aboutsummaryrefslogtreecommitdiffstats
path: root/g10/keyedit.c
diff options
context:
space:
mode:
Diffstat (limited to 'g10/keyedit.c')
-rw-r--r--g10/keyedit.c47
1 files changed, 31 insertions, 16 deletions
diff --git a/g10/keyedit.c b/g10/keyedit.c
index bfe3f8546..80d714adc 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -3661,10 +3661,21 @@ menu_backsign(KBNODE pub_keyblock,KBNODE sec_keyblock)
}
/* Find a signing subkey with no backsig */
- if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY
- && (node->pkt->pkt.public_key->pubkey_usage&PUBKEY_USAGE_SIG)
- && !node->pkt->pkt.public_key->backsig)
- sub_pk=node->pkt->pkt.public_key;
+ if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY)
+ {
+ if(node->pkt->pkt.public_key->pubkey_usage&PUBKEY_USAGE_SIG)
+ {
+ if(node->pkt->pkt.public_key->backsig)
+ tty_printf(_("signing subkey %s is already cross-certified\n"),
+ keystr_from_pk(node->pkt->pkt.public_key));
+ else
+ sub_pk=node->pkt->pkt.public_key;
+ }
+ else
+ tty_printf(_("subkey %s does not sign and so does"
+ " not need to be cross-certified\n"),
+ keystr_from_pk(node->pkt->pkt.public_key));
+ }
if(!sub_pk)
continue;
@@ -3693,7 +3704,11 @@ menu_backsign(KBNODE pub_keyblock,KBNODE sec_keyblock)
}
if(!sub_sk)
- continue;
+ {
+ tty_printf(_("no secret subkey for public subkey %s - ignoring\n"),
+ keystr_from_pk(sub_pk));
+ continue;
+ }
/* Now finally find the matching selfsig on the secret subkey.
We can't use chosen_selfsig here (it's not set for secret
@@ -3712,11 +3727,8 @@ menu_backsign(KBNODE pub_keyblock,KBNODE sec_keyblock)
break;
}
- if(!sig_sk)
- continue;
-
/* Now we can get to work. We have a main key and secret part,
- a signing subkey with signature and secret part with
+ a signing subkey with signature and secret part possibly with
signature. */
passphrase=get_last_passphrase();
@@ -3745,13 +3757,16 @@ menu_backsign(KBNODE pub_keyblock,KBNODE sec_keyblock)
xfree(sig_pk->pkt);
sig_pk->pkt=newpkt;
- /* Put the new sig into place on the seckey */
- newpkt=xmalloc_clear(sizeof(*newpkt));
- newpkt->pkttype=PKT_SIGNATURE;
- newpkt->pkt.signature=copy_signature(NULL,newsig);
- free_packet(sig_sk->pkt);
- xfree(sig_sk->pkt);
- sig_sk->pkt=newpkt;
+ if(sig_sk)
+ {
+ /* Put the new sig into place on the seckey */
+ newpkt=xmalloc_clear(sizeof(*newpkt));
+ newpkt->pkttype=PKT_SIGNATURE;
+ newpkt->pkt.signature=copy_signature(NULL,newsig);
+ free_packet(sig_sk->pkt);
+ xfree(sig_sk->pkt);
+ sig_sk->pkt=newpkt;
+ }
modified=1;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-28 17:26:15 +0000