summaryrefslogtreecommitdiffstats
path: root/g10/sig-check.c
diff options
context:
space:
mode:
Diffstat (limited to 'g10/sig-check.c')
-rw-r--r--g10/sig-check.c27
1 files changed, 15 insertions, 12 deletions
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 5a3cb886f..ac9d0da7d 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -438,22 +438,25 @@ check_backsig(PKT_public_key *main_pk,PKT_public_key *sub_pk,
gcry_md_hd_t md;
int rc;
+ /* Always check whether the algorithm is available. Although
+ gcry_md_open woyuld throw an error, some libgcrypt versions will
+ print a debug message in that case too. */
+ if ((rc=openpgp_md_test_algo (backsig->digest_algo)))
+ return rc;
+
if(!opt.no_sig_cache && backsig->flags.checked)
- {
- if((rc=openpgp_md_test_algo (backsig->digest_algo)))
- return rc;
+ return backsig->flags.valid? 0 : gpg_error (GPG_ERR_BAD_SIGNATURE);
- return backsig->flags.valid? 0 : gpg_error (GPG_ERR_BAD_SIGNATURE);
+ rc = gcry_md_open (&md, backsig->digest_algo,0);
+ if (!rc)
+ {
+ hash_public_key(md,main_pk);
+ hash_public_key(md,sub_pk);
+ rc=do_check(sub_pk,backsig,md,NULL,NULL,NULL);
+ cache_sig_result(backsig,rc);
+ gcry_md_close(md);
}
- if (gcry_md_open (&md, backsig->digest_algo,0))
- BUG ();
- hash_public_key(md,main_pk);
- hash_public_key(md,sub_pk);
- rc=do_check(sub_pk,backsig,md,NULL,NULL,NULL);
- cache_sig_result(backsig,rc);
- gcry_md_close(md);
-
return rc;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 20:43:16 +0100