diff options
Diffstat (limited to '')
| -rw-r--r-- | g10/mainproc.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/g10/mainproc.c b/g10/mainproc.c index f7b7c6b2c..9f02b1555 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -607,6 +607,22 @@ proc_encrypted (CTX c, PACKET *pkt) if (result == -1) ; + else if (!result + && !opt.ignore_mdc_error + && !pkt->pkt.encrypted->mdc_method + && openpgp_cipher_get_algo_blklen (c->dek->algo) != 8 + && c->dek->algo != CIPHER_ALGO_TWOFISH) + { + /* The message has been decrypted but has no MDC despite that a + modern cipher (blocklength != 64 bit, except for Twofish) is + used and the option to ignore MDC errors is not used: To + avoid attacks changing an MDC message to a non-MDC message, + we fail here. */ + log_error (_("WARNING: message was not integrity protected\n")); + if (opt.verbose > 1) + log_info ("decryption forced to fail\n"); + write_status (STATUS_DECRYPTION_FAILED); + } else if (!result || (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE && opt.ignore_mdc_error)) { |