Page MenuHome GnuPG
Create Task
Maniphest T7804

de-vs compliance not shown if also password encrypted
Open, NormalPublic
Actions

Description

In de-vs compliance mode a DECRYPTION_COMPLIANCE_MODE status line should be emitted when compliant algos where used for encryption. However, if the data has also been encrypted with a password that status line is not emitted if OCB mode was used. The result is that for example kleopatra claims that the data was not compliant encrypted.

Revisions and Commits

rG GnuPG
rG6771ed4c1322 gpg: Fix de-vs compliance with OCB and additional password.
rGa73c88817ce2 gpg: Make OCB mode compliant in de-vs mode.

Event Timeline

werner triaged this task as Normal priority.Wed, Sep 3, 3:48 PM
werner created this task.
werner created this object with edit policy "Contributor (Project)".
werner edited projects, added gnupg22; removed gnupg24.Wed, Sep 3, 4:20 PM
werner moved this task from Backlog to WIP on the gnupg26 board.
werner added a comment.Wed, Sep 3, 4:27 PM

In contrast to gnupg22 master did not proper show OCB compliance - not everything has yet been forward ported. But we can do so now and test master by setting GNUPG_ASSUME_COMPLIANCE=de-vs

werner added a commit: rGa73c88817ce2: gpg: Make OCB mode compliant in de-vs mode..Wed, Sep 3, 4:32 PM
werner added a commit: rG6771ed4c1322: gpg: Fix de-vs compliance with OCB and additional password..