From 90c514868ff5fcf6d39490d4874ac3a31ba9e85f Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 28 Jan 2021 15:48:08 +0100
Subject: Include the library version in the compliance checks.

* common/compliance.c (gnupg_gcrypt_is_compliant): New.
(gnupg_rng_is_compliant): Also check library version.
* g10/mainproc.c (proc_encrypted): Use new function.
(check_sig_and_print): Ditto.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/verify.c (gpgsm_verify): Ditto
--

This will eventually allow us to declare Libgcrypt 1.9 to be de-vs
compliant.  GnuPG can use this information then for its own checks.
As of now GnuPG tests the version of the used library but that is a
bit cumbersome to maintain.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 sm/decrypt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'sm/decrypt.c')

diff --git a/sm/decrypt.c b/sm/decrypt.c
index 2d846335e..aa91b370d 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -925,7 +925,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
                                               decrypt_filter,
                                               &dfparm);
 
-                      if (is_de_vs)
+                      if (is_de_vs && gnupg_gcrypt_is_compliant (CO_DE_VS))
                         gpgsm_status (ctrl, STATUS_DECRYPTION_COMPLIANCE_MODE,
                                       gnupg_status_compliance_flag (CO_DE_VS));
 
-- 
cgit v1.2.3