for secret keys).
+
 2002-10-02  David Shaw  <dshaw@jabberwocky.com>
 
 	* import.c (import_secret_one): Check for an illegal (>110)
diff --git a/g10/keylist.c b/g10/keylist.c
index 1cea96a7a..90a8d9d86 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -305,9 +305,10 @@ print_capabilities (PKT_public_key *pk, PKT_secret_key *sk, KBNODE keyblock)
     if ( use & PUBKEY_USAGE_ENC ) {
         putchar ('e');
     }
-    if ( use & PUBKEY_USAGE_SIG ) {
+    if ( (use & PUBKEY_USAGE_SIG) && !(sk?(sk->protect.s2k.mode==1001):0) ) {
         putchar ('s');
-        putchar ('c');
+	if( pk? pk->is_primary : sk->is_primary )
+	  putchar ('c');
     }
     if ( keyblock ) { /* figure our the usable capabilities */
         KBNODE k;
@@ -321,17 +322,26 @@ print_capabilities (PKT_public_key *pk, PKT_secret_key *sk, KBNODE keyblock)
                     if ( pk->pubkey_usage & PUBKEY_USAGE_ENC )
                         enc = 1;
                     if ( pk->pubkey_usage & PUBKEY_USAGE_SIG )
-                        sign = cert = 1;
+		      {
+			sign = 1;
+			if(pk->is_primary)
+			  cert = 1;
+		      }
                 }
             }
             else if ( k->pkt->pkttype == PKT_SECRET_KEY 
                       || k->pkt->pkttype == PKT_SECRET_SUBKEY ) {
                 sk = k->pkt->pkt.secret_key;
-                if ( sk->is_valid && !sk->is_revoked && !sk->has_expired ) {
+                if ( sk->is_valid && !sk->is_revoked && !sk->has_expired
+		     && sk->protect.s2k.mode!=1001 ) {
                     if ( sk->pubkey_usage & PUBKEY_USAGE_ENC )
                         enc = 1;
                     if ( sk->pubkey_usage & PUBKEY_USAGE_SIG )
-                        sign = cert = 1;
+		      {
+			sign = 1;
+			if(sk->is_primary)
+			  cert = 1;
+		      }
                 }
             }
         }
diff --git a/g10/packet.h b/g10/packet.h
index c5556a6ba..fdca455a1 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -202,6 +202,7 @@ typedef struct {
     ulong   local_id;	    /* internal use, valid if > 0 */
     u32     main_keyid[2];  /* keyid of the primary key */
     u32     keyid[2];	    /* calculated by keyid_from_pk() */
+    byte    is_primary;
     prefitem_t *prefs;      /* list of preferences (may be NULL) */
     int     mdc_feature;    /* mdc feature set */
     byte    *namehash;	    /* if != NULL: found by this name */
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index c50c8a2e8..bce3ce308 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -1523,6 +1523,7 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
 	pk->max_expiredate = max_expiredate;
 	pk->hdrbytes	= hdrlen;
 	pk->version	= version;
+	pk->is_primary = pkttype == PKT_PUBLIC_KEY;
 	pk->pubkey_algo = algorithm;
 	pk->req_usage = 0; 
 	pk->pubkey_usage = 0; /* not yet used */