gpg: Remove MDC options

* g10/gpg.c: Tuen options --force-mdc, --no-force-mdc, --disable-mdc
and --no-disable-mdc into NOPs.
* g10/encrypt.c (use_mdc): Simplify.  MDC is now almost always used.
(use_aead): Ignore MDC options. Print warning for missing MDC feature
flags.
* g10/pkclist.c (warn_missing_mdc_from_pklist): Rename to ...
(warn_missing_aead_from_pklist): this and adjust.
--

The MDC is now always used except with --rfc2440 which will lead to a
a big fat warning.

Signed-off-by: Werner Koch <wk@gnupg.org>

1 files changed, 15 insertions, 14 deletions

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 544ed1817..baad58657 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -2596,21 +2596,18 @@ modern and faster way to do authenticated encrytion than the old MDC
 method.  See also options @option{--aead-algo} and
 @option{--chunk-size}.
 
-This option requires the use of option @option{--rfc4880bis} to
-declare that a not yet standardized feature is used.
+As of now this option requires the use of option @option{--rfc4880bis}
+to declare that a not yet standardized feature is used.
 
 @item --force-mdc
+@itemx --disable-mdc
 @opindex force-mdc
-Force the use of encryption with a modification detection code. This
-is always used with the newer ciphers (those with a blocksize greater
-than 64 bits), or if all of the recipient keys indicate MDC support in
-their feature flags.
-
-@item --disable-mdc
 @opindex disable-mdc
-Disable the use of the modification detection code. Note that by
-using this option, the encrypted message becomes vulnerable to a
-message modification attack.
+These options are obsolete and have no effect since GnuPG 2.2.8.  The
+MDC is always used unless the keys indicate that an AEAD algorithm can
+be used in which case AEAD is used.  But note: If the creation or of a
+legacy non-MDC message is exceptionally required, the option
+@option{--rfc2440} allows for this.
 
 @item --disable-signer-uid
 @opindex disable-signer-uid
@@ -2740,7 +2737,10 @@ keys or data may not be usable with future GnuPG versions.
 @item --rfc2440
 @opindex rfc2440
 Reset all packet, cipher and digest options to strict RFC-2440
-behavior.
+behavior.  Note that by using this option encryption packets are
+created in a legacy mode without MDC protection.  This is dangerous
+and should thus only be used for experiments.  See also option
+@option{--ignore-mdc-error}.
 
 @item --pgp6
 @opindex pgp6
@@ -2750,8 +2750,9 @@ restricts you to the ciphers IDEA (if the IDEA plugin is installed),
 compression algorithms none and ZIP. This also disables
 @option{--throw-keyids}, and making signatures with signing subkeys as PGP 6
 does not understand signatures made by signing subkeys.
+FIXME: remove this options.
 
-This option implies @option{--disable-mdc --escape-from-lines}.
+This option implies @option{--escape-from-lines}.
 
 @item --pgp7
 @opindex pgp7
@@ -3234,7 +3235,7 @@ It is required to decrypt old messages which did not use an MDC.  It
 may also be useful if a message is partially garbled, but it is
 necessary to get as much data as possible out of that garbled message.
 Be aware that a missing or failed MDC can be an indication of an
-attack.  Use with caution.
+attack.  Use with great caution; see also option @option{--rfc2440}.
 
 @item --allow-weak-digest-algos
 @opindex allow-weak-digest-algos