GPG SUITE ERROR SOFTWARE
When you think your key is not at fault, please ask the message author of the problematic message about the software and version they are using and send us a report via System Preferences > GPG Suite Preferences. In case you are using a very old key with weak security, we recommend transitioning to a new key. Using a wrong key configuration, outdated software or old legacy keys with weak security can all result in messages lacking an integrity check. The causes for messages with no MDC can be various. We will also provide you with a workaround for GPGMail if necessary. This means that with GnuPG 2.1 adding -passphrase on the command line will no longer work out of the box. The private key, which is protected by a passphrase, is handled by gpg-agent. Please get in touch with us via System Preferences > GPG Suite Preferences. (With gpg -debug help showing available choices to give after -debug.) gpg -debug-all -vvv hello.gpg Passphrase on the command line. Since Efail is foremost a method to exfiltrate decrypted content from a specially crafted email, we would like to know more if you encounter a missing or modified MDC error with in one of your emails.
![gpg suite error gpg suite error](https://i.stack.imgur.com/SYdEa.png)
To decrypt messages in GPGServices mark the OpenPGP message, right-click and select Services > OpenPGP: Decrypt Selection. To decrypt files in GPGServices right-click the file and select Services > OpenPGP: Decrypt File. Only continue if you know what you are doing and are certain the message or file has not been modified. GPGServices displays a warning for messages or files that do not have an integrity check. We strongly suggest to not use the workarounds with newly received messages. They are not at all meant to be longterm solutions but merely a workaround to access old messages on which you rely. GPG Suite 2018.3 added the ability to decrypt messages and files, which have no integrity protection, in GPGServices and GPGMail. Decrypting legacy messages or files with no MDC So only use the workarounds, if you are absolutely certain that the message or file has not been modified. We do not recommend this, since without integrity protection (missing modification detection code) it is not possible to determine whether or not the encrypted data has been modified. gpg -output foo.
![gpg suite error gpg suite error](https://www.thepolyglotdeveloper.com/uploads/2019/02/gpg-tools-new-key.png)
We can also optionally specify the output file with -output option like below.
![gpg suite error gpg suite error](https://gpgtools.org/images/screenshots/gpgmail-new-message.1506349762.png)
Since more users than we anticipated rely on messages or files using no MDC, we added options in GPGServices and GPGMail to still decrypt such messages or files. Now if we received a file that is encrypted by our Public Keys we need to decrypt it with our Private Key. Those mitigations were published with GPG Suite 2018.2 for macOS 10.13 High Sierra and 2018.3 for macOS 10.12 Sierra. Part of the mitigations against the Efail vulnerability ( ), are that messages with no integrity check are no longer decrypted. However, old keys that use old algorithms don't automatically benefit from MDC. MDC was introduced in 2001 and is enabled by default for new keys in GnuPG since 2003.
GPG SUITE ERROR CODE
Modification Detection Code (MDC) is an integrity check for OpenPGP messages which helps detect if messages have been tampered with.