aboutsummaryrefslogtreecommitdiffstats
path: root/g10/sign.c
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2024-01-26 08:41:00 +0000
committerWerner Koch <[email protected]>2024-01-26 08:41:00 +0000
commitdfa60c09f5cd992515df5fdb275dbee7f8f23b71 (patch)
treee68215d4b947727fa98eb8c95244b8819b058b1e /g10/sign.c
parentgpg: Clean up pk_ecdh_decrypt function. (diff)
parentPost release updates (diff)
downloadgnupg-dfa60c09f5cd992515df5fdb275dbee7f8f23b71.tar.gz
gnupg-dfa60c09f5cd992515df5fdb275dbee7f8f23b71.zip
Merge branch 'STABLE-BRANCH-2-4'
-- Fixed conflicts: NEWS configure.ac doc/gpg.texi
Diffstat (limited to 'g10/sign.c')
-rw-r--r--g10/sign.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/g10/sign.c b/g10/sign.c
index ee3fac1df..b6c4d2126 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -444,8 +444,9 @@ do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
goto leave;
}
- /* Check compliance. */
- if (! gnupg_digest_is_allowed (opt.compliance, 1, mdalgo))
+ /* Check compliance but always allow for key revocations. */
+ if (!IS_KEY_REV (sig)
+ && ! gnupg_digest_is_allowed (opt.compliance, 1, mdalgo))
{
log_error (_("digest algorithm '%s' may not be used in %s mode\n"),
gcry_md_algo_name (mdalgo),
@@ -454,9 +455,10 @@ do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
goto leave;
}
- if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_SIGNING,
- pksk->pubkey_algo, 0,
- pksk->pkey, nbits_from_pk (pksk), NULL))
+ if (!IS_KEY_REV (sig)
+ && ! gnupg_pk_is_allowed (opt.compliance, PK_USE_SIGNING,
+ pksk->pubkey_algo, 0,
+ pksk->pkey, nbits_from_pk (pksk), NULL))
{
log_error (_("key %s may not be used for signing in %s mode\n"),
keystr_from_pk (pksk),
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-27 09:40:16 +0000