diff options
| author | Werner Koch <[email protected]> | 2022-09-29 12:15:47 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2022-09-29 12:15:47 +0000 |
| commit | 07c6743148d4abd30fb8bf08b07eb9755fdfff2d (patch) | |
| tree | 24e316eeeb8be17e71c2bdce3ae96aa2fdec8535 | |
| parent | doc: Typo fix in a comment. (diff) | |
| download | gnupg-07c6743148d4abd30fb8bf08b07eb9755fdfff2d.tar.gz gnupg-07c6743148d4abd30fb8bf08b07eb9755fdfff2d.zip | |
gpg: Avoid to emit a compliance mode line if libgcrypt is non-compliant.
* g10/encrypt.c (check_encryption_compliance): Check gcrypt compliance
before emitting an ENCRYPTION_COMPLIANCE_MODE status.
--
GnuPG-bug-id: 6221
| -rw-r--r-- | g10/encrypt.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/g10/encrypt.c b/g10/encrypt.c index a96a77974..5f9480fad 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -535,8 +535,13 @@ check_encryption_compliance (DEK *dek, pk_list_t pk_list) goto leave; } - compliant = gnupg_cipher_is_compliant (CO_DE_VS, dek->algo, - GCRY_CIPHER_MODE_CFB); + /* From here on we only test for CO_DE_VS - if we ever want to + * return other compliance mode values we need to change this to + * loop over all those values. */ + compliant = gnupg_gcrypt_is_compliant (CO_DE_VS); + + if (!gnupg_cipher_is_compliant (CO_DE_VS, dek->algo, GCRY_CIPHER_MODE_CFB)) + compliant = 0; for (pkr = pk_list; pkr; pkr = pkr->next) { |