From 196c8f5f31c4b8b81c33606338c09ad1d9700940 Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Mon, 8 Jul 2024 15:29:02 +0200
Subject: [PATCH] Allow parsing empty Key Flags subpackets (#214)

This is allowed by the spec, which says:

> This subpacket contains a list of binary flags that hold information
> about a key. It is a string of octets, and an implementation MUST NOT
> assume a fixed size. This is so it can grow over time. If a list is
> shorter than an implementation expects, the unstated flags are
> considered to be zero.

And it can be useful to explicitly say that a primary key is not allowed
to be used for any purpose (except certifying subkeys), for example.
---
 openpgp/packet/signature.go | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/openpgp/packet/signature.go b/openpgp/packet/signature.go
index 5a71c79e..7fa7ba61 100644
--- a/openpgp/packet/signature.go
+++ b/openpgp/packet/signature.go
@@ -518,11 +518,10 @@ func parseSignatureSubpacket(sig *Signature, subpacket []byte, isHashed bool) (r
 		}
 	case keyFlagsSubpacket:
 		// Key flags, section 5.2.3.21
+		sig.FlagsValid = true
 		if len(subpacket) == 0 {
-			err = errors.StructuralError("empty key flags subpacket")
 			return
 		}
-		sig.FlagsValid = true
 		if subpacket[0]&KeyFlagCertify != 0 {
 			sig.FlagCertify = true
 		}