[git] GnuPG - branch, master, updated. gnupg-2.1.8-70-g625e292

by Werner Koch cvs at cvs.gnupg.org
Tue Oct 6 09:47:51 CEST 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  625e292108cc0fd9077769587a8c22abe7805e33 (commit)
      from  4a5bd1720f5a3dbb26f5daeb03725cae29be7e24 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 625e292108cc0fd9077769587a8c22abe7805e33
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Oct 6 09:40:57 2015 +0200

    gpg: Fail decryption for AES etc message w/o MDC.
    
    * g10/mainproc.c (proc_encrypted): Fail for modern messages w/o MDC.
    --
    
    This change turns the missing MDC warning into an error if the message
    has been encrypted using a cipher with a non-64 bit block length cipher
    and it is not Twofish.
    
    We can assume that such messages are created by code which should have
    been able to create MDC packets.  AES was introduced with 1.0.3 on
    2000-09-18 shortly after MDC (1.0.2 on 2000-07-12).  We need to
    exclude Twofish because that might have been used before MDC.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/g10/mainproc.c b/g10/mainproc.c
index f7b7c6b..9f02b15 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -607,6 +607,22 @@ proc_encrypted (CTX c, PACKET *pkt)
 
   if (result == -1)
     ;
+  else if (!result
+           && !opt.ignore_mdc_error
+           && !pkt->pkt.encrypted->mdc_method
+           && openpgp_cipher_get_algo_blklen (c->dek->algo) != 8
+           && c->dek->algo != CIPHER_ALGO_TWOFISH)
+    {
+      /* The message has been decrypted but has no MDC despite that a
+         modern cipher (blocklength != 64 bit, except for Twofish) is
+         used and the option to ignore MDC errors is not used: To
+         avoid attacks changing an MDC message to a non-MDC message,
+         we fail here.  */
+      log_error (_("WARNING: message was not integrity protected\n"));
+      if (opt.verbose > 1)
+        log_info ("decryption forced to fail\n");
+      write_status (STATUS_DECRYPTION_FAILED);
+    }
   else if (!result || (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE
                        && opt.ignore_mdc_error))
     {

-----------------------------------------------------------------------

Summary of changes:
 g10/mainproc.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list