How to identify AEAD-enabled messages using PGPainless #440
-
Over at Password Store we've had a steady stream of users coming in with AEAD enabled keys and running into problems, which I've added detection for during key import but I'd also like to warn users when a password entry was created with an AEAD enabled key. Any help with building in such a detection mechanism would be greatly appreciated :) |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
The AEAD feature is denoted by the Edit: I will soon work on adding OpenPGP v6 features to BC, so stay tuned for native support :) |
Beta Was this translation helpful? Give feedback.
The AEAD feature is denoted by the
Features
subpacket.You could probably search the latest direct-key signature and primary user-id binding signature for the features subpacket and check, if
SignatureSubpacketsUtil.parseFeatures(signature).contains(Feature.MODIFICATION_DETECTION_2)
Edit: I will soon work on adding OpenPGP v6 features to BC, so stay tuned for native support :)