security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

gpgsm: Make rsaPSS a compliant scheme in de-vs mode. 

--

GnuPG-bug-id: 4538
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 5fe3cdfc76
This commit is contained in:
Werner Koch 2020-07-14 12:25:50 +02:00
parent d9ea47f702
commit c5ab1dcd54
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 4 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
common/compliance.c
View File

@ -149,10 +149,9 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,
result = (keylength == 2048
|| keylength == 3072
|| keylength == 4096);
/* rsaPSS was not part of the evaluation and thus we don't
* claim compliance. */
if ((algo_flags & PK_ALGO_FLAG_RSAPSS))
result = 0;
/* Although rsaPSS was not part of the original evaluation
* we got word that we can claim compliance. */
(void)algo_flags;
break;
case is_dsa:
@ -234,10 +233,7 @@ gnupg_pk_is_allowed (enum gnupg_compliance_mode compliance,
default:
log_assert (!"reached");
}
/* rsaPSS was not part of the evaluation and thus we don't
* claim compliance. */
if ((algo_flags & PK_ALGO_FLAG_RSAPSS))
result = 0;
(void)algo_flags;
break;
case PUBKEY_ALGO_DSA: