security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
gnupg/sm
History
Werner Koch 4e117f206b
gpg,sm: Error out on compliance mismatch while decrypting. 
* g10/pubkey-enc.c (get_session_key): Bail out if the algo is not
allowed in the current compliance mode.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
--

The idea here is that the owner of the key created a non-compliant key
and later receives a mail encrypted to that key.  The sender should
have checked this key too but we can't guarantee that.  By hard
failing here the owner of the key will notice that he had created a
non-compliant key and thus has a chance to generate a new compliant
key.  In case the compliant criteria changes and the owner wants to
decrypt an old message he can still switch gpg to another compliant
mode.

Fixes-commit: a0d0cbee76
GnuPG-bug-id: 3308
Signed-off-by: Werner Koch <wk@gnupg.org>
 		2017-08-01 08:41:47 +02:00
..
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-01 11:09:02 +01:00
Makefile.am Remove -I option to common. 2017-03-07 20:25:54 +09:00
call-agent.c Explain the "server is older than xxx warning". 2017-07-31 11:20:47 +02:00
call-dirmngr.c Explain the "server is older than xxx warning". 2017-07-31 11:20:47 +02:00
certchain.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
certcheck.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
certdump.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
certlist.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
certreqgen-ui.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
certreqgen.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
decrypt.c gpg,sm: Error out on compliance mismatch while decrypting. 2017-08-01 08:41:47 +02:00
delete.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
encrypt.c gpg,sm: String changes for compliance diagnostics. 2017-07-28 17:46:43 +02:00
export.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
fingerprint.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsm-w32info.rc w32: Add icons and version information. 2013-05-07 21:35:48 +02:00
gpgsm.c gpg,sm: String changes for compliance diagnostics. 2017-07-28 17:46:43 +02:00
gpgsm.h common,gpg,sm: Move the compliance option parser. 2017-06-07 16:53:31 +02:00
import.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
keydb.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
keydb.h gpg,sm: Add STATUS_ERROR keydb_search and keydb_add-resource. 2016-11-10 17:07:28 +01:00
keylist.c gpg,common: Move the compliance framework. 2017-06-01 12:09:43 +02:00
minip12.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
minip12.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
misc.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
passphrase.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
passphrase.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
qualified.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
server.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
sign.c gpg,sm: String changes for compliance diagnostics. 2017-07-28 17:46:43 +02:00
verify.c gpg,sm: String changes for compliance diagnostics. 2017-07-28 17:46:43 +02:00