Include the library version in the compliance checks.

* common/compliance.c (gnupg_gcrypt_is_compliant): New.
(gnupg_rng_is_compliant): Also check library version.
* g10/mainproc.c (proc_encrypted): Use new function.
(check_sig_and_print): Ditto.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/verify.c (gpgsm_verify): Ditto
--

This will eventually allow us to declare Libgcrypt 1.9 to be de-vs
compliant.  GnuPG can use this information then for its own checks.
As of now GnuPG tests the version of the used library but that is a
bit cumbersome to maintain.

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 1 insertions, 0 deletions

diff --git a/sm/verify.c b/sm/verify.c
index 1575a1eb2..fe111c32a 100644
--- a/sm/verify.c
+++ b/sm/verify.c
@@ -516,6 +516,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
       /* Check compliance with CO_DE_VS.  */
       if (gnupg_pk_is_compliant (CO_DE_VS, pkalgo, pkalgoflags,
                                  NULL, nbits, NULL)
+          && gnupg_gcrypt_is_compliant (CO_DE_VS)
           && gnupg_digest_is_compliant (CO_DE_VS, sigval_hash_algo))
         gpgsm_status (ctrl, STATUS_VERIFICATION_COMPLIANCE_MODE,
                       gnupg_status_compliance_flag (CO_DE_VS));