On Fri, 5 Oct 2018 21:04, zer...@gmail.com said: > gpg: bad data signature from key <censored>: Wrong key usage (0x19, 0x2) > Secret key is available.
Right, I noticed this as well but ignored it. Thanks for raising this. I re-opened task 4014 and pushed a fix to master. I attach it in case you want to apply and test it in stable. 73 de DD9JN -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
From b6275f3bda8edff34274c5b921508567f491ab9c Mon Sep 17 00:00:00 2001
From: Werner Koch <w...@gnupg.org>
Date: Mon, 8 Oct 2018 16:14:17 +0200
Subject: [PATCH GnuPG] gpg: Fix extra check for sign usage of a data
signature.
* g10/sig-check.c (check_signature_end_simple):
--
Obviously we should not ignore a back signature here.
Fixes-commit: 214b0077264e35c079e854a8b6374704aea45cd5
GnuPG-bug-id: 4014
Signed-off-by: Werner Koch <w...@gnupg.org>
---
g10/sig-check.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 0ec384347..9c32d4d12 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -480,7 +480,8 @@ check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
}
/* For data signatures check that the key has sign usage. */
- if (IS_SIG (sig) && !(pk->pubkey_usage & PUBKEY_USAGE_SIG))
+ if (!IS_BACK_SIG (sig) && IS_SIG (sig)
+ && !(pk->pubkey_usage & PUBKEY_USAGE_SIG))
{
rc = gpg_error (GPG_ERR_WRONG_KEY_USAGE);
if (!opt.quiet)
--
2.11.0
pgpAqk3300S0n.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
