From 2c3c049fd8a001dc9937e5ac3884831b6e25d2da Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 24 Oct 2023 14:51:16 +0200
Subject: sm: Flag Brainpool curves as compliant for all other operations.

* sm/fingerprint.c (gpgsm_get_key_algo_info2): Rename to
(gpgsm_get_key_algo_info): this.  Remove the old wrapper.  Adjust all
callers.
* sm/decrypt.c (gpgsm_decrypt): Pass the curve to the compliance
checker.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
* sm/verify.c (gpgsm_verify): Ditto.
--

GnuPG-bug-id: 6253
---
 sm/verify.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'sm/verify.c')

diff --git a/sm/verify.c b/sm/verify.c
index c7f4492ce..1f5c1d378 100644
--- a/sm/verify.c
+++ b/sm/verify.c
@@ -468,7 +468,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
 
       pkfpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
       pkalgostr = gpgsm_pubkey_algo_string (cert, NULL);
-      pkalgo = gpgsm_get_key_algo_info2 (cert, &nbits, &pkcurve);
+      pkalgo = gpgsm_get_key_algo_info (cert, &nbits, &pkcurve);
       /* Remap the ECC algo to the algo we use.  Note that EdDSA has
        * already been mapped.  */
       if (pkalgo == GCRY_PK_ECC)
@@ -504,7 +504,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
 
       /* Check compliance.  */
       if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_VERIFICATION,
-                                 pkalgo, pkalgoflags, NULL, nbits, NULL))
+                                 pkalgo, pkalgoflags, NULL, nbits, pkcurve))
         {
           char  kidstr[10+1];
 
-- 
cgit v1.2.3