Feature suggestion: options to require MDC or trusted signature on decryption
Werner Koch
wk at gnupg.org
Thu May 31 13:28:32 CEST 2018
On Tue, 29 May 2018 08:14, patrick at enigmail.net said:
> Enigmail fails with this since about two weeks, also for older versions
> of GnuPG. I had a number of bug reports/support requests since then, but
> overall it was less than I feared. Some people still have very old keys.
Good. Today I pushed changes for 2.2.8 which will now always require
the MDC and which will print a hint in case an old cipher algorithm is
the cause for the missing MDC:
gpg: WARNING: message was not integrity protected
gpg: Hint: If this message was created before the year 2003 it is
likely that this message is legitimate. This is because back
then integrity protection was not widely used.
gpg: Use the option '--ignore-mdc-error' to decrypt anyway.
[GNUPG:] ERROR nomdc_with_legacy_cipher 152
gpg: decryption forced to fail!
[GNUPG:] DECRYPTION_FAILED
[GNUPG:] END_DECRYPTION
> in favor of backporting this, but we need to make the developers of
> tools using GnuPG aware of the change early enough such that they can
> prepare their software. Otherwise we'll leave behind a number of unhappy
I would suggest that you parse that new ERROR status line and print a
warning like the above if the first arg is "nomdc_with_legacy_cipher".
I have not yet decided whether and how to do this in gpgme. May be a
context specific flag to pass --ignore-mdc-error and a flag in the
decryption result.
Shalom-Salam,
Werner
--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180531/605c672e/attachment.sig>
More information about the Gnupg-devel
mailing list