gpg: New option --require-compliance.

* g10/options.h (opt): Add field flags.require_compliance. * g10/gpg.c (oRequireCompliance): New. (opts): Add --require-compliance. (main): Set option. * g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant. (check_sig_and_print): Ditto. * g10/encrypt.c (encrypt_crypt): Ditto. -- Note that in the --encrypt and --verify cased other checks may kick in earlier than this new --require-compliance controlled one.
2025-07-02 22:46:30 +02:00 · 2022-03-08 10:13:44 +01:00 · 2022-03-08 10:13:44 +01:00 · 17890d4318
commit 17890d4318
parent c11292fe73
5 changed files with 67 additions and 6 deletions
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -430,6 +430,7 @@ enum cmd_and_opt_values
    oNoIncludeKeyBlock,
    oForceSignKey,
    oForbidGenKey,
+    oRequireCompliance,

    oNoop
  };
@ -890,6 +891,7 @@ static ARGPARSE_OPTS opts[] = {
  ARGPARSE_s_s (oXauthority, "xauthority", "@"),
  ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"),
  ARGPARSE_s_n (oForbidGenKey,  "forbid-gen-key", "@"),
+  ARGPARSE_s_n (oRequireCompliance, "require-compliance", "@"),
  /* Options which can be used in special circumstances. They are not
   * published and we hope they are never required.  */
  ARGPARSE_s_n (oUseOnlyOpenPGPCard, "use-only-openpgp-card", "@"),
@ -3596,6 +3598,10 @@ main (int argc, char **argv)
            mopt.forbid_gen_key = 1;
            break;

+          case oRequireCompliance:
+            opt.flags.require_compliance = 1;
+            break;
+
 	  case oNoop: break;

 	  default: