From 8631d4cfe251f9936d6cbc11b4c4623397b1aeb6 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 18 Mar 2022 11:13:23 +0100 Subject: gpg: Allow decryption of symencr even for non-compliant cipher. * g10/decrypt-data.c (decrypt_data): Add arg compliance_error. Adjust all callers. Fail on compliance error only in --require-compliance mode. Make sure to return an error if the buffer is missing; actually that should be an assert. * g10/mainproc.c (proc_encrypted): Delay printing of the compliance mode status. Consult the compliance error now returned by decrypt_data. -- The actual case here is that we fail hard if a message has been AEAD encrypted with one AEAD capable key and also with one passphrase. In general the preference system takes care of not using AEAD if one recipient's key does not support it. However, if the sender uses her own AEAD-capable key _and_ a passphrase the message will be AEAD encrypted. This change allows to decrypt that anyway along with a warning message. Note that this does currently not work in 2.3 due to a non-compliant libgcrypt. We will however, backport this to 2.2. --- g10/gpgv.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'g10/gpgv.c') diff --git a/g10/gpgv.c b/g10/gpgv.c index d1e6da956..3bb99dc6c 100644 --- a/g10/gpgv.c +++ b/g10/gpgv.c @@ -544,12 +544,14 @@ get_override_session_key (DEK *dek, const char *string) /* Stub: */ int -decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek) +decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek, + int *compliance_error) { (void)ctrl; (void)procctx; (void)ed; (void)dek; + (void)compliance_error; return GPG_ERR_GENERAL; } -- cgit v1.2.3