From ce8b25270b2ac7ec1dc830e657d04edeff36be4b Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Fri, 5 Apr 2024 11:14:10 +0200
Subject: [PATCH] agent: Make "PKDECRYPT --kem" with optional value work.

* agent/command.c (cmd_pkdecrypt): Fix comparison.

* agent/agent.h (enum kemids): Rename type and strip trailing comma.

* agent/pkdecrypt.c (agent_hybrid_pgp_kem_decrypt): Allow building
with Libgcrypt < 1.11
--

Eventually we should change the libgcrypt requirement in configure.
---
 agent/agent.h     | 4 ++--
 agent/command.c   | 9 +++++----
 agent/pkdecrypt.c | 4 ++++
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/agent/agent.h b/agent/agent.h
index af040b63f..4a945102a 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -560,11 +560,11 @@ gpg_error_t agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
                              const unsigned char *ciphertext, size_t ciphertextlen,
                              membuf_t *outbuf, int *r_padding);
 
-enum kemid
+enum kemids
   {
     KEM_PQC_PGP,
     KEM_PGP,
-    KEM_CMS,
+    KEM_CMS
   };
 
 gpg_error_t agent_kem_decrypt (ctrl_t ctrl, const char *desc_text, int kemid,
diff --git a/agent/command.c b/agent/command.c
index fd050ee6b..2fd9a85d4 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -1075,13 +1075,14 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line)
   if (p)
     {
       kemid = KEM_PQC_PGP;
-      if (*p++ == '=')
+      if (*p == '=')
         {
-          if (strcmp (p, "PQC-PGP"))
+          p++;
+          if (!strcmp (p, "PQC-PGP"))
             kemid = KEM_PQC_PGP;
-          else if (strcmp (p, "PGP"))
+          else if (!strcmp (p, "PGP"))
             kemid = KEM_PGP;
-          else if (strcmp (p, "CMS"))
+          else if (!strcmp (p, "CMS"))
             kemid = KEM_CMS;
           else
             return set_error (GPG_ERR_ASS_PARAMETER, "invalid KEM algorithm");
diff --git a/agent/pkdecrypt.c b/agent/pkdecrypt.c
index 9d87e9fba..e93ac0a26 100644
--- a/agent/pkdecrypt.c
+++ b/agent/pkdecrypt.c
@@ -188,6 +188,7 @@ static gpg_error_t
 agent_hybrid_pgp_kem_decrypt (ctrl_t ctrl, const char *desc_text,
                               gcry_sexp_t s_cipher, membuf_t *outbuf)
 {
+#if GCRYPT_VERSION_NUMBER >= 0x010b00
   gcry_sexp_t s_skey0 = NULL;
   gcry_sexp_t s_skey1 = NULL;
   unsigned char *shadow_info = NULL;
@@ -408,6 +409,9 @@ agent_hybrid_pgp_kem_decrypt (ctrl_t ctrl, const char *desc_text,
   gcry_sexp_release (s_skey0);
   gcry_sexp_release (s_skey1);
   return err;
+#else
+  return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+#endif
 }
 
 /* DECRYPT the encrypted stuff (like encrypted session key) in