mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
4e117f206b
* g10/pubkey-enc.c (get_session_key): Bail out if the algo is not allowed in the current compliance mode. * sm/decrypt.c (gpgsm_decrypt): Ditto. -- The idea here is that the owner of the key created a non-compliant key and later receives a mail encrypted to that key. The sender should have checked this key too but we can't guarantee that. By hard failing here the owner of the key will notice that he had created a non-compliant key and thus has a chance to generate a new compliant key. In case the compliant criteria changes and the owner wants to decrypt an old message he can still switch gpg to another compliant mode. Fixes-commit: a0d0cbee7654ad7582400efaa92d493cd8e669e9 GnuPG-bug-id: 3308 Signed-off-by: Werner Koch <wk@gnupg.org>