openpgp unsupported feature about hydroxide HOT 68 CLOSED

There isn't a single comment above yours that comes off as self-entitled

This is ridiculous. The only person who's acting entitled here is you - apparently you're entitled to @emersion's time and work for free. Is that any way to thank someone who's made a great project that you obviously find useful and important? That's sick.

You need to correct your attitude about open source. If you want something, it's up to you to do it. Not anyone else.

from hydroxide.

With all due respect, I find it a bit alarming that the maintainer of this repository would say something like that.

There isn't a single comment above yours that comes off as self-entitled. Everyone is just trying to help. The community has tried your suggestions, and your suggestions have failed.

We are now turning to you asking what to do next. This is an open source project, but you understand this codebase more than anyone. It makes sense that people would ask you.

You mentioned that you "share it so it can be useful to other people too," but I'm in the same boat as everyone else here - this bug prevents this code from working for me, and therefore it is useless to me. "But it works on my machine" has never been a good enough answer in the history of software development.

I would like to use this software, and while you rightfully can't be compelled to do anything for us, I'm sure I speak for everyone when I say we would appreciate just a little enthusiasm.

from hydroxide.

Woah dude, calm down. That's not my stance at all. I was just trying to nudge this issue in the right direction and get some answers from emersion that he's been apparently reluctant to provide.

I'm not "sick." Don't speak for me. My attitude about open source is sane. I already put in my comment that we can't and don't expect anything from him, and I completely realize that. Your comment is extremely more hostile than mine could have ever been interpreted as.

And by the way, I don't find this project important or useful, because I've never used it before and this bug prevents me from using it at all. Therefore, this repository is about as useful to me as an empty repository.

Again, emersion is the maintainer of the project. I was trying to politely ask for some additional answers from someone with the most familiarity with the code out of anyone. That's a fair thing to ask. I didn't make any demands.

So can you correct your attitude?

from hydroxide.

I encountered this error with one of my alias addresses and solved it by changing my security key to rsa 2048-bit in my protonmail setttings and making that key primary.

https://protonmail.com/support/knowledge-base/pgp-key-management/

from hydroxide.

I tried some of the suggestions:
If I replace all occurrences of golang.org/x/crypto in this repo with github.com/ProtonMail/crypto, go build fails with

build github.com/emersion/hydroxide/cmd/hydroxide: cannot load golang.org/x/crypto/openpgp/ecdh: cannot find module providing package golang.org/x/crypto/openpgp/ecdh

(also, go get puts golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c // indirect in go.mod)

If I replace golang.org/x/crypto with github.com/keybase/go-crypto instead, go build fails with

# github.com/emersion/hydroxide/protonmail
../../protonmail/contacts.go:149:53: too few values in &openpgp.Key literal
../../protonmail/crypto.go:48:68: too few values in openpgp.Key literal
../../protonmail/crypto.go:57:54: too few values in openpgp.Key literal
../../protonmail/crypto.go:81:68: too few values in openpgp.Key literal
../../protonmail/crypto.go:88:54: too few values in openpgp.Key literal

from hydroxide.

With all due respect, I find it a bit alarming that the maintainer of this repository would say something like that.

I'm just saying that I think it's perfectly fine to publish a release when it's not working for you. I really don't understand what's "alarming". I don't want to be hostile, I just want to be clear.

"But it works on my machine" has never been a good enough answer in the history of software development.

I'm not saying that this bug doesn't exist. I'm just saying that I won't be the one to fix it, because it doesn't affect me.

Regarding the rest of the discussion, which is somewhat unrelated to the beginning of your comment: you don't need a good understanding of the codebase to fix this issue. Take an example Go code that loads a PGP key, and try to understand why it doesn't load your key. We just need someone to sit down and take the time to do it. Really, this is more of a Go issue than a hydroxide issue.

Let's stop the discussion about what users should expect from an open-source maintainer. I think everybody has understood my point.

from hydroxide.

@wmark Thanks for the pointer.

@cookiengineer Can you try replacing golang.org/x/crypto with github.com/keybase/go-crypto? See this blog post for directions: https://research.swtch.com/vgo-tour#replacing

from hydroxide.

I don't see the point in doing a Pre-release 0.2.1 as this bug make it nonfunctional.

Works for me. I'm not affected by this bug so it's not like I personally care. It you care, please investigate and send a patch.

I want to remind you that I'm a volunteer working on this project during my free time. My goal is not to make people use my software. I just share it so that it can be useful to other people too.

from hydroxide.

@nast90210 Tested nast90210/0.2.2 latest. It builds, but auth panics:

./hydroxide auth myusername
Password: 
2FA code: XXXXXX
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x298acc]

goroutine 1 [running]:
github.com/keybase/go-crypto/openpgp.checkDetachedSignature(0x0, 0x0, 0x4419e8, 0x252c180, 0x441ec8, 0x26c212c, 0x20, 0x397458, 0x252c101, 0x252c180)
        /home/thrall/go/pkg/mod/github.com/keybase/[email protected]/openpgp/read.go:450 +0x148
github.com/keybase/go-crypto/openpgp.CheckDetachedSignature(0x0, 0x0, 0x4419e8, 0x252c180, 0x441ec8, 0x26c212c, 0x3e, 0x243cc00, 0xa7144)
        /home/thrall/go/pkg/mod/github.com/keybase/[email protected]/openpgp/read.go:411 +0x44
github.com/emersion/hydroxide/protonmail.decodeModulus(0x288c2c0, 0x282, 0x0, 0x7cc08, 0x2470128, 0x287d000, 0x1000)
        /home/thrall/Dev/emersion/hydroxide/protonmail/srp.go:25 +0xf8
github.com/emersion/hydroxide/protonmail.srp(0x243cd64, 0x16, 0x20, 0x2496548, 0x16, 0x20, 0x39)
        /home/thrall/Dev/emersion/hydroxide/protonmail/srp.go:151 +0x28
github.com/emersion/hydroxide/protonmail.(*Client).Auth(0x243cf80, 0xbe8bf8f9, 0x9, 0x24849a0, 0x16, 0x276a380, 0x6, 0x2496548, 0x2486300, 0x208201, ...)
        /home/thrall/Dev/emersion/hydroxide/protonmail/auth.go:130 +0x60
main.main()
        /home/thrall/Dev/emersion/hydroxide/cmd/hydroxide/hydroxide.go:98 +0xaa4

(I tried a few times on the off-chance I mis-typed my password)

from hydroxide.

Good. Will publish a new release with this fix. Leaving this open since we still can't read some keys.

from hydroxide.

Seems like a public key not supported by Go's OpenPGP library. Would you be willing to share your public key so that it can be reported upstream?

from hydroxide.

Hi!

I'm getting the same issue with a brand new protonmail account, am I doing something wrong? :(

from hydroxide.

My public key is vanilla — generated by ProtonMail and resides on their keyserver. It’s standard 2048b RSA — never changed.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP.js v3.1.3
Comment: https://openpgpjs.org

xsBNBFambncBCAC6+jFaReHRLmMSVk5nKBDsAeJIxzbcQQRxTHHGLyxu0Wr1
7GEOf9GI4nnN2qheMSaxswU9CtTCa0noKQU7mt6J+yUQFpzZteRbQ/7WWmtR
SwDmr3kq/7rMIwIe7aCWzNL6bZAsWfwOnAgx1mm5Ugwm3hBohDJZGnAulFIN
QMJoP/fH2Ym7n2AFka+zTFE/NGnpJTgd6Hu3XS9lbeGBoY4/7K8cjIYrXuaI
MeOk/hsIWGKtKqE1uYrvoVEI731c/KI7sh3QZjxFVXgOdO6H+Sp+Y5KLkT5O
gIrVgblrwkUqBhVhvWeqN5jAQErPGcocKRALjBbSIPk6qh3O4k4+BSKDABEB
AAHNO2FkYW0ucGlvdGVyZWtAcHJvdG9ubWFpbC5jb20gPGFkYW0ucGlvdGVy
ZWtAcHJvdG9ubWFpbC5jb20+wsB1BBABCAApBQJY3pUlBgsJBwgDAgkQJELi
d3bgpXgEFQgKAgMWAgECGQECGwMCHgEAAA9hB/9d0BfRtZXUcoGVgPMh/BEK
SVfAS4dMJNevE6Xzst5bQee7b49RU0NZgpFGSLjWXTli0B8rfq9X9ZYFqi+i
/3aDObubA9Xo/djrqEMgvHBiLCD6WxoBWeXooKTlcTIx4h+mMk0KrGWpou0X
k6wdFBPFSH3Jro8pPLXS5ODrBjSpczNkmW1RuMyKdPjBT+9FN31W2xs4KPyn
fCnxK3GS/m/+H9i7hz45rmN5AXzmiSt1zcUCgD6aqt+rzUEvgduqAxF37LUD
WwsyH4MamWK+YxEawIreBrsKM3u6ia3mEyO1XYmMnkIhJflohw05v59/5Iwk
OcrBU2N/pEd/sUuXbH8zzsBNBFambncBCACzlkqfiOChnjkj0QZJqrWEgbu4
X2C8YuLfSjyhUzFjSkcC5JatkR3+9K0KX7X/Izlj36kzGy6EXATTUHKZpYZ3
YEYqD3NbWcVbEJ8ByT5/gyHq1luUrWcm41g69y8uzutjniMz/qTL/bsaRB9L
fM0O0n6X1UHIePWp9uTcMOIkmESO9py6fvTWlb15Mr4DVmY93z7cyIFSR0u7
2ZBwnMm3dEyc6MH4JijbavdXleerhmzedri6FKz3mCRbz4Z8TgDyGf5NcXD5
XEibLIePX99kMYPzhDnFqucRlt2gDLj/yCXkE7rTv8sBjdXJwkv6ZECM/PEm
8Eb4SiJVhjp2vl5TABEBAAHCwF8EGAEIABMFAljelSYJECRC4nd24KV4AhsM
AADBzAgAkL0NwTAjD+tKtwsO4mPTb5TN1UiU6DIFV2XeTmozUywnCdJjDlH1
DCZ5m3p7k8Q0HCdb5R/QPc+J8QOuqWH0YHCHaZW3qBf9tRe8PT/At14WviVq
uapLPOm4VplsQrP20D/KZPdWyDsepJNzBodhOnXSF4cfsJbg/DSygp+4txIc
vdQunZh7gL17TL6M2JI5suFhu0nmVZhOjdrqAiN6CYqPxItRIQH/DGPKfcsm
jovdDarfn/xCEoTQNSvtxD4cxN6gXEtOUXDt/wd9PK6wUr3CXdvLK189o59h
5khILLQgQOyKt8IMySGDwD8l87kpFiZc9SRvS2hSh6xd2EUs5w==
=hvEC
-----END PGP PUBLIC KEY BLOCK-----

from hydroxide.

All right, this seems related to this issue: golang/go#18576

from hydroxide.

FWIW, ProtonMail has a fork with support for ECC signatures. I'm not convinced this is high-quality enough for us to switch to it, it would be a lot better if they/someone upstreamed it. However one could try to use it instead of x/crypto/openpgp.

from hydroxide.

Maybe we could check if the Keybase fork supports it.

from hydroxide.

At this risk of betraying how ignorant I am of these cryptographic matters, I'm curious: how did this change out from under us? This was working just a week or two ago - what's the difference now? Is there anything I can do to get it working again or fix the problem?

from hydroxide.

@apiote I can load your public key without any issue. Here's the code I used: https://gist.github.com/emersion/c71522528309898e67594e259542bb0b

Also useful for debugging is this command: gpg --list-packets --verbose --armor.

Maybe the issue comes from another public key? Or maybe a private key?

@d4hines It would be useful to try to switch to ProtonMail's fork (or Keybase's) and see if it fixes the issue.

from hydroxide.

I tried the code with my private key (I exported some time ago from Protonmail) and it can be loaded without errors. All my public and private keys work with Your code.

I would have to check the key sent after successful authentication (but it should be the same as my exported key).

from hydroxide.

✘  ~/projects/hydroxide   master  ./hydroxide auth <redacted>@protonmail.com 
Password: 
2019/01/11 15:27:46 openpgp: unsupported feature: public key algorithm 22

I can confirm that too

from hydroxide.

I ran into this today. My key is just the one protonmail sets up for you.

Anything I can do to help figure this out?

edit: I just moved to self hosted

from hydroxide.

Try the ProtonMail fork, try the Keybase fork.

from hydroxide.

FYI, public key algorithm 22 is EdDSA. You need to verify your implementation with a eddsa signature. Using a RSA2048 key (from above) in this context is misleading.

Fastest way to get one is to generate a ed25519 keypair by gpg, and to sign sth. with it.

$ cat >/tmp/new-key.conf <<EOF
Key-Type: eddsa
Key-Curve: Ed25519
Key-Usage: sign
Name-Real: Some User
Name-Email: [email protected]
Subkey-Type: eddsa
Subkey-Curve: Ed25519
Subkey-Usage: sign
Expire-Date: 2022-02-22
Preferences: AES256 AES192 AES SHA256 Uncompressed
%commit
EOF

$ gpg --batch --gen-key /tmp/new-key.conf

from hydroxide.

Having this issue as well on my end.

from hydroxide.

Any progress? I ran into the same problem. Is there anything I can do to help?

from hydroxide.

Yes. Please try the forks linked above and see if they support your key.

from hydroxide.

@emersion Can you offer an instruction on how to do so for dummies that are not familiar with go programming?

• Where do I get my keys from, and how?
• What to compare against what?
• What tools to use to verify

Currently this issue is blurrish, because I have no effing clue where hydroxide stores the keys, and whether even it does or not, and what to do with them.

from hydroxide.

The keybase.io fork has what you need.

Please forgive me for not sharing a PR or the like—I don't use this project. Just happened upon the error message.

from hydroxide.

I tried to build with keybase fork
with replace golang.org/x/crypto => github.com/keybase/go-crypto v0.0.0-20181127160227-255a5089e85a inside the go.mod

with no luck I get go: github.com/keybase/[email protected] used for two different module paths (github.com/keybase/go-crypto and golang.org/x/crypto)
and it doesn't build

from hydroxide.

A quick fix would be to replace all occurrences of golang.org/x/crypto with github.com/keybase/go-crypto instead.

from hydroxide.

I too attempted to replace /x/crypto/ with /keybase/go-crypto/. I also made sure to replace all calls to */x/crypto/* with the path to the keybase version as well.

$ hydroxide auth <username>
Password: *********
2FA: 123456

Still returns 2019/03/11 14:10:21 openpgp: unsupported feature: public key algorithm 22 so I don't believe this has anything to do with the dependency being used. Here's my fork

from hydroxide.

• https://github.com/keybase/go-crypto/blob/255a5089e85a475b944ad3c159af0de73fbe66b1/openpgp/packet/packet.go#L422
• https://github.com/keybase/go-crypto/blob/255a5089e85a475b944ad3c159af0de73fbe66b1/openpgp/packet/public_key.go#L307
• https://github.com/keybase/go-crypto/blob/255a5089e85a475b944ad3c159af0de73fbe66b1/openpgp/packet/signature.go#L207

… is why I claimed Keybase.io's fork had it.

from hydroxide.

Hi all!
Protonmail has mirror of Golang crypto in github.com/ProtonMail/crypto. May be it can be used to fix that bug?

from hydroxide.

Yes, that's part of the suggestions above. Please try it.

from hydroxide.

Whether or not this project is useful to you is really not its concern. It's your concern.

from hydroxide.

(This is the point, in a corporate environment, when a PM or tech lead, or moderator, steps in to protect the team and constructive contributions.)

from hydroxide.

i'm having the same issue when trying to authenticate
might look into it myself this weekend, might be a good way for me to get started with go-lang
EDIT; weird though, my protonmail account only shows RSA keys, and I still get the error

from hydroxide.

Hi! I fix it, but I don't know how to make pull request(( Give me a moment to read GitHub manual)))

from hydroxide.

If some users could try #51, check that it fixes the issue and doesn't introduce regressions that would be nice :)

from hydroxide.

@emersion I can confirm that the patches proposed in #51 solved the issue for me

(@nast90210)

from hydroxide.

I can also confirm that #51 makes auth work for me too.

from hydroxide.

@Thra11 did you try last version of patch??

from hydroxide.

No. I tested it on Saturday.

from hydroxide.

@Thra11 can you test the last one plz. @emersion get error on auth, but I don't

from hydroxide.

@nast90210 I tested your patch and I'm still seeing "unsupported feature: public key algorithm 22"

from hydroxide.

@rootd Do you have a free Protonmail account? I also still see the error with the patch, but I do have a free account, so I'm not sure if that would be related or not.

from hydroxide.

Probably not related, I have this error and I don't have a free account. This seems like a keybase/go-crypto bug.

from hydroxide.

@ianmcb nope I have a ProtonMail Plus account

from hydroxide.

Ok, so what I found out about error: public key algorithm 22 is name for EDDSA algorithm. Currently it doesn't supported by golang.org/x/crypto - here is issue golang/go#25355 and supported in github.com/keybase/go-crypto. Quick fix is use github.com/keybase/go-crypto, but may be we can wait till golang.org/x/crypto support TSL 1.3??
My fix from branch 0.2.2 work for me and some over users, but I think the best will be just wait for implementation of EDDSA in golang.org/x/crypto

from hydroxide.

@nast90210 I've tested you latest version of the patch and got a segmentation violation

 /t/hydroxide   0.2.2 ±  ./hydroxide auth ****
Password:
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x28 pc=0x723174]

goroutine 1 [running]:
github.com/keybase/go-crypto/openpgp.checkDetachedSignature(0x0, 0x0, 0x94d120, 0xc0004aa2d0, 0x94d7c0, 0xc0004d2058, 0x3e, 0xc0000d9b08, 0x3, 0xc000030070)
	/home/void/projects/go/pkg/mod/github.com/keybase/[email protected]/openpgp/read.go:450 +0x1b4
github.com/keybase/go-crypto/openpgp.CheckDetachedSignature(...)
	/home/void/projects/go/pkg/mod/github.com/keybase/[email protected]/openpgp/read.go:411
github.com/emersion/hydroxide/protonmail.decodeModulus(0xc0004ce2c0, 0x282, 0xc0000d9b18, 0xc0000d9b40, 0x66c166, 0xc000176210, 0x0)
	/tmp/hydroxide/protonmail/srp.go:25 +0x138
github.com/emersion/hydroxide/protonmail.srp(0xc0000d9c08, 0x8, 0x20, 0xc0000d22d0, 0x8, 0x20, 0xc00009efc0)
	/tmp/hydroxide/protonmail/srp.go:151 +0x4d
github.com/emersion/hydroxide/protonmail.(*Client).Auth(0xc0000d9f00, 0x7ffc6af7fba2, 0x4, 0xc0000b0370, 0x8, 0x0, 0x0, 0xc0000d22d0, 0x8, 0x8, ...)
	/tmp/hydroxide/protonmail/auth.go:130 +0x9f
main.main()
	/tmp/hydroxide/cmd/hydroxide/hydroxide.go:98 +0xdb8

from hydroxide.

For some reason I've been able to reproduce today.

I've pushed a fix which shouldn't weaken security while still using the official Go library. It seems this public key algorithm which isn't yet implemented is only used for SRP. Unfortunately it seems using the Keybase fork doesn't help and introduces more bugs (#51).

from hydroxide.

@emersion i'm still getting error (v0.2.2, 139f392/HEAD)

 ~/p/hydroxide   master   ./hydroxide auth ****
Password:
2019/04/14 12:36:56 warning: failed to check SRP modulus signature: openpgp: unsupported feature: public key algorithm 22
2019/04/14 12:36:57 openpgp: unsupported feature: public key type: 22

from hydroxide.

Gah. Can you try to track down where this one is coming from? I wonder why the algorithm changes like this from user to user.

I'll try to improve error reporting tonight.

from hydroxide.

first we need to understand how your system is differ from my system

i'm using voidlinux (x86_64, glibc)

 ✘  ~  go version
go version go1.12.2 linux/amd64

what other factors can influence?

from hydroxide.

Because hydroxide is pure Go, the issue is unlikely to be related to our systems. It's probably a thing on ProtonMail's end.

from hydroxide.

Added more details to errors. Does that help?

Does anyone else have this issue?

from hydroxide.

 ✘  ~/p/hydroxide   master   ./hydroxide auth ****@protonmail.com
Password:
2019/04/14 20:45:08 warning: failed to check SRP modulus signature: openpgp: unsupported feature: public key algorithm 22
2019/04/14 20:45:09 failed to read key "****@pm.me": failed to read private key: openpgp: unsupported feature: public key type: 22

Pay attention to the pm.me thing. This may be the root of my problem and anyone else with multiple email addresses in his account.

from hydroxide.

Can you try again? I updated hydroxide to skip keys it can't read. It won't allow you to use keys the Go library doesn't support, but maybe it'll allow you to use other keys.

from hydroxide.

@emersion

 ~/p/hydroxide   master   ./hydroxide auth ****@protonmail.com
Password:
2019/04/14 21:08:01 warning: failed to check SRP modulus signature: openpgp: unsupported feature: public key algorithm 22
2019/04/14 21:08:02 warning: failed to read key "****@pm.me": failed to read private key: openpgp: unsupported feature: public key type: 22
Bridge password: ********************************************

👍

from hydroxide.

warning: failed to check SRP modulus signature: openpgp: unsupported feature: public key algorithm 22
but I have the bridge password ..

from hydroxide.

need to rewrite some code with her custom crypto lib (https://github.com/ProtonMail/crypto) :

pkg/mod/github.com/emersion/hydroxide@v0.2.4/protonmail/contacts.go:167:66: not enough arguments in call to openpgp.CheckArmoredDetachedSignature
        have (openpgp.KeyRing, *bytes.Buffer, io.Reader)
        want (openpgp.KeyRing, io.Reader, io.Reader, *packet.Config)
pkg/mod/github.com/emersion/hydroxide@v0.2.4/protonmail/contacts.go:193:55: not enough arguments in call to openpgp.CheckArmoredDetachedSignature
        have (openpgp.KeyRing, *strings.Reader, *strings.Reader)
        want (openpgp.KeyRing, io.Reader, io.Reader, *packet.Config)
pkg/mod/github.com/emersion/hydroxide@v0.2.4/protonmail/crypto.go:39:15: subkey.Sig.KeyExpired undefined (type *packet.Signature has no field or method KeyExpired)
pkg/mod/github.com/emersion/hydroxide@v0.2.4/protonmail/crypto.go:56:137: i.SelfSignature.KeyExpired undefined (type *packet.Signature has no field or method KeyExpired)
pkg/mod/github.com/emersion/hydroxide@v0.2.4/protonmail/crypto.go:73:15: subkey.Sig.KeyExpired undefined (type *packet.Signature has no field or method KeyExpired)
pkg/mod/github.com/emersion/hydroxide@v0.2.4/protonmail/crypto.go:87:80: i.SelfSignature.KeyExpired undefined (type *packet.Signature has no field or method KeyExpired)
pkg/mod/github.com/emersion/hydroxide@v0.2.4/protonmail/srp.go:28:42: not enough arguments in call to openpgp.CheckDetachedSignature
        have (nil, *bytes.Reader, io.Reader)
        want (openpgp.KeyRing, io.Reader, io.Reader, *packet.Config)

or try to use her custom openpgp : https://github.com/ProtonMail/gopenpgp

from hydroxide.

gopenpgp is very meh.

I wonder why they broke the crypto API. What is this extra parameter to CheckArmoredDetachedSignature? How to check whether a signature is expired?

from hydroxide.

I have exactly the same issue. Recompilation with Keybase fork failed due to library incompatibility. Is there any solution to the problem?

from hydroxide.

These should just be warnings. hydroxide should work fine even if these errors are printed.

from hydroxide.

I've attempted what @harleylang suggests with both an rsa-4096 and an rsa-2048 key, but neither seem to work - is this all you did?

from hydroxide.

@TLATER Yes, as well as making the rsa-2048 the primary key

from hydroxide.

There isn't a single comment above yours that comes off as self-entitled

This is ridiculous. The only person who's acting entitled here is you - apparently you're entitled to @emersion's time and work for free. Is that any way to thank someone who's made a great project that you obviously find useful and important? That's sick.

You need to correct your attitude about open source. If you want something, it's up to you to do it. Not anyone else.
@ddevault

Ur unironically a legend btw
Plz write more software for plebs like me to mooch off of

from hydroxide.

I have an ed25519 key set up for my mails. I would like to try to make hydroxide work with it, using either the Protonmail or Keybase go-crypto fork, as suggested in this thread.

I would like to make my case for the Protonmail implementation. It is likely used server-side too, so even if it were the "weakest link", us using it would not further decrease security of the system. It's actively developed and is the most popular fork in terms of stars. We are also implicitly trusting that Protonmail developers do crypto correctly, as OpenPGPjs, the library used by the web client was also originally developed in-house. Furthermore, the recently open-sourced proton-bridge uses it, too.

@emersion Would you merge such a change?

from hydroxide.