From 09a96c9e1bea73bb80cbaf4c74381999421a1316 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 25 May 2023 16:43:37 +0200
Subject: gpg: Skip keys found via ADSKs.

* g10/encrypt.c (write_pubkey_enc): Indicate encryption to an ADSK.
* g10/getkey.c (finish_lookup): Skip ADKS keys.
--

If a key is searched by fingerprint or keyid and it happens that this
is an ADSK (subkey with the RENC usage), we need to skip this key
because it is not the key we actually want to encrypt to.  The actual
ADSK key is taken later by looking at all subkeys of the actual
selected key.

This is related to
GnuPG-bug-id: 6504
---
 g10/encrypt.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'g10/encrypt.c')

diff --git a/g10/encrypt.c b/g10/encrypt.c
index a524326bb..00d9a0c44 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -1146,6 +1146,12 @@ write_pubkey_enc (ctrl_t ctrl,
       if ( opt.verbose )
         {
           char *ustr = get_user_id_string_native (ctrl, enc->keyid);
+          if ((pk->pubkey_usage & PUBKEY_USAGE_RENC))
+            {
+              char *tmpustr = xstrconcat (ustr, " [ADSK]", NULL);
+              xfree (ustr);
+              ustr = tmpustr;
+            }
           log_info (_("%s/%s.%s encrypted for: \"%s\"\n"),
                     openpgp_pk_algo_name (enc->pubkey_algo),
                     openpgp_cipher_algo_name (dek->algo),
-- 
cgit v1.2.3