mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-02 22:46:30 +02:00
gpg: Do not allow old cipher algorithms for encryption.
* g10/gpg.c: New option --allow-old-cipher-algos. (set_compliance_option): Set --rfc4880bis explictly to SHA256 and AES256. Allow old cipher algos for OpenPGP, rfc4880, and rfc2440. * g10/options.h (opt): Add flags.allow_old_cipher_algos. * g10/misc.c (print_sha1_keysig_rejected_note): Always print the note unless in --quiet mode. * g10/encrypt.c (setup_symkey): Disallow by default algos with a blocklengt < 128. (encrypt_crypt): Ditto. Fallback by default to AES instead of 3DES. * g10/pkclist.c (algo_available): Take care of old cipher also. (select_algo_from_prefs): Use AES as implicit algorithm by default. * tests/openpgp/defs.scm (create-gpghome): Set allow-old-cipher-algos. -- GnuPG-bug-id: 3415
This commit is contained in:
Werner Koch
parent
6e730c1881
commit
825dd7220f
7 changed files with 92 additions and 16 deletions
21
doc/gpg.texi
21
doc/gpg.texi
|
|
@ -2848,16 +2848,17 @@ different compliance option in the gpg.conf file.
|
|||
@item --openpgp
|
||||
@opindex openpgp
|
||||
Reset all packet, cipher and digest options to strict OpenPGP
|
||||
behavior. Use this option to reset all previous options like
|
||||
@option{--s2k-*}, @option{--cipher-algo}, @option{--digest-algo} and
|
||||
behavior. This option implies @option{--allow-old-cipher-algos}. Use
|
||||
this option to reset all previous options like @option{--s2k-*},
|
||||
@option{--cipher-algo}, @option{--digest-algo} and
|
||||
@option{--compress-algo} to OpenPGP compliant values. All PGP
|
||||
workarounds are disabled.
|
||||
|
||||
@item --rfc4880
|
||||
@opindex rfc4880
|
||||
Reset all packet, cipher and digest options to strict RFC-4880
|
||||
behavior. Note that this is currently the same thing as
|
||||
@option{--openpgp}.
|
||||
behavior. This option implies @option{--allow-old-cipher-algos}.
|
||||
Note that this is currently the same thing as @option{--openpgp}.
|
||||
|
||||
@item --rfc4880bis
|
||||
@opindex rfc4880bis
|
||||
|
|
@ -2869,7 +2870,8 @@ proposed updates of RFC-4880.
|
|||
Reset all packet, cipher and digest options to strict RFC-2440
|
||||
behavior. Note that by using this option encryption packets are
|
||||
created in a legacy mode without MDC protection. This is dangerous
|
||||
and should thus only be used for experiments. See also option
|
||||
and should thus only be used for experiments. This option implies
|
||||
@option{--allow-old-cipher-algos}. See also option
|
||||
@option{--ignore-mdc-error}.
|
||||
|
||||
@item --pgp6
|
||||
|
|
@ -3391,6 +3393,15 @@ necessary to get as much data as possible out of that garbled message.
|
|||
Be aware that a missing or failed MDC can be an indication of an
|
||||
attack. Use with great caution; see also option @option{--rfc2440}.
|
||||
|
||||
@item --allow-old-cipher-algos
|
||||
@opindex allow-old-cipher-algos
|
||||
Old cipher algorithms like 3DES, IDEA, or CAST5 encrypt data using
|
||||
blocks of 64 bits; modern algorithms use blocks of 128 bit instead.
|
||||
To avoid certain attack on these old algorithms it is suggested not to
|
||||
encrypt more than 150 MiByte using the same key. For this reason gpg
|
||||
does not allow the use of 64 bit block size algorithms for encryption
|
||||
unless this option is specified.
|
||||
|
||||
@item --allow-weak-digest-algos
|
||||
@opindex allow-weak-digest-algos
|
||||
Signatures made with known-weak digest algorithms are normally
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue