Deprecate SerializeEncryptedKey[WithHiddenOption] and SerializeSymmetricKeyEncryptedReuseKey

twiss · twiss · commit 1efe4a001d60 · 2024-11-11T17:45:09.000+01:00
These functions don't allow explicitly indicating whether AEAD is
supported and are thus prone to misuse. The *AEAD versions should
be used instead.
diff --git a/openpgp/packet/encrypted_key.go b/openpgp/packet/encrypted_key.go
@@ -426,6 +426,7 @@ func SerializeEncryptedKeyAEADwithHiddenOption(w io.Writer, pub *PublicKey, ciph
 // key, encrypted to pub.
 // PKESKv6 is used if config.AEAD() is not nil.
 // If config is nil, sensible defaults will be used.
+// Deprecated: Use SerializeEncryptedKeyAEAD instead.
 func SerializeEncryptedKey(w io.Writer, pub *PublicKey, cipherFunc CipherFunction, key []byte, config *Config) error {
 	return SerializeEncryptedKeyAEAD(w, pub, cipherFunc, config.AEAD() != nil, key, config)
 }
@@ -434,6 +435,7 @@ func SerializeEncryptedKey(w io.Writer, pub *PublicKey, cipherFunc CipherFunctio
 // key, encrypted to pub. PKESKv6 is used if config.AEAD() is not nil.
 // The hidden option controls if the packet should be anonymous, i.e., omit key metadata.
 // If config is nil, sensible defaults will be used.
+// Deprecated: Use SerializeEncryptedKeyAEADwithHiddenOption instead.
 func SerializeEncryptedKeyWithHiddenOption(w io.Writer, pub *PublicKey, cipherFunc CipherFunction, key []byte, hidden bool, config *Config) error {
 	return SerializeEncryptedKeyAEADwithHiddenOption(w, pub, cipherFunc, config.AEAD() != nil, key, hidden, config)
 }
diff --git a/openpgp/packet/symmetric_key_encrypted.go b/openpgp/packet/symmetric_key_encrypted.go
@@ -195,6 +195,7 @@ func SerializeSymmetricKeyEncrypted(w io.Writer, passphrase []byte, config *Conf
 // the given passphrase. The returned session key must be passed to
 // SerializeSymmetricallyEncrypted.
 // If config is nil, sensible defaults will be used.
+// Deprecated: Use SerializeSymmetricKeyEncryptedAEADReuseKey instead.
 func SerializeSymmetricKeyEncryptedReuseKey(w io.Writer, sessionKey []byte, passphrase []byte, config *Config) (err error) {
 	return SerializeSymmetricKeyEncryptedAEADReuseKey(w, sessionKey, passphrase, config.AEAD() != nil, config)
 }

Original file line number	Diff line number	Diff line change
`@@ -195,6 +195,7 @@ func SerializeSymmetricKeyEncrypted(w io.Writer, passphrase []byte, config *Conf`
`195`	`195`	`// the given passphrase. The returned session key must be passed to`
`196`	`196`	`// SerializeSymmetricallyEncrypted.`
`197`	`197`	`// If config is nil, sensible defaults will be used.`
	`198`	`+// Deprecated: Use SerializeSymmetricKeyEncryptedAEADReuseKey instead.`
`198`	`199`	`func SerializeSymmetricKeyEncryptedReuseKey(w io.Writer, sessionKey []byte, passphrase []byte, config *Config) (err error) {`
`199`	`200`	`return SerializeSymmetricKeyEncryptedAEADReuseKey(w, sessionKey, passphrase, config.AEAD() != nil, config)`
`200`	`201`	`}`