gpg: Add option --assert-pubkey_algo.

* g10/keyid.c (parse_one_algo_string): New.
(compare_pubkey_string_part): New.
(compare_pubkey_string): New.
* g10/verify.c (check_assert_signer_list): New.
* g10/mainproc.c (check_sig_and_print): Call check_assert_pubkey_algo.
* g10/options.h (opt): Add field assert_pubkey_algos.
* g10/gpg.c (oAssertPubkeyAlgo): New.
(opts): Add "--assert-pubkey_algo".
(assert_pubkey_algo_false): New.
(main): Parse option.
(g10_exit): Reorder RC modifications.  Check assert_pubkey_algo_false.
* common/status.h (ASSERT_PUBKEY_ALGOS): new.
* common/t-support.h (LEAN_T_SUPPORT): Use a simplified version if
this macro is set.

* g10/gpgv.c (oAssertPubkeyAlgo): New.
(opts): Add "--assert-pubkey_algo".
(assert_pubkey_algo_false): New.
(main): Parse option.
(g10_exit): Check assert_pubkey_algo_false.

* g10/t-keyid.c: New.
* g10/Makefile.am: Add t-keyid.
* g10/test-stubs.c: Add assert_pubkey_algos and assert_signer_list and
remove from other tests.
(check_assert_signer_list): Ditto.
(check_assert_pubkey_algo): Ditto.
--

GnuPG-bug-id: 6946

3 files changed, 33 insertions, 1 deletions

diff --git a/doc/DETAILS b/doc/DETAILS
index fd95e511c..29e39708b 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -527,6 +527,12 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
     --assert-signer is used.  The fingerprint is printed with
     uppercase hex digits.
 
+*** ASSERT_PUBKEY_ALGO <fingerprint> <state> <algostr>
+    This is emitted when option --assert-pubkey-algo is used and the
+    signing algorithms is accepted according to that list if state is
+    1 or denied if state is 0.  The fingerprint is printed with
+    uppercase hex digits.
+
 *** SIG_ID  <radix64_string>  <sig_creation_date>  <sig-timestamp>
     This is emitted only for signatures of class 0 or 1 which have
     been verified okay.  The string is a signature id and may be used
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 2f5b613d8..26e0ebdcd 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1917,6 +1917,29 @@ is guaranteed to return with an exit code of 0 if and only if a
 signature has been encountered, is valid, and the key matches one of
 the fingerprints given by this option.
 
+@item --assert-pubkey-algo @var{algolist}
+@opindex assert-pubkey-algo
+During data signature verification this options checks whether the
+used public key algorithm matches the algorithms given by
+@var{algolist}.  This option can be given multiple times to
+concatenate more algorithms to the list; the delimiter of the list are
+either commas or spaces.
+
+The algorithm names given in the list may either be verbatim names
+like "ed25519" with an optional leading single equal sign, or being
+prefixed with ">", ">=", "<=", or "<".  That prefix operator is
+applied to the number part of the algorithm name; for example 2048 in
+"rsa2048" or 384 in "brainpoolP384r1".  If the the leading non-digits
+in the name matches, the prefix operator is used to compare the number
+part, a trailing suffix is ignored in this case.  For example an
+algorithm list ">rsa3000, >=brainpool384r1, =ed25519" allows RSA
+signatures with more that 3000 bits, Brainpool curves 384 and 512,
+and the ed25519 algorithm.
+
+With this option gpg (and also gpgv) is guaranteed to return with an
+exit code of 0 if and only if all valid signatures on data are made
+using a matching algorithm from the given list.
+
 
 @item --auto-key-locate @var{mechanisms}
 @itemx --no-auto-key-locate
diff --git a/doc/gpgv.texi b/doc/gpgv.texi
index 2dd9576b6..54ab23383 100644
--- a/doc/gpgv.texi
+++ b/doc/gpgv.texi
@@ -140,6 +140,10 @@ This option enables a mode in which filenames of the form
 @file{-&n}, where n is a non-negative decimal number,
 refer to the file descriptor n and not to a file with that name.
 
+@item --assert-pubkey-algo @var{algolist}
+@opindex assert-pubkey-algo
+This option works in the same way as described for @command{gpg}.
+
 @end table
 
 @mansect return value
@@ -190,4 +194,3 @@ The default keyring with the allowed keys.
 @mansect see also
 @command{gpg}(1)
 @include see-also-note.texi
-