2.2.43 and vsd-allow-ocb

Andreas Metzler ametzler at bebt.de
Sat May 4 18:45:58 CEST 2024


2.2.42`s NEWS said
  * gpg: Support OCB encryption.  [T6263]

and https://dev.gnupg.org/T6263 shows two commits
	rG0a355b2fe7d8 gpg: Add compatibility flag "vsd-allow-ocb"
	rGa545e14e8a74 gpg: Support OCB encryption.

The commit message for 0a355b2fe7d8 said
| * g10/gpg.c (compatibility_flags): Add "vsd-allow-ocb".
| (main): And set it.

Which understand to mean that 2.2.43 would by default both generate keys
with 'AEAD: OCB' and use OCB when encrypting to keys with that flag set.
And this behavior could have been disabled with '--compatibility-flags

However afaict (gpg --compatibility-flags ?) the flag is not set by
default and indeed --quick-generate-key without --compatibility-flags
vsd-allow-ocb generates a key without "AEAD: OCB" and does not use OCB
for encrypting to a key with "AEAD: OCB" set.

Is my understanding flawed?

cu Andreas
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Gnupg-users mailing list