encryption - gpg signing seems to "remove" integrity -

-

the google not answering question because google results flooded question similar mine in form quite different in meaning. i'm mentioning because know there common issue complaint message integrity when cast5 (the default) used. want clear not asking cast5, asking question aes256 (always aes256, have default set aes256), i'm curious differences between signed , unsigned. okay, so, here goes:

when using gpg aes256, message integrity "turned on" default don't complaints message integrity when encrypting symmetrically aes256. example, suppose have file "test.txt":

 $ ls test.txt  $ cat test.txt blah blah blah

and encrypt symmetrically:

 $ gpg --symmetric ./test.txt        <---[symmetric aes256]  $ ls test.txt  test.txt.gpg  $ gpg -d ./test.txt.gpg gpg: aes256 encrypted data gpg: encrypted 1 passphrase     <---[no complaint integrity] blah blah blah

but, if add signature gpg complains message integrity, though i'm still using aes256. this:

 $ gpg --symmetric --sign ./test.txt  need passphrase unlock secret key user: "hft" 4096-bit rsa key  gpg: aes256 encryption used

now, when decrypt complaint integrity:

 $ gpg -d ./test.txt.gpg gpg: aes256 encrypted data gpg: encrypted 1 passphrase blah blah blah gpg: signature made thu, jun 18, 2015 gpg: signature "hft" gpg: warning: message not integrity protected

i know can force complaint go away of use --force-mdc this:

 $ gpg --symmetric --sign --force-mdc ./test.txt

but, question is: gpg "turn off" aes256 macing integrity when elect sign message private key? though "turned on" aes256 when don't sign? or bug? seems ridiculous turn off integrity mac because signed asymmetric key.


Comments

Post a Comment

Popular posts from this blog

python - How to create jsonb index using GIN on SQLAlchemy? -

-
here's current code creating index jsonb. index("mytable_data_idx_id_key", mytable.data['id'].astext, postgresql_using='gin') but got error. sqlalchemy.exc.programmingerror: (psycopg2.programmingerror) data type text has no default operator class access method "gin" hint: must specify operator class index or define default operator class data type. [sql: "create index event_data_idx_id_key on event using gin ((data ->> 'id'))"] is there way create index on sqlalchemy? the postgresql specific sqlalchemy docs @ http://docs.sqlalchemy.org/en/latest/dialects/postgresql.html#operator-classes mention postgresql_ops dictionary provide "operator class" used postgresql, , provide example illustrating use: index('my_index', my_table.c.id, my_table.c.data, postgresql_ops={ 'data': 'text_pattern_ops', ...
Read more

PHP DOM loadHTML() method unusual warning -

-
i had following code works fine on localhost: $document = new domdocument(); $document->loadhtml($p_result); $form = $document->getelementsbytagname('form')->item(0); // code continues using $form variable after same code updated on outside server, loadhtml() failed , issued warning. warning: domdocument::loadhtml() expects parameter 1 valid path, string given in path/name/to/script.php returned null instead of object code pretty gets fatal error. note contents of $p_result absolutely same on outside server , on localhost. but why displays kind of warning , why not work? doesn't loadhtml() expects argument 1 string in first place? why method expects parameter 1 valid path ? just make clear i'm not calling loadhtmlfile() , i'm calling loadhtml() . thanks. you're affected one of php bugs . issue present in php 5.6.8 , 5.6.9. have affected php version on server, , bug-free version on localhost. the bug forbids null ...
Read more

c# - TransactionScope not rolling back although no complete() is called -

-
i'm using transactionscope rollback transaction fail bool errorreported = false; action<importerrorlog> newerrorcallback = e => { errorreported = true; errorcallback(e); }; using (var transaction = new transactionscope()) { foreach (importtaskdefinition task in taskdefinition) { loader.load(streamfile, newerrorcallback, task.destinationtable, processingtaskid); } if (!errorreported) transaction.complete(); } i'm sure there no transactionscope started ahead or after code. i'm using entity framework insert in db. regardless state of errorreported transaction never rolled in case of error. what missing ? transactionscope sets transaction.current . that's does. wants transacted must @ property. i believe ef each time connection opened reason. probably, connection open when scope installed. open connection inside of scope or enlist manually. ef has nasty "design decision": default opens ...
Read more