mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-03 12:11:33 +01:00
gpg: Remove MDC options
* g10/gpg.c: Tuen options --force-mdc, --no-force-mdc, --disable-mdc and --no-disable-mdc into NOPs. * g10/encrypt.c (use_mdc): Simplify. MDC is now almost always used. (use_aead): Ignore MDC options. Print warning for missing MDC feature flags. * g10/pkclist.c (warn_missing_mdc_from_pklist): Rename to ... (warn_missing_aead_from_pklist): this and adjust. -- The MDC is now always used except with --rfc2440 which will lead to a a big fat warning. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
af4a5dbe57
commit
253e8bdd90
29
doc/gpg.texi
29
doc/gpg.texi
@ -2596,21 +2596,18 @@ modern and faster way to do authenticated encrytion than the old MDC
|
|||||||
method. See also options @option{--aead-algo} and
|
method. See also options @option{--aead-algo} and
|
||||||
@option{--chunk-size}.
|
@option{--chunk-size}.
|
||||||
|
|
||||||
This option requires the use of option @option{--rfc4880bis} to
|
As of now this option requires the use of option @option{--rfc4880bis}
|
||||||
declare that a not yet standardized feature is used.
|
to declare that a not yet standardized feature is used.
|
||||||
|
|
||||||
@item --force-mdc
|
@item --force-mdc
|
||||||
|
@itemx --disable-mdc
|
||||||
@opindex force-mdc
|
@opindex force-mdc
|
||||||
Force the use of encryption with a modification detection code. This
|
|
||||||
is always used with the newer ciphers (those with a blocksize greater
|
|
||||||
than 64 bits), or if all of the recipient keys indicate MDC support in
|
|
||||||
their feature flags.
|
|
||||||
|
|
||||||
@item --disable-mdc
|
|
||||||
@opindex disable-mdc
|
@opindex disable-mdc
|
||||||
Disable the use of the modification detection code. Note that by
|
These options are obsolete and have no effect since GnuPG 2.2.8. The
|
||||||
using this option, the encrypted message becomes vulnerable to a
|
MDC is always used unless the keys indicate that an AEAD algorithm can
|
||||||
message modification attack.
|
be used in which case AEAD is used. But note: If the creation or of a
|
||||||
|
legacy non-MDC message is exceptionally required, the option
|
||||||
|
@option{--rfc2440} allows for this.
|
||||||
|
|
||||||
@item --disable-signer-uid
|
@item --disable-signer-uid
|
||||||
@opindex disable-signer-uid
|
@opindex disable-signer-uid
|
||||||
@ -2740,7 +2737,10 @@ keys or data may not be usable with future GnuPG versions.
|
|||||||
@item --rfc2440
|
@item --rfc2440
|
||||||
@opindex rfc2440
|
@opindex rfc2440
|
||||||
Reset all packet, cipher and digest options to strict RFC-2440
|
Reset all packet, cipher and digest options to strict RFC-2440
|
||||||
behavior.
|
behavior. Note that by using this option encryption packets are
|
||||||
|
created in a legacy mode without MDC protection. This is dangerous
|
||||||
|
and should thus only be used for experiments. See also option
|
||||||
|
@option{--ignore-mdc-error}.
|
||||||
|
|
||||||
@item --pgp6
|
@item --pgp6
|
||||||
@opindex pgp6
|
@opindex pgp6
|
||||||
@ -2750,8 +2750,9 @@ restricts you to the ciphers IDEA (if the IDEA plugin is installed),
|
|||||||
compression algorithms none and ZIP. This also disables
|
compression algorithms none and ZIP. This also disables
|
||||||
@option{--throw-keyids}, and making signatures with signing subkeys as PGP 6
|
@option{--throw-keyids}, and making signatures with signing subkeys as PGP 6
|
||||||
does not understand signatures made by signing subkeys.
|
does not understand signatures made by signing subkeys.
|
||||||
|
FIXME: remove this options.
|
||||||
|
|
||||||
This option implies @option{--disable-mdc --escape-from-lines}.
|
This option implies @option{--escape-from-lines}.
|
||||||
|
|
||||||
@item --pgp7
|
@item --pgp7
|
||||||
@opindex pgp7
|
@opindex pgp7
|
||||||
@ -3234,7 +3235,7 @@ It is required to decrypt old messages which did not use an MDC. It
|
|||||||
may also be useful if a message is partially garbled, but it is
|
may also be useful if a message is partially garbled, but it is
|
||||||
necessary to get as much data as possible out of that garbled message.
|
necessary to get as much data as possible out of that garbled message.
|
||||||
Be aware that a missing or failed MDC can be an indication of an
|
Be aware that a missing or failed MDC can be an indication of an
|
||||||
attack. Use with caution.
|
attack. Use with great caution; see also option @option{--rfc2440}.
|
||||||
|
|
||||||
@item --allow-weak-digest-algos
|
@item --allow-weak-digest-algos
|
||||||
@opindex allow-weak-digest-algos
|
@opindex allow-weak-digest-algos
|
||||||
|
@ -33,6 +33,7 @@
|
|||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
#include "options.h"
|
#include "options.h"
|
||||||
#include "main.h"
|
#include "main.h"
|
||||||
|
#include "../common/i18n.h"
|
||||||
#include "../common/status.h"
|
#include "../common/status.h"
|
||||||
|
|
||||||
|
|
||||||
@ -66,8 +67,9 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a)
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
log_info ("WARNING: "
|
log_info (_("WARNING: "
|
||||||
"encrypting without integrity protection is dangerous\n");
|
"encrypting without integrity protection is dangerous\n"));
|
||||||
|
log_info (_("Hint: Do not use option %s\n"), "--rfc2440");
|
||||||
}
|
}
|
||||||
|
|
||||||
write_status_printf (STATUS_BEGIN_ENCRYPTION, "%d %d",
|
write_status_printf (STATUS_BEGIN_ENCRYPTION, "%d %d",
|
||||||
|
@ -212,11 +212,7 @@ use_aead (pk_list_t pk_list, int algo)
|
|||||||
|
|
||||||
can_use = openpgp_cipher_get_algo_blklen (algo) == 16;
|
can_use = openpgp_cipher_get_algo_blklen (algo) == 16;
|
||||||
|
|
||||||
/* With --force-mdc we clearly do not want AEAD. */
|
/* With --force-aead we want AEAD. */
|
||||||
if (opt.force_mdc)
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
/* However with --force-aead we want AEAD. */
|
|
||||||
if (opt.force_aead)
|
if (opt.force_aead)
|
||||||
{
|
{
|
||||||
if (!can_use)
|
if (!can_use)
|
||||||
@ -232,62 +228,29 @@ use_aead (pk_list_t pk_list, int algo)
|
|||||||
if (!can_use)
|
if (!can_use)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
/* Note the user which keys have no AEAD feature flag set. */
|
||||||
|
if (opt.verbose)
|
||||||
|
warn_missing_aead_from_pklist (pk_list);
|
||||||
|
|
||||||
/* If all keys support AEAD we can use it. */
|
/* If all keys support AEAD we can use it. */
|
||||||
return select_aead_from_pklist (pk_list);
|
return select_aead_from_pklist (pk_list);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* We try very hard to use a MDC */
|
/* Shall we use the MDC? Yes - unless rfc-2440 compatibility is
|
||||||
|
* requested. */
|
||||||
int
|
int
|
||||||
use_mdc (pk_list_t pk_list,int algo)
|
use_mdc (pk_list_t pk_list,int algo)
|
||||||
{
|
{
|
||||||
/* RFC-2440 don't has MDC */
|
(void)pk_list;
|
||||||
|
(void)algo;
|
||||||
|
|
||||||
|
/* RFC-2440 don't has MDC - this is the only way to create a legacy
|
||||||
|
* non-MDC encryption packet. */
|
||||||
if (RFC2440)
|
if (RFC2440)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
/* --force-mdc overrides --disable-mdc */
|
return 1; /* In all other cases we use the MDC */
|
||||||
if(opt.force_mdc)
|
|
||||||
return 1;
|
|
||||||
|
|
||||||
if(opt.disable_mdc)
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
/* Do the keys really support MDC? */
|
|
||||||
|
|
||||||
if(select_mdc_from_pklist(pk_list))
|
|
||||||
return 1;
|
|
||||||
|
|
||||||
/* The keys don't support MDC, so now we do a bit of a hack - if any
|
|
||||||
of the AESes or TWOFISH are in the prefs, we assume that the user
|
|
||||||
can handle a MDC. This is valid for PGP 7, which can handle MDCs
|
|
||||||
though it will not generate them. 2440bis allows this, by the
|
|
||||||
way. */
|
|
||||||
|
|
||||||
if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
|
|
||||||
CIPHER_ALGO_AES,NULL)==CIPHER_ALGO_AES)
|
|
||||||
return 1;
|
|
||||||
|
|
||||||
if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
|
|
||||||
CIPHER_ALGO_AES192,NULL)==CIPHER_ALGO_AES192)
|
|
||||||
return 1;
|
|
||||||
|
|
||||||
if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
|
|
||||||
CIPHER_ALGO_AES256,NULL)==CIPHER_ALGO_AES256)
|
|
||||||
return 1;
|
|
||||||
|
|
||||||
if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
|
|
||||||
CIPHER_ALGO_TWOFISH,NULL)==CIPHER_ALGO_TWOFISH)
|
|
||||||
return 1;
|
|
||||||
|
|
||||||
/* Last try. Use MDC for the modern ciphers. */
|
|
||||||
|
|
||||||
if (openpgp_cipher_get_algo_blklen (algo) != 8)
|
|
||||||
return 1;
|
|
||||||
|
|
||||||
if (opt.verbose)
|
|
||||||
warn_missing_mdc_from_pklist (pk_list);
|
|
||||||
|
|
||||||
return 0; /* No MDC */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
21
g10/gpg.c
21
g10/gpg.c
@ -301,10 +301,6 @@ enum cmd_and_opt_values
|
|||||||
oShowPhotos,
|
oShowPhotos,
|
||||||
oNoShowPhotos,
|
oNoShowPhotos,
|
||||||
oPhotoViewer,
|
oPhotoViewer,
|
||||||
oForceMDC,
|
|
||||||
oNoForceMDC,
|
|
||||||
oDisableMDC,
|
|
||||||
oNoDisableMDC,
|
|
||||||
oForceAEAD,
|
oForceAEAD,
|
||||||
oS2KMode,
|
oS2KMode,
|
||||||
oS2KDigest,
|
oS2KDigest,
|
||||||
@ -605,11 +601,6 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
ARGPARSE_s_n (oQuiet, "quiet", "@"),
|
ARGPARSE_s_n (oQuiet, "quiet", "@"),
|
||||||
ARGPARSE_s_n (oNoTTY, "no-tty", "@"),
|
ARGPARSE_s_n (oNoTTY, "no-tty", "@"),
|
||||||
|
|
||||||
ARGPARSE_s_n (oForceMDC, "force-mdc", "@"),
|
|
||||||
ARGPARSE_s_n (oNoForceMDC, "no-force-mdc", "@"),
|
|
||||||
ARGPARSE_s_n (oDisableMDC, "disable-mdc", "@"),
|
|
||||||
ARGPARSE_s_n (oNoDisableMDC, "no-disable-mdc", "@"),
|
|
||||||
|
|
||||||
ARGPARSE_s_n (oForceAEAD, "force-aead", "@"),
|
ARGPARSE_s_n (oForceAEAD, "force-aead", "@"),
|
||||||
|
|
||||||
ARGPARSE_s_n (oDisableSignerUID, "disable-signer-uid", "@"),
|
ARGPARSE_s_n (oDisableSignerUID, "disable-signer-uid", "@"),
|
||||||
@ -924,6 +915,11 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
ARGPARSE_s_n (oNoop, "force-v4-certs", "@"),
|
ARGPARSE_s_n (oNoop, "force-v4-certs", "@"),
|
||||||
ARGPARSE_s_n (oNoop, "no-force-v4-certs", "@"),
|
ARGPARSE_s_n (oNoop, "no-force-v4-certs", "@"),
|
||||||
ARGPARSE_s_n (oNoop, "no-mdc-warning", "@"),
|
ARGPARSE_s_n (oNoop, "no-mdc-warning", "@"),
|
||||||
|
ARGPARSE_s_n (oNoop, "force-mdc", "@"),
|
||||||
|
ARGPARSE_s_n (oNoop, "no-force-mdc", "@"),
|
||||||
|
ARGPARSE_s_n (oNoop, "disable-mdc", "@"),
|
||||||
|
ARGPARSE_s_n (oNoop, "no-disable-mdc", "@"),
|
||||||
|
|
||||||
|
|
||||||
ARGPARSE_end ()
|
ARGPARSE_end ()
|
||||||
};
|
};
|
||||||
@ -2201,7 +2197,6 @@ set_compliance_option (enum cmd_and_opt_values option)
|
|||||||
case oDE_VS:
|
case oDE_VS:
|
||||||
set_compliance_option (oOpenPGP);
|
set_compliance_option (oOpenPGP);
|
||||||
opt.compliance = CO_DE_VS;
|
opt.compliance = CO_DE_VS;
|
||||||
opt.force_mdc = 1;
|
|
||||||
opt.def_aead_algo = 0;
|
opt.def_aead_algo = 0;
|
||||||
/* Fixme: Change other options. */
|
/* Fixme: Change other options. */
|
||||||
break;
|
break;
|
||||||
@ -3019,11 +3014,6 @@ main (int argc, char **argv)
|
|||||||
break;
|
break;
|
||||||
case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
|
case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
|
||||||
|
|
||||||
case oForceMDC: opt.force_mdc = 1; break;
|
|
||||||
case oNoForceMDC: opt.force_mdc = 0; break;
|
|
||||||
case oDisableMDC: opt.disable_mdc = 1; break;
|
|
||||||
case oNoDisableMDC: opt.disable_mdc = 0; break;
|
|
||||||
|
|
||||||
case oForceAEAD: opt.force_aead = 1; break;
|
case oForceAEAD: opt.force_aead = 1; break;
|
||||||
|
|
||||||
case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break;
|
case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break;
|
||||||
@ -3802,7 +3792,6 @@ main (int argc, char **argv)
|
|||||||
{
|
{
|
||||||
/* That does not anymore work because we have no more support
|
/* That does not anymore work because we have no more support
|
||||||
for v3 signatures. */
|
for v3 signatures. */
|
||||||
opt.disable_mdc=1;
|
|
||||||
opt.escape_from=1;
|
opt.escape_from=1;
|
||||||
opt.ask_sig_expire=0;
|
opt.ask_sig_expire=0;
|
||||||
}
|
}
|
||||||
|
@ -236,7 +236,7 @@ int select_algo_from_prefs( PK_LIST pk_list, int preftype,
|
|||||||
int request, const union pref_hint *hint);
|
int request, const union pref_hint *hint);
|
||||||
int select_mdc_from_pklist (PK_LIST pk_list);
|
int select_mdc_from_pklist (PK_LIST pk_list);
|
||||||
aead_algo_t select_aead_from_pklist (pk_list_t pk_list);
|
aead_algo_t select_aead_from_pklist (pk_list_t pk_list);
|
||||||
void warn_missing_mdc_from_pklist (PK_LIST pk_list);
|
void warn_missing_aead_from_pklist (PK_LIST pk_list);
|
||||||
void warn_missing_aes_from_pklist (PK_LIST pk_list);
|
void warn_missing_aes_from_pklist (PK_LIST pk_list);
|
||||||
|
|
||||||
/*-- skclist.c --*/
|
/*-- skclist.c --*/
|
||||||
|
@ -1677,9 +1677,10 @@ select_aead_from_pklist (PK_LIST pk_list)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Print a warning for all keys in PK_LIST missing the MDC feature. */
|
/* Print a warning for all keys in PK_LIST missing the AEAD feature
|
||||||
|
* flag or AEAD algorithms. */
|
||||||
void
|
void
|
||||||
warn_missing_mdc_from_pklist (PK_LIST pk_list)
|
warn_missing_aead_from_pklist (PK_LIST pk_list)
|
||||||
{
|
{
|
||||||
PK_LIST pkr;
|
PK_LIST pkr;
|
||||||
|
|
||||||
@ -1688,12 +1689,12 @@ warn_missing_mdc_from_pklist (PK_LIST pk_list)
|
|||||||
int mdc;
|
int mdc;
|
||||||
|
|
||||||
if (pkr->pk->user_id) /* selected by user ID */
|
if (pkr->pk->user_id) /* selected by user ID */
|
||||||
mdc = pkr->pk->user_id->flags.mdc;
|
mdc = pkr->pk->user_id->flags.aead;
|
||||||
else
|
else
|
||||||
mdc = pkr->pk->flags.mdc;
|
mdc = pkr->pk->flags.aead;
|
||||||
if (!mdc)
|
if (!mdc)
|
||||||
log_info (_("Note: key %s has no %s feature\n"),
|
log_info (_("Note: key %s has no %s feature\n"),
|
||||||
keystr_from_pk (pkr->pk), "MDC");
|
keystr_from_pk (pkr->pk), "AEAD");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -75,6 +75,8 @@ g10/tofu.c
|
|||||||
g10/trustdb.c
|
g10/trustdb.c
|
||||||
g10/trust.c
|
g10/trust.c
|
||||||
g10/verify.c
|
g10/verify.c
|
||||||
|
g10/cipher-cfb.c
|
||||||
|
g10/cipher-aead.c
|
||||||
|
|
||||||
kbx/kbxutil.c
|
kbx/kbxutil.c
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user