From 80828512b6ec8ad610bf3d1d40ae09d0c2ad8c58 Mon Sep 17 00:00:00 2001
From: Damien Goutte-Gattat via Gnupg-devel <gnupg-devel@gnupg.org>
Date: Fri, 3 Jan 2025 20:59:57 +0000
Subject: gpg: Allow smaller session keys with Kyber

* g10/pubkey-enc.c (get_it): Do not error out when decrypting a session
key of less than 32 octets encrypted to a Kyber key.
--

GnuPG-bug-id: 7472
Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
---
 g10/pubkey-enc.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index 4d2d6d46b..3cbd5624a 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -307,13 +307,9 @@ get_it (ctrl_t ctrl,
 
   if (sk->pubkey_algo == PUBKEY_ALGO_KYBER)
     {
-      /* We expect a 32 byte session key.  We should not see this
-       * error here because due to the KEM mode the agent_pkdecrypt
-       * should have already failed.  */
-      if (nframe != 32)
+      if (nframe != 32 && opt.flags.require_pqc_encryption)
         {
-          err = gpg_error (GPG_ERR_WRONG_SECKEY);
-          goto leave;
+          log_info (_("WARNING: session key is not quantum-resistant\n"));
         }
       dek->keylen = nframe;
       dek->algo = enc->d.seskey_algo;
-- 
cgit v1.2.3