You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
openpgp.Encrypt writes the signature packet after the encrypted key and the symmetrically encrypted packet. According to the RFC, an OpenPGP signed message is either a signature packet followed by a message or a one-pass signed message (https://tools.ietf.org/html/rfc4880#section-11.3).
Thus, this implementation is violating the RFC by writing the message followed by the signature (no one-pass). To fix it, a one-pass signature packet (https://tools.ietf.org/html/rfc4880#section-5.4) should be written before the encrypted message.
The text was updated successfully, but these errors were encountered:
openpgp.Encrypt
writes the signature packet after the encrypted key and the symmetrically encrypted packet. According to the RFC, an OpenPGP signed message is either a signature packet followed by a message or a one-pass signed message (https://tools.ietf.org/html/rfc4880#section-11.3).Thus, this implementation is violating the RFC by writing the message followed by the signature (no one-pass). To fix it, a one-pass signature packet (https://tools.ietf.org/html/rfc4880#section-5.4) should be written before the encrypted message.
The text was updated successfully, but these errors were encountered: