security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpg: Remove MDC options

Browse source 
* g10/gpg.c: Tuen options --force-mdc, --no-force-mdc, --disable-mdc
and --no-disable-mdc into NOPs.
* g10/encrypt.c (use_mdc): Simplify.  MDC is now almost always used.
(use_aead): Ignore MDC options. Print warning for missing MDC feature
flags.
* g10/pkclist.c (warn_missing_mdc_from_pklist): Rename to ...
(warn_missing_aead_from_pklist): this and adjust.
--

The MDC is now always used except with --rfc2440 which will lead to a
a big fat warning.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2018-05-29 12:42:44 +02:00
parent af4a5dbe57
commit 253e8bdd90
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
7 changed files with 46 additions and 88 deletions
Download patch file Download diff file Expand all files Collapse all files

29
doc/gpg.texi
View file

@ -2596,21 +2596,18 @@ modern and faster way to do authenticated encrytion than the old MDC
method. See also options @option{--aead-algo} and
@option{--chunk-size}.
This option requires the use of option @option{--rfc4880bis} to
declare that a not yet standardized feature is used.
As of now this option requires the use of option @option{--rfc4880bis}
to declare that a not yet standardized feature is used.
@item --force-mdc
@itemx --disable-mdc
@opindex force-mdc
Force the use of encryption with a modification detection code. This
is always used with the newer ciphers (those with a blocksize greater
than 64 bits), or if all of the recipient keys indicate MDC support in
their feature flags.
@item --disable-mdc
@opindex disable-mdc
Disable the use of the modification detection code. Note that by
using this option, the encrypted message becomes vulnerable to a
message modification attack.
These options are obsolete and have no effect since GnuPG 2.2.8. The
MDC is always used unless the keys indicate that an AEAD algorithm can
be used in which case AEAD is used. But note: If the creation or of a
legacy non-MDC message is exceptionally required, the option
@option{--rfc2440} allows for this.
@item --disable-signer-uid
@opindex disable-signer-uid
@ -2740,7 +2737,10 @@ keys or data may not be usable with future GnuPG versions.
@item --rfc2440
@opindex rfc2440
Reset all packet, cipher and digest options to strict RFC-2440
behavior.
behavior. Note that by using this option encryption packets are
created in a legacy mode without MDC protection. This is dangerous
and should thus only be used for experiments. See also option
@option{--ignore-mdc-error}.
@item --pgp6
@opindex pgp6
@ -2750,8 +2750,9 @@ restricts you to the ciphers IDEA (if the IDEA plugin is installed),
compression algorithms none and ZIP. This also disables
@option{--throw-keyids}, and making signatures with signing subkeys as PGP 6
does not understand signatures made by signing subkeys.
FIXME: remove this options.
This option implies @option{--disable-mdc --escape-from-lines}.
This option implies @option{--escape-from-lines}.
@item --pgp7
@opindex pgp7
@ -3234,7 +3235,7 @@ It is required to decrypt old messages which did not use an MDC. It
may also be useful if a message is partially garbled, but it is
necessary to get as much data as possible out of that garbled message.
Be aware that a missing or failed MDC can be an indication of an
attack. Use with caution.
attack. Use with great caution; see also option @option{--rfc2440}.
@item --allow-weak-digest-algos
@opindex allow-weak-digest-algos