diff options
| author | Werner Koch <wk@gnupg.org> | 2021-02-10 14:31:34 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2021-02-10 14:40:02 +0100 |
| commit | 825dd7220ff6079cbe2d0df7fde93526c077fb6d (patch) | |
| tree | 8326478d78d1c32eebe440eaa99298dca77e11e4 /tests | |
| parent | Remove obsolete M4 macros. (diff) | |
| download | gnupg2-825dd7220ff6079cbe2d0df7fde93526c077fb6d.tar.xz gnupg2-825dd7220ff6079cbe2d0df7fde93526c077fb6d.zip | |
gpg: Do not allow old cipher algorithms for encryption.
* g10/gpg.c: New option --allow-old-cipher-algos.
(set_compliance_option): Set --rfc4880bis explictly to SHA256 and
AES256. Allow old cipher algos for OpenPGP, rfc4880, and rfc2440.
* g10/options.h (opt): Add flags.allow_old_cipher_algos.
* g10/misc.c (print_sha1_keysig_rejected_note): Always print the note
unless in --quiet mode.
* g10/encrypt.c (setup_symkey): Disallow by default algos with a
blocklengt < 128.
(encrypt_crypt): Ditto. Fallback by default to AES instead of 3DES.
* g10/pkclist.c (algo_available): Take care of old cipher also.
(select_algo_from_prefs): Use AES as implicit algorithm by default.
* tests/openpgp/defs.scm (create-gpghome): Set allow-old-cipher-algos.
--
GnuPG-bug-id: 3415
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/openpgp/defs.scm | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/tests/openpgp/defs.scm b/tests/openpgp/defs.scm index fab033659..3f6248f9e 100644 --- a/tests/openpgp/defs.scm +++ b/tests/openpgp/defs.scm @@ -345,6 +345,7 @@ "no-auto-key-retrieve" "no-auto-key-locate" "allow-weak-digest-algos" + "allow-old-cipher-algos" "ignore-mdc-error" (if have-opt-always-trust "no-auto-check-trustdb" "#no-auto-check-trustdb") |