Handle no MDC for legacy algos gracefully
9e5fa86561ae
Actions

Description

Handle no MDC for legacy algos gracefully

With GPGME 1.11.2 we can detect if an MDC error occured
because of an old algorithm. This is common enough that
we need a proper handling.

It is now detected, the user is shown a notification and
gets the option to "Force decryption" so that the
user could then ideally re-encrypt the file with a modern
algo.

GnuPG-Bug-Id: T4038

Details

Provenance

• aheinecke

Authored on Jul 4 2018, 12:32 PM

Parents

rKLEOPATRAb176527193f1: Improve error handling for decrypt/verify

Branches

Unknown

Tags

Unknown

Tasks

T4038: Kleopatra: Improve handling of MDC errors

Event Timeline

• aheinecke committed rKLEOPATRA9e5fa86561ae: Handle no MDC for legacy algos gracefully (authored by • aheinecke).Jul 4 2018, 12:36 PM

• aheinecke added a task: T4038: Kleopatra: Improve handling of MDC errors.

• werner added a subscriber: • werner.Jul 4 2018, 2:13 PM

• werner added inline comments.

/src/crypto/decryptverifytask.cpp
602	May I suggest to use just “attack possibility” because there is a wide variety of attacks and it is not clear what the Efail attack is actually about. They have at least two entirely different attacks not related to encrypted message malleability.

• aheinecke added inline comments.Jul 4 2018, 4:29 PM

/src/crypto/decryptverifytask.cpp
602	This is just a comment for translators to give context. Only the second parameter of i18nc is actually translated. There is no user visible "EFail".