From d703f494c90d2fa80fdbbaf33c084a7225411b55 Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Wed, 15 Jan 2025 14:30:53 +0100
Subject: [PATCH] Check binding signature details against primary key (#264)

Rather than checking the binding signature details against the subkey
(i.e. the subject of the binding signature), check them against the primary key (i.e. the signing key).
---
 openpgp/v2/subkeys.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openpgp/v2/subkeys.go b/openpgp/v2/subkeys.go
index 9dc70899e..3e9fc1890 100644
--- a/openpgp/v2/subkeys.go
+++ b/openpgp/v2/subkeys.go
@@ -187,7 +187,7 @@ func (s *Subkey) LatestValidBindingSignature(date time.Time, config *packet.Conf
 			if sig.Valid == nil {
 				err := s.Primary.PrimaryKey.VerifyKeySignature(s.PublicKey, sig.Packet)
 				if err == nil {
-					err = checkSignatureDetails(s.PublicKey, sig.Packet, date, config)
+					err = checkSignatureDetails(s.Primary.PrimaryKey, sig.Packet, date, config)
 				}
 				valid := err == nil
 				sig.Valid = &valid