Page MenuHome GnuPG
Create Task
Maniphest T8124

Kleopatra: Remove "Force Decryption" button shown if decryption failed due to missing integrity check (MDC)
Testing, NormalPublic
Actions

Description

If decryption fails due to a missing integrity check (MDC) then Kleopatra shows a "Force Decryption" button. This allows the user to ignore the missing integrity check and to force decryption with GnuPG.

I think this button should be removed. I think nowadays ignoring a missing integrity check on decryption is an absolute no-go. Therefore we shouldn't make it easy for people to shoot themselves in the foot. People who need to decrypt decades old data without MDC should use the command line. (We could show a hint in Kleopatra in case decryption fails because of missing MDC.)

I stumbled over this while looking into T7784: Kleopatra notepad: change to buttons in result list widget.

Some background information: The button was added with T4038: Kleopatra: Improve handling of MDC errors. It's only shown for legacy algorithms without MDC, i.e. if AES is used then decryption simply fails without more specific errors (see T4402: Kleopatra decrypt error - Missing MDC for non legacy algos).

You can create a file to test a missing MDC with

gpg --encrypt --rfc2440 --cipher-algo 3des -r 11A9C6D06717C4E284960BA906E28F5FB5297489 --output decrypt-me-no-mdc.gpg encrypt-me.txt

This encrypts the file encrypt-me.txt with the Edward Tester 2023 key.

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRAe25a1eaa3704 Fix info displayed after failed decryption or verification
rKLEOPATRA90bed45241e2 Remove possibility to force decryption on missing integrity protection

Related Objects

Event Timeline

ikloecker created this task.Tue, Feb 24, 4:41 PM
ikloecker mentioned this in T7784: Kleopatra notepad: change to buttons in result list widget.Tue, Feb 24, 4:50 PM
ikloecker updated the task description. (Show Details)Tue, Feb 24, 5:00 PM
werner awarded a token.Wed, Feb 25, 8:51 AM
ebo triaged this task as Normal priority.Wed, Feb 25, 9:14 AM
ebo added a project: gpd5x.
ebo added a subscriber: ebo.

Please add the hint you mentioned.

ikloecker claimed this task.Wed, Feb 25, 11:19 AM
ikloecker moved this task from Backlog to WIP on the gpd5x board.
ikloecker updated the task description. (Show Details)Wed, Feb 25, 4:19 PM
ikloecker added a commit: rKLEOPATRA90bed45241e2: Remove possibility to force decryption on missing integrity protection.Wed, Feb 25, 4:26 PM
ikloecker added a commit: rKLEOPATRAe25a1eaa3704: Fix info displayed after failed decryption or verification.
ikloecker changed the task status from Open to Testing.Wed, Feb 25, 4:27 PM

Done.

thesamesam added a subscriber: thesamesam.Wed, Feb 25, 9:05 PM
ikloecker mentioned this in Unknown Object (Maniphest Task).Mon, Mar 2, 9:07 AM
ebo moved this task from WIP to QA on the gpd5x board.Mon, Mar 2, 4:54 PM
timegrid moved this task from QA to Done on the gpd5x board.Tue, Mar 3, 2:35 PM
timegrid added a subscriber: timegrid.

Looks good to me on gpg4win-5.0.2-beta2 @ win11:

timegrid moved this task from Done to gpd-5.0.2 on the gpd5x board.Tue, Mar 3, 2:35 PM
timegrid edited projects, added gpd5x (gpd-5.0.2); removed gpd5x.