Handle no MDC for legacy algos gracefully

Authored by aheinecke on Jul 4 2018, 12:32 PM.

Description

Handle no MDC for legacy algos gracefully

With GPGME 1.11.2 we can detect if an MDC error occured
because of an old algorithm. This is common enough that
we need a proper handling.

It is now detected, the user is shown a notification and
gets the option to "Force decryption" so that the
user could then ideally re-encrypt the file with a modern
algo.

Details

werner added a subscriber: werner.Jul 4 2018, 2:13 PM
werner added inline comments.
/src/crypto/decryptverifytask.cpp
602

May I suggest to use just “attack possibility” because there is a wide variety of attacks and it is not clear what the Efail attack is actually about. They have at least two entirely different attacks not related to encrypted message malleability.

aheinecke added inline comments.Jul 4 2018, 4:29 PM
/src/crypto/decryptverifytask.cpp
602

This is just a comment for translators to give context. Only the second parameter of i18nc is actually translated. There is no user visible "EFail".

aheinecke added inline comments.Jul 4 2018, 4:34 PM
/src/crypto/decryptverifytask.cpp
602

I've changed it anyway. Better not to have efail in the code. ;-)