A logical vulnerability in OpenPGP.js, allowing for spoofed signatures using a crafted PGP packet sequence