* keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix problem with

adding a cert-only designated revoker. Code was looking for a key with sign ability, and not cert ability. Noted by Timo Schulz.
author: David Shaw <[email protected]> 2005-10-27 16:23:59 +0000
committer: David Shaw <[email protected]> 2005-10-27 16:23:59 +0000
commit: b3ea683ac97d0f60ce4a17f1cf18ca11a95b4b2a (patch)
tree: 0f4d983fb6a6b84fb5eed6f5a3c469e57f3b4433 /g10/keyedit.c
parent: cygwin fixes (diff)
download: gnupg-b3ea683ac97d0f60ce4a17f1cf18ca11a95b4b2a.tar.gz
gnupg-b3ea683ac97d0f60ce4a17f1cf18ca11a95b4b2a.zip
1 files changed, 5 insertions, 3 deletions
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 55fc685c0..1e07b1d41 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -3380,9 +3380,11 @@ menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock, int sensitive )
 	  goto fail;
 	}
 
-      /* Note that I'm requesting SIG here and not CERT.  We're making
-	 a certification, but it is okay to be a subkey. */
-      revoker_pk->req_usage=PUBKEY_USAGE_SIG;
+      /* Note that I'm requesting CERT here, which usually implies
+	 primary keys only, but some casual testing shows that PGP and
+	 GnuPG both can handle a designated revokation from a
+	 subkey. */
+      revoker_pk->req_usage=PUBKEY_USAGE_CERT;
       rc=get_pubkey_byname(revoker_pk,answer,NULL,NULL,1);
       if(rc)
 	{
author	David Shaw <[email protected]>	2005-10-27 16:23:59 +0000
committer	David Shaw <[email protected]>	2005-10-27 16:23:59 +0000
commit	b3ea683ac97d0f60ce4a17f1cf18ca11a95b4b2a (patch)
tree	0f4d983fb6a6b84fb5eed6f5a3c469e57f3b4433 /g10/keyedit.c
parent	cygwin fixes (diff)
download	gnupg-b3ea683ac97d0f60ce4a17f1cf18ca11a95b4b2a.tar.gz gnupg-b3ea683ac97d0f60ce4a17f1cf18ca11a95b4b2a.zip