MDC and GnuPG as a filter

David Shaw dshaw at
Tue Aug 13 03:54:01 CEST 2002

On Mon, Aug 12, 2002 at 08:31:09PM -0400, Gordon Worley wrote:
> On Monday, August 12, 2002, at 09:59  AM, Florian Weimer wrote:
> >It looks as if an application should start processing the decrypted
> >data only after the MDC packet has been verified.  (Have a look at
> >this paper: -- most of you
> >probably know it already.)
> >
> >Unfortunately, this breaks one-pass processing for OpenPGP data.  The
> >whole plaintext has to be stored, and in general, processing can only
> >begin after all data has been received. :-(
> >
> >Or am I missing something?
> Having read the paper, I'm wondering, how can I check for this via 
> GPGME.  Will GPGME provide an error if the MDC packet does not verify (I 
> couldn't find one that it might return)?


In 1.2, a bad MDC also gets you a [GNUPG:] DECRYPTION_FAILED


   David Shaw  |  dshaw at  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

More information about the Gnupg-devel mailing list