$NetBSD: patch-aj,v 1.1 2003/11/27 23:46:36 heinz Exp $

--- g10/getkey.c.orig	Mon Jul 28 20:34:41 2003
+++ g10/getkey.c
@@ -1049,7 +1049,11 @@ get_seckey_byname2( GETKEY_CTX *retctx,
 	ctx.items[0].mode = KEYDB_SEARCH_MODE_FIRST;
 	rc = lookup( &ctx, &kb, 1 );
         if (!rc && sk )
-            sk_from_block ( &ctx, sk, kb );
+	  {
+	    sk_from_block ( &ctx, sk, kb );
+	    if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+	      rc=G10ERR_UNU_SECKEY;
+	  }
         release_kbnode ( kb );
 	get_seckey_end( &ctx );
     }
@@ -1655,6 +1659,11 @@ merge_selfsigs_main( KBNODE keyblock, in
         if ( x ) /* mask it down to the actual allowed usage */
             key_usage &= x; 
     }
+
+    /* Type 20 Elgamal keys are not usable. */
+    if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+      key_usage=0;
+
     pk->pubkey_usage = key_usage;
 
     if ( !key_expire_seen ) {
@@ -1869,6 +1878,13 @@ merge_selfsigs_subkey( KBNODE keyblock, 
         if ( x ) /* mask it down to the actual allowed usage */
             key_usage &= x; 
     }
+
+    /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are
+       not usable. */
+    if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
+       || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
+      key_usage=0;
+
     subpk->pubkey_usage = key_usage;
     
     p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);