Page MenuHome GnuPG
Create Task
Maniphest T6490

GPG 2.4.0 encrypting files with `--openpgp` flag does not make the encrypted file adhere to OpenPGP RFC
Closed, ResolvedPublic
Actions

Description

Hi,

We found out when using GPG 2.4.0 and encrypting with --openpgp flag does not make the encrypted file adhere to OpenPGP RFC.

Repro: encrypt a file in GPG 2.4.0 with --openpgp flag. The encrypted file will have new hashed subpacket type: subpacket 34, preferred AEAD algorithms. This is out of spec with https://www.rfc-editor.org/rfc/rfc4880#section-5.2.3.1

Best,
Vicky Wu

Details

Version
GPG 2.4.0

Event Timeline

vicwuqinyi created this task.May 15 2023, 4:42 PM
werner closed this task as Resolved.May 15 2023, 8:47 PM
werner claimed this task.
werner added a project: Not A Bug.
werner added a subscriber: werner.

--openpgp means the current OpenPGP standard as implemented by GnuPG. This was important in the first few years of OpenPGP but not anymore today. The option --rfc4880 might be what you want. Please keep also in mind that the preference list declares what a concrete implementation supports and not necessary what's in an RFC.