gpg,gpgsm: Add option --min-rsa-length.

* common/compliance.c (min_compliant_rsa_length): New. (gnupg_pk_is_compliant): Take in account. (gnupg_pk_is_allowed): Ditto. (gnupg_set_compliance_extra_info): New. * g10/gpg.c (oMinRSALength): New. (opts): Add --min-rsa-length. (main): Set value. * g10/options.h (opt): Add field min_rsa_length. * sm/gpgsm.c (oMinRSALength): New. (opts): Add --min-rsa-length. (main): Set value. * sm/gpgsm.h (opt): Add field min_rsa_length.
2025-07-03 22:56:33 +02:00 · 2021-11-18 20:44:14 +01:00 · 2021-11-18 20:44:14 +01:00 · 5f39db70c0
commit 5f39db70c0
parent 749bb80cb7
8 changed files with 57 additions and 10 deletions
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@ -160,6 +160,7 @@ enum cmd_and_opt_values {
  oDisablePolicyChecks,
  oEnablePolicyChecks,
  oAutoIssuerKeyRetrieve,
+  oMinRSALength,

  oWithFingerprint,
  oWithMD5Fingerprint,
@ -404,7 +405,7 @@ static gpgrt_opt_t opts[] = {
  ARGPARSE_s_s (oDisablePubkeyAlgo,  "disable-pubkey-algo", "@"),
  ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"),
  ARGPARSE_s_n (oNoRandomSeedFile,  "no-random-seed-file", "@"),
-
+  ARGPARSE_p_u (oMinRSALength, "min-rsa-length", "@"),

  ARGPARSE_header (NULL, N_("Options for unattended use")),

@ -1446,6 +1447,8 @@ main ( int argc, char **argv)
          }
          break;

+        case oMinRSALength: opt.min_rsa_length = pargs.r.ret_ulong; break;
+
        default:
          if (configname)
            pargs.err = ARGPARSE_PRINT_WARNING;
@ -1568,6 +1571,7 @@ main ( int argc, char **argv)
  gcry_control (GCRYCTL_RESUME_SECMEM_WARN);

  set_debug ();
+  gnupg_set_compliance_extra_info (opt.min_rsa_length);

  /* Although we always use gpgsm_exit, we better install a regular
     exit handler so that at least the secure memory gets wiped