diff options
| author | Werner Koch <[email protected]> | 2022-03-08 18:06:30 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2022-03-08 18:28:16 +0000 |
| commit | f8075257afad4c7a41cd4409e334670a0097b5b8 (patch) | |
| tree | e6de29104400b4a08d95746570ffcb0e69a8d520 /doc/gpgsm.texi | |
| parent | gpg: New option --require-compliance. (diff) | |
| download | gnupg-f8075257afad4c7a41cd4409e334670a0097b5b8.tar.gz gnupg-f8075257afad4c7a41cd4409e334670a0097b5b8.zip | |
gpgsm: New option --require-compliance
* sm/gpgsm.c (oRequireCompliance): New.
(opts): Add --require-compliance.
(main): Set option.
* sm/gpgsm.h (opt): Add field require_compliance.
(gpgsm_errors_seen): Declare.
* sm/verify.c (gpgsm_verify): Emit error if non de-vs compliant.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
--
Diffstat (limited to 'doc/gpgsm.texi')
| -rw-r--r-- | doc/gpgsm.texi | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index 8c139c7d4..57d807d81 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -699,6 +699,17 @@ This option adjusts the compliance mode "de-vs" for stricter key size requirements. For example, a value of 3000 turns rsa2048 and dsa2048 keys into non-VS-NfD compliant keys. +@item --require-compliance +@opindex require-compliance +To check that data has been encrypted according to the rules of the +current compliance mode, a gpgsm user needs to evaluate the status +lines. This is allows frontends to handle compliance check in a more +flexible way. However, for scripted use the required evaluation of +the status-line requires quite some effort; this option can be used +instead to make sure that the gpgsm process exits with a failure if +the compliance rules are not fulfilled. Note that this option has +currently an effect only in "de-vs" mode. + @item --ignore-cert-with-oid @var{oid} @opindex ignore-cert-with-oid Add @var{oid} to the list of OIDs to be checked while reading |