[git] GnuPG - branch, master, updated. gnupg-2.2.7-131-ga042799
by Werner Koch
cvs at cvs.gnupg.org
Tue May 29 12:51:52 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via a042799c8697defd5e04637529759c4fc0b4c30c (commit)
via 253e8bdd9014cbe6dc06adce9d9dd2f8f4b31709 (commit)
via af4a5dbe575f304838db358aaeb45741f149d0a7 (commit)
from 49e4908652c48d4688b4e032148be73a51ff87cf (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a042799c8697defd5e04637529759c4fc0b4c30c
Author: Werner Koch <wk at gnupg.org>
Date: Tue May 29 12:43:39 2018 +0200
doc: Add a hint about gpgsm and DECRYPTION_INFO.
--
diff --git a/doc/DETAILS b/doc/DETAILS
index 52051ed..e7567f7 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -539,7 +539,8 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
*** DECRYPTION_INFO <mdc_method> <sym_algo> [<aead_algo>]
Print information about the symmetric encryption algorithm and the
MDC method. This will be emitted even if the decryption fails.
- For an AEAD algorithm AEAD_ALGO is not 0.
+ For an AEAD algorithm AEAD_ALGO is not 0. GPGSM currently does
+ not print such a status.
*** DECRYPTION_FAILED
The symmetric decryption failed - one reason could be a wrong
commit 253e8bdd9014cbe6dc06adce9d9dd2f8f4b31709
Author: Werner Koch <wk at gnupg.org>
Date: Tue May 29 12:42:44 2018 +0200
gpg: Remove MDC options
* g10/gpg.c: Tuen options --force-mdc, --no-force-mdc, --disable-mdc
and --no-disable-mdc into NOPs.
* g10/encrypt.c (use_mdc): Simplify. MDC is now almost always used.
(use_aead): Ignore MDC options. Print warning for missing MDC feature
flags.
* g10/pkclist.c (warn_missing_mdc_from_pklist): Rename to ...
(warn_missing_aead_from_pklist): this and adjust.
--
The MDC is now always used except with --rfc2440 which will lead to a
a big fat warning.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 544ed18..baad586 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -2596,21 +2596,18 @@ modern and faster way to do authenticated encrytion than the old MDC
method. See also options @option{--aead-algo} and
@option{--chunk-size}.
-This option requires the use of option @option{--rfc4880bis} to
-declare that a not yet standardized feature is used.
+As of now this option requires the use of option @option{--rfc4880bis}
+to declare that a not yet standardized feature is used.
@item --force-mdc
+ at itemx --disable-mdc
@opindex force-mdc
-Force the use of encryption with a modification detection code. This
-is always used with the newer ciphers (those with a blocksize greater
-than 64 bits), or if all of the recipient keys indicate MDC support in
-their feature flags.
-
- at item --disable-mdc
@opindex disable-mdc
-Disable the use of the modification detection code. Note that by
-using this option, the encrypted message becomes vulnerable to a
-message modification attack.
+These options are obsolete and have no effect since GnuPG 2.2.8. The
+MDC is always used unless the keys indicate that an AEAD algorithm can
+be used in which case AEAD is used. But note: If the creation or of a
+legacy non-MDC message is exceptionally required, the option
+ at option{--rfc2440} allows for this.
@item --disable-signer-uid
@opindex disable-signer-uid
@@ -2740,7 +2737,10 @@ keys or data may not be usable with future GnuPG versions.
@item --rfc2440
@opindex rfc2440
Reset all packet, cipher and digest options to strict RFC-2440
-behavior.
+behavior. Note that by using this option encryption packets are
+created in a legacy mode without MDC protection. This is dangerous
+and should thus only be used for experiments. See also option
+ at option{--ignore-mdc-error}.
@item --pgp6
@opindex pgp6
@@ -2750,8 +2750,9 @@ restricts you to the ciphers IDEA (if the IDEA plugin is installed),
compression algorithms none and ZIP. This also disables
@option{--throw-keyids}, and making signatures with signing subkeys as PGP 6
does not understand signatures made by signing subkeys.
+FIXME: remove this options.
-This option implies @option{--disable-mdc --escape-from-lines}.
+This option implies @option{--escape-from-lines}.
@item --pgp7
@opindex pgp7
@@ -3234,7 +3235,7 @@ It is required to decrypt old messages which did not use an MDC. It
may also be useful if a message is partially garbled, but it is
necessary to get as much data as possible out of that garbled message.
Be aware that a missing or failed MDC can be an indication of an
-attack. Use with caution.
+attack. Use with great caution; see also option @option{--rfc2440}.
@item --allow-weak-digest-algos
@opindex allow-weak-digest-algos
diff --git a/g10/cipher-cfb.c b/g10/cipher-cfb.c
index 48927c5..3ba8eb7 100644
--- a/g10/cipher-cfb.c
+++ b/g10/cipher-cfb.c
@@ -33,6 +33,7 @@
#include "packet.h"
#include "options.h"
#include "main.h"
+#include "../common/i18n.h"
#include "../common/status.h"
@@ -66,8 +67,9 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a)
}
else
{
- log_info ("WARNING: "
- "encrypting without integrity protection is dangerous\n");
+ log_info (_("WARNING: "
+ "encrypting without integrity protection is dangerous\n"));
+ log_info (_("Hint: Do not use option %s\n"), "--rfc2440");
}
write_status_printf (STATUS_BEGIN_ENCRYPTION, "%d %d",
diff --git a/g10/encrypt.c b/g10/encrypt.c
index c6c9e3a..7de07d2 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -212,11 +212,7 @@ use_aead (pk_list_t pk_list, int algo)
can_use = openpgp_cipher_get_algo_blklen (algo) == 16;
- /* With --force-mdc we clearly do not want AEAD. */
- if (opt.force_mdc)
- return 0;
-
- /* However with --force-aead we want AEAD. */
+ /* With --force-aead we want AEAD. */
if (opt.force_aead)
{
if (!can_use)
@@ -232,62 +228,29 @@ use_aead (pk_list_t pk_list, int algo)
if (!can_use)
return 0;
+ /* Note the user which keys have no AEAD feature flag set. */
+ if (opt.verbose)
+ warn_missing_aead_from_pklist (pk_list);
+
/* If all keys support AEAD we can use it. */
return select_aead_from_pklist (pk_list);
}
-/* We try very hard to use a MDC */
+/* Shall we use the MDC? Yes - unless rfc-2440 compatibility is
+ * requested. */
int
use_mdc (pk_list_t pk_list,int algo)
{
- /* RFC-2440 don't has MDC */
- if (RFC2440)
- return 0;
-
- /* --force-mdc overrides --disable-mdc */
- if(opt.force_mdc)
- return 1;
+ (void)pk_list;
+ (void)algo;
- if(opt.disable_mdc)
+ /* RFC-2440 don't has MDC - this is the only way to create a legacy
+ * non-MDC encryption packet. */
+ if (RFC2440)
return 0;
- /* Do the keys really support MDC? */
-
- if(select_mdc_from_pklist(pk_list))
- return 1;
-
- /* The keys don't support MDC, so now we do a bit of a hack - if any
- of the AESes or TWOFISH are in the prefs, we assume that the user
- can handle a MDC. This is valid for PGP 7, which can handle MDCs
- though it will not generate them. 2440bis allows this, by the
- way. */
-
- if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
- CIPHER_ALGO_AES,NULL)==CIPHER_ALGO_AES)
- return 1;
-
- if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
- CIPHER_ALGO_AES192,NULL)==CIPHER_ALGO_AES192)
- return 1;
-
- if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
- CIPHER_ALGO_AES256,NULL)==CIPHER_ALGO_AES256)
- return 1;
-
- if(select_algo_from_prefs(pk_list,PREFTYPE_SYM,
- CIPHER_ALGO_TWOFISH,NULL)==CIPHER_ALGO_TWOFISH)
- return 1;
-
- /* Last try. Use MDC for the modern ciphers. */
-
- if (openpgp_cipher_get_algo_blklen (algo) != 8)
- return 1;
-
- if (opt.verbose)
- warn_missing_mdc_from_pklist (pk_list);
-
- return 0; /* No MDC */
+ return 1; /* In all other cases we use the MDC */
}
diff --git a/g10/gpg.c b/g10/gpg.c
index e718fe4..1a419f7 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -301,10 +301,6 @@ enum cmd_and_opt_values
oShowPhotos,
oNoShowPhotos,
oPhotoViewer,
- oForceMDC,
- oNoForceMDC,
- oDisableMDC,
- oNoDisableMDC,
oForceAEAD,
oS2KMode,
oS2KDigest,
@@ -605,11 +601,6 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oQuiet, "quiet", "@"),
ARGPARSE_s_n (oNoTTY, "no-tty", "@"),
- ARGPARSE_s_n (oForceMDC, "force-mdc", "@"),
- ARGPARSE_s_n (oNoForceMDC, "no-force-mdc", "@"),
- ARGPARSE_s_n (oDisableMDC, "disable-mdc", "@"),
- ARGPARSE_s_n (oNoDisableMDC, "no-disable-mdc", "@"),
-
ARGPARSE_s_n (oForceAEAD, "force-aead", "@"),
ARGPARSE_s_n (oDisableSignerUID, "disable-signer-uid", "@"),
@@ -924,6 +915,11 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oNoop, "force-v4-certs", "@"),
ARGPARSE_s_n (oNoop, "no-force-v4-certs", "@"),
ARGPARSE_s_n (oNoop, "no-mdc-warning", "@"),
+ ARGPARSE_s_n (oNoop, "force-mdc", "@"),
+ ARGPARSE_s_n (oNoop, "no-force-mdc", "@"),
+ ARGPARSE_s_n (oNoop, "disable-mdc", "@"),
+ ARGPARSE_s_n (oNoop, "no-disable-mdc", "@"),
+
ARGPARSE_end ()
};
@@ -2201,7 +2197,6 @@ set_compliance_option (enum cmd_and_opt_values option)
case oDE_VS:
set_compliance_option (oOpenPGP);
opt.compliance = CO_DE_VS;
- opt.force_mdc = 1;
opt.def_aead_algo = 0;
/* Fixme: Change other options. */
break;
@@ -3019,11 +3014,6 @@ main (int argc, char **argv)
break;
case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
- case oForceMDC: opt.force_mdc = 1; break;
- case oNoForceMDC: opt.force_mdc = 0; break;
- case oDisableMDC: opt.disable_mdc = 1; break;
- case oNoDisableMDC: opt.disable_mdc = 0; break;
-
case oForceAEAD: opt.force_aead = 1; break;
case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break;
@@ -3802,7 +3792,6 @@ main (int argc, char **argv)
{
/* That does not anymore work because we have no more support
for v3 signatures. */
- opt.disable_mdc=1;
opt.escape_from=1;
opt.ask_sig_expire=0;
}
diff --git a/g10/keydb.h b/g10/keydb.h
index c65af02..bd156a6 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -236,7 +236,7 @@ int select_algo_from_prefs( PK_LIST pk_list, int preftype,
int request, const union pref_hint *hint);
int select_mdc_from_pklist (PK_LIST pk_list);
aead_algo_t select_aead_from_pklist (pk_list_t pk_list);
-void warn_missing_mdc_from_pklist (PK_LIST pk_list);
+void warn_missing_aead_from_pklist (PK_LIST pk_list);
void warn_missing_aes_from_pklist (PK_LIST pk_list);
/*-- skclist.c --*/
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 8b5d042..05bbea5 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -1677,9 +1677,10 @@ select_aead_from_pklist (PK_LIST pk_list)
}
-/* Print a warning for all keys in PK_LIST missing the MDC feature. */
+/* Print a warning for all keys in PK_LIST missing the AEAD feature
+ * flag or AEAD algorithms. */
void
-warn_missing_mdc_from_pklist (PK_LIST pk_list)
+warn_missing_aead_from_pklist (PK_LIST pk_list)
{
PK_LIST pkr;
@@ -1688,12 +1689,12 @@ warn_missing_mdc_from_pklist (PK_LIST pk_list)
int mdc;
if (pkr->pk->user_id) /* selected by user ID */
- mdc = pkr->pk->user_id->flags.mdc;
+ mdc = pkr->pk->user_id->flags.aead;
else
- mdc = pkr->pk->flags.mdc;
+ mdc = pkr->pk->flags.aead;
if (!mdc)
log_info (_("Note: key %s has no %s feature\n"),
- keystr_from_pk (pkr->pk), "MDC");
+ keystr_from_pk (pkr->pk), "AEAD");
}
}
diff --git a/po/POTFILES.in b/po/POTFILES.in
index f071651..f19cb49 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -75,6 +75,8 @@ g10/tofu.c
g10/trustdb.c
g10/trust.c
g10/verify.c
+g10/cipher-cfb.c
+g10/cipher-aead.c
kbx/kbxutil.c
commit af4a5dbe575f304838db358aaeb45741f149d0a7
Author: Werner Koch <wk at gnupg.org>
Date: Tue May 29 12:24:19 2018 +0200
gpg: Fix detection of the AEAD feature flag.
* g10/getkey.c (fixup_uidnode): Use bitmask 0x02.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/getkey.c b/g10/getkey.c
index 1120e88..fe64835 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -2552,7 +2552,7 @@ fixup_uidnode (KBNODE uidnode, KBNODE signode, u32 keycreated)
/* See whether we have the AEAD feature. */
uid->flags.aead = 0;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_FEATURES, &n);
- if (p && n && (p[0] & 0x01))
+ if (p && n && (p[0] & 0x02))
uid->flags.aead = 1;
/* And the keyserver modify flag. */
-----------------------------------------------------------------------
Summary of changes:
doc/DETAILS | 3 ++-
doc/gpg.texi | 29 +++++++++++++-------------
g10/cipher-cfb.c | 6 ++++--
g10/encrypt.c | 63 ++++++++++++--------------------------------------------
g10/getkey.c | 2 +-
g10/gpg.c | 21 +++++--------------
g10/keydb.h | 2 +-
g10/pkclist.c | 11 +++++-----
po/POTFILES.in | 2 ++
9 files changed, 49 insertions(+), 90 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list