gpg: Fix extra check for sign usage of a data signature.

author Werner Koch <wk@gnupg.org>

Mon, 8 Oct 2018 14:14:17 +0000 (16:14 +0200)

committer Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Mon, 8 Oct 2018 15:36:01 +0000 (16:36 +0100)
author Werner Koch <wk@gnupg.org>
Mon, 8 Oct 2018 14:14:17 +0000 (16:14 +0200)
committer Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Mon, 8 Oct 2018 15:36:01 +0000 (16:36 +0100)
diff --git a/g10/sig-check.c b/g10/sig-check.c

index e59e0c90068190c0119e51686920cfe73dedd7b7..a93b496a8855045a62f48b39224d6a4b57370da1 100644 (file)
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -481,7 +481,8 @@ check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
      }
  
    /* For data signatures check that the key has sign usage.  */
-  if (IS_SIG (sig) && !(pk->pubkey_usage & PUBKEY_USAGE_SIG))
+  if (!IS_BACK_SIG (sig) && IS_SIG (sig)
+      && !(pk->pubkey_usage & PUBKEY_USAGE_SIG))
      {
        rc = gpg_error (GPG_ERR_WRONG_KEY_USAGE);
        if (!opt.quiet)
author	Werner Koch <wk@gnupg.org>
	Mon, 8 Oct 2018 14:14:17 +0000 (16:14 +0200)
committer	Daniel Kahn Gillmor <dkg@fifthhorseman.net>
	Mon, 8 Oct 2018 15:36:01 +0000 (16:36 +0100)