mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpgsm: New compatibility flag "allow-ecc-encr".
* sm/gpgsm.h (COMPAT_ALLOW_ECC_ENCR): New. * sm/gpgsm.c (compatibility_flags): Add new flag. * sm/encrypt.c (encrypt_dek): Allw ECC only if flag is set. -- ECC encryption was not part of the original VS evaluation. Until this has been re-evaluated we hide this feature behind this flag. GnuPG-bug-id: 6253
This commit is contained in:
parent
28467f3735
commit
fd0ddf2699
@ -483,7 +483,10 @@ encrypt_dek (const DEK dek, ksba_cert_t cert, int pk_algo,
|
||||
s_data = NULL; /* (avoid compiler warning) */
|
||||
if (pk_algo == GCRY_PK_ECC)
|
||||
{
|
||||
rc = ecdh_encrypt (dek, s_pkey, &s_ciph);
|
||||
if (!(opt.compat_flags & COMPAT_ALLOW_ECC_ENCR))
|
||||
rc = gpg_error (GPG_ERR_NOT_SUPPORTED);
|
||||
else
|
||||
rc = ecdh_encrypt (dek, s_pkey, &s_ciph);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -463,6 +463,7 @@ static struct debug_flags_s debug_flags [] =
|
||||
static struct compatibility_flags_s compatibility_flags [] =
|
||||
{
|
||||
{ COMPAT_ALLOW_KA_TO_ENCR, "allow-ka-to-encr" },
|
||||
{ COMPAT_ALLOW_ECC_ENCR, "allow-ecc-encr" },
|
||||
{ 0, NULL }
|
||||
};
|
||||
|
||||
|
@ -181,6 +181,7 @@ struct
|
||||
* policies: 1.3.6.1.4.1.7924.1.1:N:
|
||||
*/
|
||||
#define COMPAT_ALLOW_KA_TO_ENCR 1
|
||||
#define COMPAT_ALLOW_ECC_ENCR 2
|
||||
|
||||
|
||||
/* Forward declaration for an object defined in server.c */
|
||||
|
Loading…
x
Reference in New Issue
Block a user