diff options
Diffstat (limited to 'g10/getkey.c')
| -rw-r--r-- | g10/getkey.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/g10/getkey.c b/g10/getkey.c index ce59628a0..f2d1e7d7b 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -3779,6 +3779,16 @@ finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact, continue; } + if (opt.flags.require_pqc_encryption + && (req_usage & PUBKEY_USAGE_ENC) + && pk->pubkey_algo != PUBKEY_ALGO_KYBER) + { + if (DBG_LOOKUP) + log_debug ("\tsubkey is not quantum-resistant\n"); + continue; + } + + if (want_secret) { int secret_key_avail = agent_probe_secret_key (NULL, pk); @@ -3857,6 +3867,13 @@ finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact, if (DBG_LOOKUP) log_debug ("\tprimary key has expired\n"); } + else if (opt.flags.require_pqc_encryption + && (req_usage & PUBKEY_USAGE_ENC) + && pk->pubkey_algo != PUBKEY_ALGO_KYBER) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key is not quantum-resistant\n"); + } else /* Okay. */ { if (DBG_LOOKUP) |