* sig-check.c (signature_check2): Signatures made by invalid subkeys

(bad/missing binding sig) are also invalid. * keylist.c (print_fingerprint): Show the primary as well as the secondary key fingerprint in modes 1 & 2.
author: David Shaw <[email protected]> 2002-07-23 18:42:18 +0000
committer: David Shaw <[email protected]> 2002-07-23 18:42:18 +0000
commit: 4623605645d3899a13fdc5cbb167fcafcdc70823 (patch)
tree: 96a337683dc5ad3b301b529b6d5e2a4aba5a26a9 /g10/sig-check.c
parent: 2002-07-22 Timo Schulz <[email protected]> (diff)
download: gnupg-4623605645d3899a13fdc5cbb167fcafcdc70823.tar.gz
gnupg-4623605645d3899a13fdc5cbb167fcafcdc70823.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/g10/sig-check.c b/g10/sig-check.c
index c9c19aad4..1654fe997 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -65,6 +65,11 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest,
     *r_expiredate = 0;
     if( get_pubkey( pk, sig->keyid ) )
 	rc = G10ERR_NO_PUBKEY;
+    else if(!pk->is_valid &&
+	    (pk->main_keyid[0]!=pk->keyid[0] ||
+	     pk->main_keyid[1]!=pk->keyid[1]))
+        rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an
+				 invalid subkey */
     else {
 	*r_expiredate = pk->expiredate;
 	rc = do_check( pk, sig, digest, r_expired );
author	David Shaw <[email protected]>	2002-07-23 18:42:18 +0000
committer	David Shaw <[email protected]>	2002-07-23 18:42:18 +0000
commit	4623605645d3899a13fdc5cbb167fcafcdc70823 (patch)
tree	96a337683dc5ad3b301b529b6d5e2a4aba5a26a9 /g10/sig-check.c
parent	2002-07-22 Timo Schulz <[email protected]> (diff)
download	gnupg-4623605645d3899a13fdc5cbb167fcafcdc70823.tar.gz gnupg-4623605645d3899a13fdc5cbb167fcafcdc70823.zip