sm: Fix compliance checking for ECC signature verification.

* common/compliance.c (gnupg_pk_is_compliant): Also consider the gcrypt vids for ECDSA et al. (gnupg_pk_is_allowed): Ditto. * sm/verify.c (gpgsm_verify): Consider the curve. Print a compliance notice for a non-compliant key. * sm/certchain.c (gpgsm_validate_chain): Silence the "switching to chain model".
2025-07-03 22:56:33 +02:00 · 2023-01-12 20:52:27 +01:00 · 2023-01-12 20:52:27 +01:00 · 338a5ecaa1
commit 338a5ecaa1
parent b58cf129f4
4 changed files with 31 additions and 7 deletions
--- a/common/compliance.c
+++ b/common/compliance.c
@ -83,7 +83,9 @@ gnupg_initialize_compliance (int gnupg_module_name)
  log_assert (! initialized);

  /* We accept both OpenPGP-style and gcrypt-style algorithm ids.
-   * Assert that they are compatible.  */
+   * Assert that they are compatible. At some places gcrypt ids are
+   * used which can't be encoded in an OpenPGP algo octet; we also
+   * assert this.  */
  log_assert ((int) GCRY_PK_RSA          == (int) PUBKEY_ALGO_RSA);
  log_assert ((int) GCRY_PK_RSA_E        == (int) PUBKEY_ALGO_RSA_E);
  log_assert ((int) GCRY_PK_RSA_S        == (int) PUBKEY_ALGO_RSA_S);
@ -91,6 +93,9 @@ gnupg_initialize_compliance (int gnupg_module_name)
  log_assert ((int) GCRY_PK_DSA          == (int) PUBKEY_ALGO_DSA);
  log_assert ((int) GCRY_PK_ECC          == (int) PUBKEY_ALGO_ECDH);
  log_assert ((int) GCRY_PK_ELG          == (int) PUBKEY_ALGO_ELGAMAL);
+  log_assert ((int) GCRY_PK_ECDSA        > 255);
+  log_assert ((int) GCRY_PK_ECDH         > 255);
+  log_assert ((int) GCRY_PK_EDDSA        > 255);
  log_assert ((int) GCRY_CIPHER_NONE     == (int) CIPHER_ALGO_NONE);
  log_assert ((int) GCRY_CIPHER_IDEA     == (int) CIPHER_ALGO_IDEA);
  log_assert ((int) GCRY_CIPHER_3DES     == (int) CIPHER_ALGO_3DES);
@ -159,6 +164,9 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,
    case PUBKEY_ALGO_ECDH:
    case PUBKEY_ALGO_ECDSA:
    case PUBKEY_ALGO_EDDSA:
+    case GCRY_PK_ECDSA:
+    case GCRY_PK_ECDH:
+    case GCRY_PK_EDDSA:
      algotype = is_ecc;
      break;

@ -211,7 +219,9 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,

          result = (curvename
                    && (algo == PUBKEY_ALGO_ECDH
-                        || algo == PUBKEY_ALGO_ECDSA)
+                        || algo == PUBKEY_ALGO_ECDSA
+                        || algo == GCRY_PK_ECDH
+                        || algo == GCRY_PK_ECDSA)
                    && (!strcmp (curvename, "brainpoolP256r1")
                        || !strcmp (curvename, "brainpoolP384r1")
                        || !strcmp (curvename, "brainpoolP512r1")));
@ -292,6 +302,7 @@ gnupg_pk_is_allowed (enum gnupg_compliance_mode compliance,
          break;

 	case PUBKEY_ALGO_ECDH:
+	case GCRY_PK_ECDH:
 	  if (use == PK_USE_DECRYPTION)
            result = 1;
          else if (use == PK_USE_ENCRYPTION)
@ -316,6 +327,7 @@ gnupg_pk_is_allowed (enum gnupg_compliance_mode compliance,
          break;

 	case PUBKEY_ALGO_ECDSA:
+	case GCRY_PK_ECDSA:
          if (use == PK_USE_VERIFICATION)
            result = 1;
          else
--- a/common/compliance.h
+++ b/common/compliance.h
@ -45,7 +45,7 @@ enum gnupg_compliance_mode
 enum pk_use_case
  {
    PK_USE_ENCRYPTION, PK_USE_DECRYPTION,
-    PK_USE_SIGNING, PK_USE_VERIFICATION,
+    PK_USE_SIGNING, PK_USE_VERIFICATION
  };

 /* Flags to distinguish public key algorithm variants.  */