gpg: Avoid to emit a compliance mode line if libgcrypt is non-compliant.

* g10/encrypt.c (check_encryption_compliance): Check gcrypt compliance before emitting an ENCRYPTION_COMPLIANCE_MODE status. -- GnuPG-bug-id: 6221 Ported-from: 07c6743148d4abd30fb8bf08b07eb9755fdfff2d
author: Werner Koch <wk@gnupg.org> 2022-09-29 15:16:35 +0200
committer: Werner Koch <wk@gnupg.org> 2022-09-29 15:16:35 +0200
commit: 2e22184ba5ac85b1da0209c1a4c72e2459b5c6eb (patch)
tree: 4a3ba6934bca94e537e11af7eeabf51e14baef43 /g10/encrypt.c
parent: gpg: Fix assertion failure due to errors in encrypt_filter. (diff)
download: gnupg2-2e22184ba5ac85b1da0209c1a4c72e2459b5c6eb.tar.xz
gnupg2-2e22184ba5ac85b1da0209c1a4c72e2459b5c6eb.zip
1 files changed, 7 insertions, 2 deletions
diff --git a/g10/encrypt.c b/g10/encrypt.c
index 7218de216..dadb726b3 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -162,8 +162,13 @@ check_encryption_compliance (DEK *dek, pk_list_t pk_list)
       goto leave;
     }
 
-  compliant = gnupg_cipher_is_compliant (CO_DE_VS, dek->algo,
-                                         GCRY_CIPHER_MODE_CFB);
+  /* From here on we only test for CO_DE_VS - if we ever want to
+   * return other compliance mode values we need to change this to
+   * loop over all those values.  */
+  compliant = gnupg_gcrypt_is_compliant (CO_DE_VS);
+
+  if (!gnupg_cipher_is_compliant (CO_DE_VS, dek->algo, GCRY_CIPHER_MODE_CFB))
+    compliant = 0;
 
   for (pkr = pk_list; pkr; pkr = pkr->next)
     {
author	Werner Koch <wk@gnupg.org>	2022-09-29 15:16:35 +0200
committer	Werner Koch <wk@gnupg.org>	2022-09-29 15:16:35 +0200
commit	2e22184ba5ac85b1da0209c1a4c72e2459b5c6eb (patch)
tree	4a3ba6934bca94e537e11af7eeabf51e14baef43 /g10/encrypt.c
parent	gpg: Fix assertion failure due to errors in encrypt_filter. (diff)
download	gnupg2-2e22184ba5ac85b1da0209c1a4c72e2459b5c6eb.tar.xz gnupg2-2e22184ba5ac85b1da0209c1a4c72e2459b5c6eb.zip