gpg: New option --require-compliance.

* g10/options.h (opt): Add field flags.require_compliance. * g10/gpg.c (oRequireCompliance): New. (opts): Add --require-compliance. (main): Set option. * g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant. (check_sig_and_print): Ditto. * g10/encrypt.c (encrypt_crypt): Ditto. -- Note that in the --encrypt and --verify cased other checks may kick in earlier than this new --require-compliance controlled one.
2025-07-03 22:56:33 +02:00 · 2022-03-08 10:13:44 +01:00 · 2022-03-08 10:13:44 +01:00 · ee013c5350
commit ee013c5350
parent 49c6e58394
5 changed files with 66 additions and 6 deletions
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -442,6 +442,7 @@ enum cmd_and_opt_values
    oChUid,
    oForceSignKey,
    oForbidGenKey,
+    oRequireCompliance,

    oNoop
  };
@ -911,6 +912,7 @@ static gpgrt_opt_t opts[] = {
  ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"),
  ARGPARSE_s_n (oUseKeyboxd,    "use-keyboxd", "@"),
  ARGPARSE_s_n (oForbidGenKey,  "forbid-gen-key", "@"),
+  ARGPARSE_s_n (oRequireCompliance, "require-compliance", "@"),
  /* Options which can be used in special circumstances. They are not
   * published and we hope they are never required.  */
  ARGPARSE_s_n (oUseOnlyOpenPGPCard, "use-only-openpgp-card", "@"),
@ -3731,6 +3733,10 @@ main (int argc, char **argv)
            mopt.forbid_gen_key = 1;
            break;

+          case oRequireCompliance:
+            opt.flags.require_compliance = 1;
+            break;
+
 	  case oNoop: break;

 	  default: