gpg,gpgsm: Remove compatibility_flags allow-ecc-encr and vsd-allow-encr.

* g10/options.h (COMPAT_VSD_ALLOW_OCB): Remove.
* g10/gpg.c (compatibility_flags): Remove "vsd-allow_ocb".
(main): Alwas set CO_EXTRA_INFO_VSD_ALLOW_OCB.
* g10/keygen.c (keygen_set_std_prefs): Always set OCB feature flag.
* g10/encrypt.c (use_aead): Always OCB also in de-vs mode.
* sm/gpgsm.h (COMPAT_ALLOW_ECC_ENCR): Remove.
* sm/gpgsm.c (compatibility_flags): Remove "allow-ecc-encr".
* sm/encrypt.c (encrypt_dek): Always allow ecc encryption.
* sm/certreqgen.c (proc_parameters): Likewise.
--

Both feature are meanwhile approved in de-vs mode thus there is no
more need for the flags.

g10/encrypt.c

@@ -262,10 +262,6 @@ use_aead (pk_list_t pk_list, int algo)
 {
   int can_use;
 
-  if (!(opt.compat_flags & COMPAT_VSD_ALLOW_OCB)
-      && opt.compliance == CO_DE_VS)
-    return 0;  /* Not yet allowed.  */
-
   can_use = openpgp_cipher_get_algo_blklen (algo) == 16;
 
   /* With --force-aead we want AEAD.  */

g10/gpg.c

@@ -1001,7 +1001,6 @@ static struct debug_flags_s debug_flags [] =
 /* The list of compatibility flags.  */
 static struct compatibility_flags_s compatibility_flags [] =
   {
-    { COMPAT_VSD_ALLOW_OCB, "vsd-allow-ocb" },
     { 0, NULL }
   };
 
@@ -3825,8 +3824,7 @@ main (int argc, char **argv)
       parse_compatibility_flags (NULL, &opt.compat_flags, compatibility_flags);
 
     gnupg_set_compliance_extra_info (CO_EXTRA_INFO_MIN_RSA, opt.min_rsa_length);
-    if ((opt.compat_flags & COMPAT_VSD_ALLOW_OCB))
+    gnupg_set_compliance_extra_info (CO_EXTRA_INFO_VSD_ALLOW_OCB, 1);
-      gnupg_set_compliance_extra_info (CO_EXTRA_INFO_VSD_ALLOW_OCB, 1);
 
     if (DBG_CLOCK)
       log_clock ("start");

g10/keygen.c

@@ -523,10 +523,6 @@ keygen_set_std_prefs (const char *string,int personal)
 	xfree (prefstringbuf);
       }
 
-    /* For now we require a compat flag to set OCB into the preferences.  */
-    if (!(opt.compat_flags & COMPAT_VSD_ALLOW_OCB))
-      ocb = 0;
-
     if(!rc)
       {
 	if(personal)

g10/options.h

@@ -354,7 +354,6 @@ EXTERN_UNLESS_MAIN_MODULE int memory_debug_mode;
 EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
 
 /* Compatibility flags */
-#define COMPAT_VSD_ALLOW_OCB  1
 
 
 /* Compliance test macors.  */

sm/certreqgen.c

@@ -732,8 +732,7 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
                     "(6:genkey(3:rsa(5:nbits%d:%s)))",
                     (int)strlen (numbuf), numbuf);
         }
-      else if ((opt.compat_flags & COMPAT_ALLOW_ECC_ENCR)
+      else if (algo == GCRY_PK_ECC || algo == GCRY_PK_EDDSA)
-               && (algo == GCRY_PK_ECC || algo == GCRY_PK_EDDSA))
         {
           const char *curve = get_parameter_value (para, pKEYCURVE, 0);
           const char *flags;

sm/encrypt.c

@@ -483,10 +483,7 @@ encrypt_dek (const DEK dek, ksba_cert_t cert, int pk_algo,
   s_data = NULL; /* (avoid compiler warning) */
   if (pk_algo == GCRY_PK_ECC)
     {
-      if (!(opt.compat_flags & COMPAT_ALLOW_ECC_ENCR))
+      rc = ecdh_encrypt (dek, s_pkey, &s_ciph);
-        rc = gpg_error (GPG_ERR_NOT_SUPPORTED);
-      else
-        rc = ecdh_encrypt (dek, s_pkey, &s_ciph);
     }
   else
     {

sm/gpgsm.c

@@ -469,7 +469,6 @@ static struct debug_flags_s debug_flags [] =
 static struct compatibility_flags_s compatibility_flags [] =
   {
     { COMPAT_ALLOW_KA_TO_ENCR, "allow-ka-to-encr" },
-    { COMPAT_ALLOW_ECC_ENCR,   "allow-ecc-encr" },
     { 0, NULL }
   };
 

sm/gpgsm.h

@@ -183,7 +183,6 @@ struct
  *  policies: 1.3.6.1.4.1.7924.1.1:N:
  */
 #define COMPAT_ALLOW_KA_TO_ENCR   1
-#define COMPAT_ALLOW_ECC_ENCR     2
 
 
 /* Forward declaration for an object defined in server.c */