gpg,common: Move the compliance framework.

* common/Makefile.am (common_sources): Add new files. * common/compliance.c: New file. Move 'gnupg_pk_is_compliant' here, and tweak it to not rely on types private to gpg. * common/compliance.h: New file. Move the compliance enum here. * g10/keylist.c (print_compliance_flags): Adapt callsite. * g10/main.h (gnupg_pk_is_compliant): Remove prototype. * g10/misc.c (gnupg_pk_is_compliant): Remove function. * g10/options.h (opt): Use the new compliance enum. * sm/keylist.c (print_compliance_flags): Use the common functions. Signed-off-by: Justus Winter <justus@g10code.com>
2025-07-02 22:46:30 +02:00 · 2017-05-31 14:33:45 +02:00 · 2017-05-31 14:33:45 +02:00 · 8a012280e0
commit 8a012280e0
parent 02af509dfc
8 changed files with 207 additions and 102 deletions
--- a/g10/misc.c
+++ b/g10/misc.c
@ -707,94 +707,6 @@ openpgp_pk_algo_name (pubkey_algo_t algo)
 }


-/* Return true if PK is compliant to the give COMPLIANCE mode.  If
- * KEYLENGTH and CURVENAME are not 0/NULL the are assumed to be the
- * already computed values from PK.  */
-int
-gnupg_pk_is_compliant (int compliance, PKT_public_key *pk,
-                       unsigned int keylength, const char *curvename)
-{
-  enum { is_rsa, is_pgp5, is_elg_sign, is_ecc } algotype;
-  int result;
-
-  switch (pk->pubkey_algo)
-    {
-    case PUBKEY_ALGO_RSA:
-    case PUBKEY_ALGO_RSA_E:
-    case PUBKEY_ALGO_RSA_S:
-      algotype = is_rsa;
-      break;
-
-    case PUBKEY_ALGO_ELGAMAL_E:
-    case PUBKEY_ALGO_DSA:
-      algotype = is_pgp5;
-      break;
-
-    case PUBKEY_ALGO_ECDH:
-    case PUBKEY_ALGO_ECDSA:
-    case PUBKEY_ALGO_EDDSA:
-      algotype = is_ecc;
-      break;
-
-    case PUBKEY_ALGO_ELGAMAL:
-      algotype = is_elg_sign;
-      break;
-
-    default: /* Unknown.  */
-      return 0;
-    }
-
-  if (compliance == CO_DE_VS)
-    {
-      char *curve = NULL;
-
-      switch (algotype)
-        {
-        case is_pgp5:
-          result = 0;
-          break;
-
-        case is_rsa:
-          if (!keylength)
-            keylength = nbits_from_pk (pk);
-          result = (keylength >= 2048);
-          break;
-
-        case is_ecc:
-          if (!curvename)
-            {
-              curve = openpgp_oid_to_str (pk->pkey[0]);
-              curvename = openpgp_oid_to_curve (curve, 0);
-              if (!curvename)
-                curvename = curve;
-            }
-
-          result = (curvename
-                    && pk->pubkey_algo != PUBKEY_ALGO_EDDSA
-                    && (!strcmp (curvename, "brainpoolP256r1")
-                        || !strcmp (curvename, "brainpoolP384r1")
-                        || !strcmp (curvename, "brainpoolP512r1")));
-          break;
-
-        default:
-          result = 0;
-        }
-      xfree (curve);
-    }
-  else if (algotype == is_elg_sign)
-    {
-      /* An Elgamal signing key is only RFC-2440 compliant.  */
-      result = (compliance == CO_RFC2440);
-    }
-  else
-    {
-      result = 1; /* Assume compliance.  */
-    }
-
-  return result;
-}
-
-
 /* Explicit mapping of OpenPGP digest algos to Libgcrypt.  */
 /* FIXME: We do not yes use it everywhere.  */
 enum gcry_md_algos