Include the library version in the compliance checks.

* common/compliance.c (gnupg_gcrypt_is_compliant): New.
(gnupg_rng_is_compliant): Also check library version.
* g10/mainproc.c (proc_encrypted): Use new function.
(check_sig_and_print): Ditto.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/verify.c (gpgsm_verify): Ditto
--

This will eventually allow us to declare Libgcrypt 1.9 to be de-vs
compliant.  GnuPG can use this information then for its own checks.
As of now GnuPG tests the version of the used library but that is a
bit cumbersome to maintain.

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 2 insertions, 0 deletions

diff --git a/g10/mainproc.c b/g10/mainproc.c
index 08986a070..ca6c24323 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -688,6 +688,7 @@ proc_encrypted (CTX c, PACKET *pkt)
       /* Overriding session key voids compliance.  */
       && !opt.override_session_key
       /* Check symmetric cipher.  */
+      && gnupg_gcrypt_is_compliant (CO_DE_VS)
       && gnupg_cipher_is_compliant (CO_DE_VS, c->dek->algo,
                                     GCRY_CIPHER_MODE_CFB))
     {
@@ -2537,6 +2538,7 @@ check_sig_and_print (CTX c, kbnode_t node)
 
       /* Compute compliance with CO_DE_VS.  */
       if (pk && is_status_enabled ()
+          && gnupg_gcrypt_is_compliant (CO_DE_VS)
           && gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, 0, pk->pkey,
                                     nbits_from_pk (pk), NULL)
           && gnupg_digest_is_compliant (CO_DE_VS, sig->digest_algo))