diff --git a/openpgp/keys.go b/openpgp/keys.go
index b30315c447..b0304bda80 100644
--- a/openpgp/keys.go
+++ b/openpgp/keys.go
@@ -463,17 +463,16 @@ EachPacket:
 				continue
 			}
 
-			// These are signatures by other people on this key. Let's just ignore them
-			// from the beginning, since they shouldn't affect our key decoding one way
-			// or the other.
-			if pkt.IssuerKeyId != nil && *pkt.IssuerKeyId != e.PrimaryKey.KeyId {
-				continue
-			}
-
-			// If this is a signature made by the keyholder, and the signature has stubbed out
-			// critical packets, then *now* we need to bail out.
-			if e := pkt.StubbedOutCriticalError; e != nil {
-				return nil, e
+			if err := pkt.StubbedOutCriticalError; err != nil {
+				// These are signatures by other people on this key. Let's just ignore them
+				// from the beginning, since they shouldn't affect our key decoding one way
+				// or the other.
+				if pkt.IssuerKeyId != nil && *pkt.IssuerKeyId != e.PrimaryKey.KeyId {
+					continue
+				}
+				// If this is a signature made by the keyholder, and the signature has stubbed out
+				// critical packets, then *now* we need to bail out.
+				return nil, err
 			}
 
 			// Next handle the case of a self-signature. According to RFC8440,