common: Improve checking for compliance with CO_DE_VS.

* common/compliance.c (gnupg_pk_is_compliant): Only certain RSA key sizes are compliant. Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 11:56:42 +02:00 · 2017-06-01 11:56:42 +02:00 · 3b70f62423
parent 8a012280e0
commit 3b70f62423
1 changed files with 3 additions and 1 deletions
--- a/common/compliance.c
+++ b/common/compliance.c
@ -86,7 +86,9 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,
          break;

        case is_rsa:
-          result = (keylength >= 2048);
+          result = (keylength == 2048
+                    || keylength == 3072
+                    || keylength == 4096);
          break;

        case is_ecc: