Kleopatra decrypt error - Missing MDC for non legacy algos
Open, LowPublic

Description

Error should be fixed since 3.1.3
https://dev.gnupg.org/T4038

on windows systems we don't see the button "force decryption", altough in the command box we're able to decypt using the appropriate switch.
(see the screenshot also)

Thanks, regards Karl

Details

Version
3.1.3 - 3.1.5
KarlS created this task.Mar 11 2019, 3:25 PM
aheinecke triaged this task as Low priority.Mar 11 2019, 6:00 PM
aheinecke added subscribers: werner, aheinecke.

I think I know what the problem is. T4038 only works for "legacy algorithms" this means old ciphers where MDC was not the default are handled by this error. New algorithms like AES which should have MDC in all implementations were not affected by this because this is much rarer and points to a broken implementation / a real attack.

Do you know which implementation created the encrypted files?

Is it really not an option to re-encrypt the old files using the command line?

I accept it as something to be improved. At least the error should be better but I give this low prio as I currently don't think this affects many users.

@werner I've added you to the CC as ultimately you decided when to set the legacy_algo_no_mdc flag on which Kleopatra's special handling depends.

aheinecke renamed this task from Kleopatra decrypt error to Kleopatra decrypt error - Missing MDC for non legacy algos.Mar 11 2019, 6:01 PM

By the way. As I see the domain in the screenshot ;-) let me just say that there is commercial support for GnuPG (https://gnupg.com) available and through which we could much better and quicker help you to find a solution that works for you if this is a problem in your organisation.