gpg,sm: Allow encryption (with warning) to any key in de-vs mode.

* g10/encrypt.c (encrypt_crypt): Do not abort for a non-compliant key. * sm/encrypt.c (gpgsm_encrypt): Ditto. -- GnuPG-bug-id: 3306 Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-02 22:46:30 +02:00 · 2017-07-27 14:54:50 +02:00 · 2017-07-27 14:54:50 +02:00 · 1bd22a85b4
commit 1bd22a85b4
parent a0d0cbee76
2 changed files with 15 additions and 18 deletions
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@ -657,16 +657,12 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
        PKT_public_key *pk = pkr->pk;
        unsigned int nbits = nbits_from_pk (pk);

-        if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_ENCRYPTION,
-                                   pk->pubkey_algo, pk->pkey, nbits, NULL))
-          {
-            log_error (_("key %s not suitable for encryption"
-                         " while in %s mode\n"),
-                       keystr_from_pk (pk),
-                       gnupg_compliance_option_string (opt.compliance));
-            rc = gpg_error (GPG_ERR_PUBKEY_ALGO);
-            goto leave;
-          }
+        if (!gnupg_pk_is_compliant (opt.compliance,
+                                    pk->pubkey_algo, pk->pkey, nbits, NULL))
+          log_info (_("WARNING: key %s is not suitable for encryption"
+                      " in %s mode\n"),
+                    keystr_from_pk (pk),
+                    gnupg_compliance_option_string (opt.compliance));

        if (compliant
            && !gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, pk->pkey,