diff options
| -rw-r--r-- | sm/encrypt.c | 5 | ||||
| -rw-r--r-- | sm/gpgsm.c | 1 | ||||
| -rw-r--r-- | sm/gpgsm.h | 1 |
3 files changed, 6 insertions, 1 deletions
diff --git a/sm/encrypt.c b/sm/encrypt.c index 6210f310a..fb36977af 100644 --- a/sm/encrypt.c +++ b/sm/encrypt.c @@ -483,7 +483,10 @@ encrypt_dek (const DEK dek, ksba_cert_t cert, int pk_algo, s_data = NULL; /* (avoid compiler warning) */ if (pk_algo == GCRY_PK_ECC) { - rc = ecdh_encrypt (dek, s_pkey, &s_ciph); + if (!(opt.compat_flags & COMPAT_ALLOW_ECC_ENCR)) + rc = gpg_error (GPG_ERR_NOT_SUPPORTED); + else + rc = ecdh_encrypt (dek, s_pkey, &s_ciph); } else { diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 27168904c..70952391a 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -463,6 +463,7 @@ static struct debug_flags_s debug_flags [] = static struct compatibility_flags_s compatibility_flags [] = { { COMPAT_ALLOW_KA_TO_ENCR, "allow-ka-to-encr" }, + { COMPAT_ALLOW_ECC_ENCR, "allow-ecc-encr" }, { 0, NULL } }; diff --git a/sm/gpgsm.h b/sm/gpgsm.h index b74b41419..d7bc13565 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -181,6 +181,7 @@ struct * policies: 1.3.6.1.4.1.7924.1.1:N: */ #define COMPAT_ALLOW_KA_TO_ENCR 1 +#define COMPAT_ALLOW_ECC_ENCR 2 /* Forward declaration for an object defined in server.c */ |