From 9287f9e87b215e79fdb7fb9dfdf2b47666e6ea2f Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Wed, 15 Jan 2020 14:27:36 +0900
Subject: gpg: Cert only key should be usable with --default-key.

* g10/getkey.c (parse_def_secret_key): Allow cert-only key.

--

GnuPG-bug-id: 4810
Fixes-commit: e573e6188dada4d70f6897aa2fda3c3af8c50441
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 g10/getkey.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/g10/getkey.c b/g10/getkey.c
index ad5dd8e01..cc908964e 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -1860,7 +1860,8 @@ parse_def_secret_key (ctrl_t ctrl)
           PKT_public_key *pk = node->pkt->pkt.public_key;
 
           /* Check that the key has the signing capability.  */
-          if (! (pk->pubkey_usage & PUBKEY_USAGE_SIG))
+          if (! (pk->pubkey_usage & PUBKEY_USAGE_SIG)
+              && ! (pk->pubkey_usage & PUBKEY_USAGE_CERT))
             continue;
 
           /* Check if the key is valid.  */
-- 
cgit v1.2.3