6 files changed, 12 insertions, 11 deletions

diff --git a/g10/encrypt.c b/g10/encrypt.c
index 972d13c7c..39626f1e2 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -785,15 +785,15 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
         PKT_public_key *pk = pkr->pk;
         unsigned int nbits = nbits_from_pk (pk);
 
-        if (!gnupg_pk_is_compliant (opt.compliance,
-                                    pk->pubkey_algo, pk->pkey, nbits, NULL))
+        if (!gnupg_pk_is_compliant (opt.compliance, pk->pubkey_algo, 0,
+                                    pk->pkey, nbits, NULL))
           log_info (_("WARNING: key %s is not suitable for encryption"
                       " in %s mode\n"),
                     keystr_from_pk (pk),
                     gnupg_compliance_option_string (opt.compliance));
 
         if (compliant
-            && !gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, pk->pkey,
+            && !gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, 0, pk->pkey,
                                        nbits, NULL))
           compliant = 0;
       }
diff --git a/g10/keylist.c b/g10/keylist.c
index cfa90b612..9f8267e9a 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -1390,7 +1390,7 @@ print_compliance_flags (PKT_public_key *pk,
       es_fputs (gnupg_status_compliance_flag (CO_GNUPG), es_stdout);
       any++;
     }
-  if (gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, pk->pkey,
+  if (gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, 0, pk->pkey,
 			     keylength, curvename))
     {
       es_fprintf (es_stdout, any ? " %s" : "%s",
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 1d48d574c..e675e853a 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -702,8 +702,8 @@ proc_encrypted (CTX c, PACKET *pkt)
           memset (pk, 0, sizeof *pk);
           pk->pubkey_algo = i->pubkey_algo;
           if (get_pubkey (c->ctrl, pk, i->keyid) != 0
-              || ! gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, pk->pkey,
-                                          nbits_from_pk (pk), NULL))
+              || ! gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, 0,
+                                          pk->pkey, nbits_from_pk (pk), NULL))
             compliant = 0;
           release_public_key_parts (pk);
         }
@@ -2449,7 +2449,7 @@ check_sig_and_print (CTX c, kbnode_t node)
 
       /* Print compliance warning for Good signatures.  */
       if (!rc && pk && !opt.quiet
-          && !gnupg_pk_is_compliant (opt.compliance, pk->pubkey_algo,
+          && !gnupg_pk_is_compliant (opt.compliance, pk->pubkey_algo, 0,
                                      pk->pkey, nbits_from_pk (pk), NULL))
         {
           log_info (_("WARNING: This key is not suitable for signing"
@@ -2534,7 +2534,7 @@ check_sig_and_print (CTX c, kbnode_t node)
 
       /* Compute compliance with CO_DE_VS.  */
       if (pk && is_status_enabled ()
-          && gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, pk->pkey,
+          && gnupg_pk_is_compliant (CO_DE_VS, pk->pubkey_algo, 0, pk->pkey,
                                     nbits_from_pk (pk), NULL)
           && gnupg_digest_is_compliant (CO_DE_VS, sig->digest_algo))
         write_status_strings (STATUS_VERIFICATION_COMPLIANCE_MODE,
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index 38353c812..14cbdbb0f 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -96,7 +96,7 @@ get_session_key (ctrl_t ctrl, struct pubkey_enc_list *list, DEK *dek)
 
       /* Check compliance.  */
       if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_DECRYPTION,
-                                 sk->pubkey_algo,
+                                 sk->pubkey_algo, 0,
                                  sk->pkey, nbits_from_pk (sk), NULL))
         {
           log_info (_("key %s is not suitable for decryption"
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 2534309dd..ec7778202 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -173,7 +173,7 @@ check_signature2 (ctrl_t ctrl,
   else if (get_pubkey_for_sig (ctrl, pk, sig, forced_pk))
     rc = gpg_error (GPG_ERR_NO_PUBKEY);
   else if (!gnupg_pk_is_allowed (opt.compliance, PK_USE_VERIFICATION,
-                                 pk->pubkey_algo, pk->pkey,
+                                 pk->pubkey_algo, 0, pk->pkey,
                                  nbits_from_pk (pk),
                                  NULL))
     {
diff --git a/g10/sign.c b/g10/sign.c
index d6c938acc..bc46444f6 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -456,7 +456,8 @@ do_sign (ctrl_t ctrl, PKT_public_key *pksk, PKT_signature *sig,
       goto leave;
     }
 
-  if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_SIGNING, pksk->pubkey_algo,
+  if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_SIGNING,
+                             pksk->pubkey_algo, 0,
                              pksk->pkey, nbits_from_pk (pksk), NULL))
     {
       log_error (_("key %s may not be used for signing in %s mode\n"),