From 3621dbe52584bc8b417f61b5370ebaa5598db956 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 19 Jun 2017 17:50:02 +0200
Subject: gpg,gpgsm: Fix compliance check for DSA and avoid an assert.

* common/compliance.c (gnupg_pk_is_compliant): Swap P and Q for DSA
check.  Explicitly check for allowed ECC algos.
(gnupg_pk_is_allowed): Swap P and Q for DSA check.
* g10/mainproc.c (proc_encrypted): Simplify SYMKEYS check.  Replace
assert by debug message.

--

Note that in mainproc.c SYMKEYS is unsigned and thus a greater than 0
condition is surprising because it leads to the assumption SYMKEYS
could be negative.  Better use a boolean test.

The assert could have lead to a regression for no good reason.  Not
being compliant is better than breaking existing users.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 common/compliance.c | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

(limited to 'common/compliance.c')

diff --git a/common/compliance.c b/common/compliance.c
index 3c43fd821..8b9167758 100644
--- a/common/compliance.c
+++ b/common/compliance.c
@@ -154,10 +154,10 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,
 	case is_dsa:
 	  if (key)
 	    {
-	      size_t L = gcry_mpi_get_nbits (key[0] /* p */);
-	      size_t N = gcry_mpi_get_nbits (key[1] /* q */);
-	      result = (L == 256
-			&& (N == 2048 || N == 3072));
+	      size_t P = gcry_mpi_get_nbits (key[0]);
+	      size_t Q = gcry_mpi_get_nbits (key[1]);
+	      result = (Q == 256
+			&& (P == 2048 || P == 3072));
 	    }
 	  break;
 
@@ -171,7 +171,8 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,
             }
 
           result = (curvename
-                    && algo != PUBKEY_ALGO_EDDSA
+                    && (algo == PUBKEY_ALGO_ECDH
+                        || algo == PUBKEY_ALGO_ECDSA)
                     && (!strcmp (curvename, "brainpoolP256r1")
                         || !strcmp (curvename, "brainpoolP384r1")
                         || !strcmp (curvename, "brainpoolP512r1")));
@@ -238,13 +239,13 @@ gnupg_pk_is_allowed (enum gnupg_compliance_mode compliance,
 	case PUBKEY_ALGO_DSA:
 	  if (key)
 	    {
-	      size_t L = gcry_mpi_get_nbits (key[0] /* p */);
-	      size_t N = gcry_mpi_get_nbits (key[1] /* q */);
+	      size_t P = gcry_mpi_get_nbits (key[0]);
+	      size_t Q = gcry_mpi_get_nbits (key[1]);
 	      return ((use == PK_USE_SIGNING
-		       && L == 256
-		       && (N == 2048 || N == 3072))
+		       && Q == 256
+		       && (P == 2048 || P == 3072))
 		      || (use == PK_USE_VERIFICATION
-			  && N < 2048));
+			  && P < 2048));
 	    }
 	  else
 	    return 0;
-- 
cgit v1.2.3