Recent changes in GnuPG version 2.2.8 in response to the EFAIL attack reject all encrypted data that don’t have Modification Detection Code (MDC) packet.
In order to address this as of version 3.1.3.2 DidiSoft OpenPGP Library for Java exposes a new property in the PGPLib class:
PGPLib.isIntegrityProtectArchives() PGPLib.setIntegrityProtectArchives(boolean) |
Example usage:
PGPLib pgp = new PGPLib(); pgp.setIntegrityProtectArchives(true); |
Setting this property will have affect on all subsequent encryption or one pass signing and encryption calls that don’t have the integrity check parameter. When the above property is set to true, integrity protection (Modification Detection Code) packet will be added to the encrypted data in the .pgp message to be compatible with GnuPG 2.2.8 and all new upcoming versions.
This change is especially for all methods that produce String output, because in those methods the integrity protection was missing up till now.
