diff options
| author | Werner Koch <[email protected]> | 2018-10-08 14:14:17 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2018-10-08 14:14:17 +0000 |
| commit | b6275f3bda8edff34274c5b921508567f491ab9c (patch) | |
| tree | 965651c6397047f9c48f25db2b79a9712e9ce071 /g10/sig-check.c | |
| parent | gpg: Make --skip-hidden-recipients work again. (diff) | |
| download | gnupg-b6275f3bda8edff34274c5b921508567f491ab9c.tar.gz gnupg-b6275f3bda8edff34274c5b921508567f491ab9c.zip | |
gpg: Fix extra check for sign usage of a data signature.
* g10/sig-check.c (check_signature_end_simple):
--
Obviously we should not ignore a back signature here.
Fixes-commit: 214b0077264e35c079e854a8b6374704aea45cd5
GnuPG-bug-id: 4014
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'g10/sig-check.c')
| -rw-r--r-- | g10/sig-check.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/g10/sig-check.c b/g10/sig-check.c index 0ec384347..9c32d4d12 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -480,7 +480,8 @@ check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig, } /* For data signatures check that the key has sign usage. */ - if (IS_SIG (sig) && !(pk->pubkey_usage & PUBKEY_USAGE_SIG)) + if (!IS_BACK_SIG (sig) && IS_SIG (sig) + && !(pk->pubkey_usage & PUBKEY_USAGE_SIG)) { rc = gpg_error (GPG_ERR_WRONG_KEY_USAGE); if (!opt.quiet) |