gpg: Remove MDC options

* g10/gpg.c: Tuen options --force-mdc, --no-force-mdc, --disable-mdc and --no-disable-mdc into NOPs. * g10/encrypt.c (use_mdc): Simplify. MDC is now almost always used. (use_aead): Ignore MDC options. Print warning for missing MDC feature flags. * g10/pkclist.c (warn_missing_mdc_from_pklist): Rename to ... (warn_missing_aead_from_pklist): this and adjust. -- The MDC is now always used except with --rfc2440 which will lead to a a big fat warning. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-02 22:46:30 +02:00 · 2018-05-29 12:42:44 +02:00 · 2018-05-29 12:42:44 +02:00 · 253e8bdd90
commit 253e8bdd90
parent af4a5dbe57
7 changed files with 46 additions and 88 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -2596,21 +2596,18 @@ modern and faster way to do authenticated encrytion than the old MDC
 method.  See also options @option{--aead-algo} and
@option{--chunk-size}.

-This option requires the use of option @option{--rfc4880bis} to
-declare that a not yet standardized feature is used.
+As of now this option requires the use of option @option{--rfc4880bis}
+to declare that a not yet standardized feature is used.

@item --force-mdc
+@itemx --disable-mdc
@opindex force-mdc
-Force the use of encryption with a modification detection code. This
-is always used with the newer ciphers (those with a blocksize greater
-than 64 bits), or if all of the recipient keys indicate MDC support in
-their feature flags.
-
-@item --disable-mdc
@opindex disable-mdc
-Disable the use of the modification detection code. Note that by
-using this option, the encrypted message becomes vulnerable to a
-message modification attack.
+These options are obsolete and have no effect since GnuPG 2.2.8.  The
+MDC is always used unless the keys indicate that an AEAD algorithm can
+be used in which case AEAD is used.  But note: If the creation or of a
+legacy non-MDC message is exceptionally required, the option
+@option{--rfc2440} allows for this.

@item --disable-signer-uid
@opindex disable-signer-uid
@ -2740,7 +2737,10 @@ keys or data may not be usable with future GnuPG versions.
@item --rfc2440
@opindex rfc2440
 Reset all packet, cipher and digest options to strict RFC-2440
-behavior.
+behavior.  Note that by using this option encryption packets are
+created in a legacy mode without MDC protection.  This is dangerous
+and should thus only be used for experiments.  See also option
+@option{--ignore-mdc-error}.

@item --pgp6
@opindex pgp6
@ -2750,8 +2750,9 @@ restricts you to the ciphers IDEA (if the IDEA plugin is installed),
 compression algorithms none and ZIP. This also disables
@option{--throw-keyids}, and making signatures with signing subkeys as PGP 6
 does not understand signatures made by signing subkeys.
+FIXME: remove this options.

-This option implies @option{--disable-mdc --escape-from-lines}.
+This option implies @option{--escape-from-lines}.

@item --pgp7
@opindex pgp7
@ -3234,7 +3235,7 @@ It is required to decrypt old messages which did not use an MDC.  It
 may also be useful if a message is partially garbled, but it is
 necessary to get as much data as possible out of that garbled message.
 Be aware that a missing or failed MDC can be an indication of an
-attack.  Use with caution.
+attack.  Use with great caution; see also option @option{--rfc2440}.

@item --allow-weak-digest-algos
@opindex allow-weak-digest-algos