+ hash[1] == sighash[1]))) {
+ remove = true;
+ }
+
+#if HAVE_CRYPTO
+ if (fullverify && !remove) {
+ sig_info((*sigs)->packet, &sigid, NULL);
+
+ /* Start by assuming it's a bad sig */
+
+ remove = true;
+ if (sigid == keyid) {
+ ret = onak_check_hash_sig(key->publickey,
+ (*sigs)->packet,
+ hash, hashtype);
+
+ /* We have a valid self signature */
+ if (ret == ONAK_E_OK) {
+ remove = false;
+ if (selfsig != NULL) {
+ *selfsig = true;
+ }
+ }
+ }
+
+ if (remove) {
+ dbctx->fetch_key_id(dbctx, sigid,
+ &sigkeys, false);
+ }
+
+ /*
+ * A 64 bit collision is probably a sign of something
+ * sneaky happening, but if the signature verifies we
+ * should keep it.
+ */
+ for (curkey = sigkeys; curkey != NULL;
+ curkey = curkey->next) {
+
+ ret = onak_check_hash_sig(curkey->publickey,
+ (*sigs)->packet,
+ hash, hashtype);
+
+ /* Got a valid signature */
+ if (ret == ONAK_E_OK) {
+ remove = false;
+ if (othersig != NULL) {
+ *othersig = true;
+ }
+ break;
+ }
+ }
+
+ free_publickey(sigkeys);
+ sigkeys = NULL;
+ }
+#endif
+
+ if (remove) {