gpg: Report compliance with CO_DE_VS.

* common/compliance.c (gnupg_pk_is_compliant): Add DSA with certain
parameters.
(gnupg_cipher_is_compliant): New function.
(gnupg_digest_is_compliant): Likewise.
* common/compliance.h (gnupg_cipher_is_compliant): New prototype.
(gnupg_digest_is_compliant): Likewise.
* common/status.h (STATUS_DECRYPTION_COMPLIANCE_MODE): New status.
(STATUS_VERIFICATION_COMPLIANCE_MODE): Likewise.
* doc/DETAILS: Document the new status lines.
* g10/mainproc.c (proc_encrypted): Compute compliance with CO_DE_VS
and report that using the new status line.
(check_sig_and_print): Likewise.
* sm/decrypt.c (gpgsm_decrypt): Likewise.
* sm/verify.c (gpgsm_verify): Likewise.
--

When decrypting data and verifying signatures, report whether the
operations are in compliance with the criteria for data classified as
VS-NfD.  This information will be picked up by the frontend and
presented to the user.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <[email protected]>

1 files changed, 4 insertions, 0 deletions

diff --git a/common/compliance.h b/common/compliance.h
index 123bd1b50..4f78ad42f 100644
--- a/common/compliance.h
+++ b/common/compliance.h
@@ -42,6 +42,10 @@ enum gnupg_compliance_mode
 int gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,
                            gcry_mpi_t key[], unsigned int keylength,
                            const char *curvename);
+int gnupg_cipher_is_compliant (enum gnupg_compliance_mode compliance,
+                               cipher_algo_t cipher);
+int gnupg_digest_is_compliant (enum gnupg_compliance_mode compliance,
+                               digest_algo_t digest);
 const char *gnupg_status_compliance_flag (enum gnupg_compliance_mode compliance);
 
 #endif /*GNUPG_COMMON_COMPLIANCE_H*/