#2041 new
Marc Wilhelm

GPG decryption has stopped working, if not all content of the message was signed.

Reported by Marc Wilhelm | July 2nd, 2018 @ 08:59 AM

Hello,

since some days, if see the following message:

"Trusted signature for parts of OpenPGP message. It is important to note that not all content of the message was signed."

but I can't decrypt the message automatically. My current workaround is saving the content and decrypting it manually by

gpg2 --ignore-mdc-error ~/Downloads/encrypted.asc

This is a critical function for me. Is there an option how I could reactivate the GPG decryption feature again?

Best regards
Marc

=== Decryption Details ===

ENC_TO B5E256C160D917B8 1 0
KEY_CONSIDERED 23185F94E439A94FC38087FC49208CD187CB6CC2 0
KEY_CONSIDERED 23185F94E439A94FC38087FC49208CD187CB6CC2 0
DECRYPTION_KEY 37E85D1F2DC2EC44ACAA984DB5E256C160D917B8 23185F94E439A94FC38087FC49208CD187CB6CC2 u
ENC_TO B5E256C160D917B8 1 0
ENC_TO 594D1CB08A48570F 1 0
KEY_CONSIDERED 1CA7B220E7E270BAEFF815E6594D1CB08A48570F 0
NO_SECKEY 594D1CB08A48570F
KEY_CONSIDERED 23185F94E439A94FC38087FC49208CD187CB6CC2 0
NO_SECKEY B5E256C160D917B8
BEGIN_DECRYPTION
DECRYPTION_INFO 0 3
PLAINTEXT 62 1530517497
PLAINTEXT_LENGTH 1284
NEWSIG Georg%20Kramer%20georg.kramer@telekom.de
SIG_ID xjWjGGRhCr12DpKZ+B8Vy/vAd+I 2018-07-02 1530517497
KEY_CONSIDERED 1CA7B220E7E270BAEFF815E6594D1CB08A48570F 0
GOODSIG 594D1CB08A48570F Georg Kramer georg.kramer@telekom.de
VALIDSIG 1CA7B220E7E270BAEFF815E6594D1CB08A48570F 2018-07-02 1530517497 0 4 0 1 8 00 1CA7B220E7E270BAEFF815E6594D1CB08A48570F
TRUST_ULTIMATE 0 pgp
VERIFICATION_COMPLIANCE_MODE 23
ERROR nomdc_with_legacy_cipher 152
tru::1:1526976228:1534698479:3:1:5
pub:u:2048:1:594D1CB08A48570F:1483595916:1546667916::u:::escaESCA::::::23::0:
fpr:::::::::1CA7B220E7E270BAEFF815E6594D1CB08A48570F:
uid:u::::1483595916::1F6E026F5D494EAA3B89DAE14D151C5E3D7AE7E3::Georg Kramer georg.kramer@telekom.de::::::::::0:
sub:u:2048:1:594D1CB08A48570F:1483595916:1546667916:::::esca::::::23:
fpr:::::::::1CA7B220E7E270BAEFF815E6594D1CB08A48570F:

Comments and changes to this ticket

  • benny

    benny July 4th, 2018 @ 07:54 AM

    • State changed from “new” to “accepted”

    First of all, it is no longer considered safe to encrypt a message without MDC integrity protection. You should contact the sender such that he can fix that part of the issue at his end. Otherwise he's likely to experience similar issues with other correspondents in the future.

    Now, it would be nice if MailMate could somehow warn the user about the problem and then allow the user to decrypt anyways. In particular, because users might have old emails which still need to be encrypted. I'll have to think about this.

    I could make a quick workaround which simply adds --ignore-mdc-error if a hidden preference is enabled. Would you like me to do this?

  • Marc Wilhelm

    Marc Wilhelm July 4th, 2018 @ 08:00 AM

    Thank you for your answer.
    Meanwhile I have found a workaround by adding "ignore-mdc-error" to "~/.gnupg/gpg.conf". Hence, I could work again and we could close this issue.

    BR
    Marc

  • benny

    benny July 4th, 2018 @ 08:23 AM

    Ah yes, that would essentially be the same I would have provided you with a hidden preference. It's not a good long-term solution though. I'll keep the ticket open to track the implementation of a safer approach.

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Mac OS X email client.

Shared Ticket Bins

People watching this ticket

Pages