blob: 821038f3139b0f514edfaad6ede544f99654eeb3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
From: Andreas Metzler <ametzler@debian.org>
Date: Thu, 9 May 2024 13:57:27 +0200
Subject: Do not use OCB mode even if AEAD: OCB key preference is set.
Origin: vendor
Forwarded: not-needed
Last-Update: 2024-05-09
(overrideable with --force-ocb)
---
g10/encrypt.c | 6 ++++++
tests/openpgp/encrypt.scm | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/g10/encrypt.c b/g10/encrypt.c
index a4863fa..d2ad3fe 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -279,6 +279,12 @@ use_aead (pk_list_t pk_list, int algo)
}
return AEAD_ALGO_OCB;
}
+ else
+ {
+ /* Ignore AEAD: OCB key preference unless --force-ocb is set. It is
+ * a LibrePGP feature. */
+ return 0;
+ }
/* AEAD does only work with 128 bit cipher blocklength. */
if (!can_use)
diff --git a/tests/openpgp/encrypt.scm b/tests/openpgp/encrypt.scm
index ef2f7b0..a44f5ca 100755
--- a/tests/openpgp/encrypt.scm
+++ b/tests/openpgp/encrypt.scm
@@ -88,7 +88,7 @@
(lambda (source)
(tr:do
(tr:open source)
- (tr:gpgstatus "" `(--yes -e
+ (tr:gpgstatus "" `(--yes -e --force-ocb
-r ,"patrice.lumumba"
-r ,"mahsa.amini"))
(tr:call-with-content
|
