mirror of
https://github.com/openpgpjs/openpgpjs.git
synced 2025-06-09 07:36:42 +00:00
f77da9cdb0
The config option must be set when reading v4 private keys (e.g. those generated in OpenPGP.js by default, without setting `config.v5Keys = true`) which were encrypted by OpenPGP.js v5 (or older) using `config.aeadProtect = true`. Otherwise, key parsing and/or key decryption will fail. Additional context: OpenPGP.js up to v5 used to support encrypting v4 keys using AEAD as specified by draft RFC4880bis (https://www.ietf.org/archive/id/draft-ietf-openpgp-rfc4880bis-10.html#section-5.5.3-3.5). Said AEAD mechanism was not standardized as-is, and it's been replaced in the crypto-refresh with a new version that guarantees full key integrity on decryption. The legacy AEAD format is incompatible, but fundamentally indistinguishable, from that of the crypto-refresh for v4 keys. Thus, we rely on the caller to instruct us to process the key as legacy, via the new config flag. Co-authored-by: Daniel Huigens <d.huigens@protonmail.com>