security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpg: New option --disable-pqc-encryption.

Browse source 
* g10/options.h (flags): Add field disable_pqc_encryption.
* g10/gpg.c (oDisablePQCEncryption): New.
(opts): Add --option.
(main): Set option.
* g10/getkey.c (finish_lookup): Skip subkeys if option is set.
--

This option can be used to avoid the use of Kyber encryption subkeys
if this does not make sense (i.e. protection of local files).
This commit is contained in:
Werner Koch 2025-02-06 17:45:23 +01:00
parent da9fb6bd16
commit 00c31f8b04
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
5 changed files with 29 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
g10/getkey.c
View file

@ -3804,6 +3804,14 @@ finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact,
req_usage, pk->pubkey_usage);
continue;
}
if (opt.flags.disable_pqc_encryption
&& pk->pubkey_algo == PUBKEY_ALGO_KYBER)
{
if (DBG_LOOKUP)
log_debug ("\tsubkey skipped due to option %s\n",
"--disable-pqc-encryption");
continue;
}
n_subkeys++;
if (pk->flags.revoked)