Release new version

2020-01-14 18:10:37 +01:00 · 2020-01-14 18:10:37 +01:00 · 1462affe88
commit 1462affe88
parent 44a90d9465
15 changed files with 524 additions and 415 deletions
--- a/bower.json
+++ b/bower.json
@ -1,6 +1,6 @@
 {
  "name": "openpgp",
-  "version": "4.7.2",
+  "version": "4.8.0",
  "license": "LGPL-3.0+",
  "homepage": "https://openpgpjs.org/",
  "authors": [
--- a/dist/compat/openpgp.js
+++ b/dist/compat/openpgp.js
--- a/dist/compat/openpgp.min.js
+++ b/dist/compat/openpgp.min.js
--- a/dist/compat/openpgp.worker.js
+++ b/dist/compat/openpgp.worker.js
@ -104,6 +104,16 @@ function seedRandom(buffer) {
  openpgp.crypto.random.randomBuffer.set(buffer);
 }

+const keyCache = new Map();
+function getCachedKey(key) {
+  const armor = key.armor();
+  if (keyCache.has(armor)) {
+    return keyCache.get(armor);
+  }
+  keyCache.set(armor, key);
+  return key;
+}
+
 /**
 * Generic proxy function that handles all commands from the public api.
 * @param  {String} method    The public api function to be delegated to the worker thread
@ -118,6 +128,13 @@ function delegate(id, method, options) {
  openpgp.util.restoreStreams(options);
  // parse cloned packets
  options = openpgp.packet.clone.parseClonedPackets(options, method);
+  // cache keys by armor, so that we don't have to repeatedly verify self-signatures
+  if (options.publicKeys) {
+    options.publicKeys = options.publicKeys.map(getCachedKey);
+  }
+  if (options.privateKeys) {
+    options.privateKeys = options.privateKeys.map(getCachedKey);
+  }
  openpgp[method](options).then(function(data) {
    // clone packets (for web worker structured cloning algorithm)
    response({ id:id, event:'method-return', data:openpgp.packet.clone.clonePackets(data) });
--- a/dist/compat/openpgp.worker.min.js
+++ b/dist/compat/openpgp.worker.min.js
@ -1,2 +1,2 @@
-/*! OpenPGP.js v4.7.2 - 2019-12-20 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
-!function(){return function e(n,t,r){function o(a,f){if(!t[a]){if(!n[a]){var s="function"==typeof require&&require;if(!f&&s)return s(a,!0);if(i)return i(a,!0);var u=new Error("Cannot find module '"+a+"'");throw u.code="MODULE_NOT_FOUND",u}var c=t[a]={exports:{}};n[a][0].call(c.exports,function(e){return o(n[a][1][e]||e)},c,c.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;function a(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}r.crypto.random.randomBuffer.init(i,function(){return o.length||self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data||{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array||(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var f=0;f<i.length;f++)i[f]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void a({id:e,event:"method-return",err:"Unknown Worker Event"});r.util.restoreStreams(t),t=r.packet.clone.parseClonedPackets(t,n),r[n](t).then(function(n){a({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),a({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options||{})}},postMessage({event:"loaded"})},{}]},{},[1]);
+/*! OpenPGP.js v4.8.0 - 2020-01-14 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+!function(){return function e(n,t,r){function o(a,s){if(!t[a]){if(!n[a]){var u="function"==typeof require&&require;if(!s&&u)return u(a,!0);if(i)return i(a,!0);var c=new Error("Cannot find module '"+a+"'");throw c.code="MODULE_NOT_FOUND",c}var f=t[a]={exports:{}};n[a][0].call(f.exports,function(e){return o(n[a][1][e]||e)},f,f.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;r.crypto.random.randomBuffer.init(i,function(){return o.length||self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data||{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array||(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var a=0;a<i.length;a++)i[a]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void u({id:e,event:"method-return",err:"Unknown Worker Event"});r.util.restoreStreams(t),(t=r.packet.clone.parseClonedPackets(t,n)).publicKeys&&(t.publicKeys=t.publicKeys.map(s));t.privateKeys&&(t.privateKeys=t.privateKeys.map(s));r[n](t).then(function(n){u({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),u({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options||{})}};const a=new Map;function s(e){const n=e.armor();return a.has(n)?a.get(n):(a.set(n,e),e)}function u(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}postMessage({event:"loaded"})},{}]},{},[1]);
--- a/dist/lightweight/openpgp.js
+++ b/dist/lightweight/openpgp.js
@ -2487,8 +2487,7 @@ exports.Hash = Hash;
 Object.defineProperty(exports, "__esModule", {
    value: true
 });
-exports.sha1_asm = sha1_asm;
-function sha1_asm(stdlib, foreign, buffer) {
+var sha1_asm = exports.sha1_asm = function sha1_asm(stdlib, foreign, buffer) {
    "use asm";

    // SHA256 state
@ -3375,7 +3374,7 @@ function sha1_asm(stdlib, foreign, buffer) {
        // PBKDF2-HMAC-SHA1
        pbkdf2_generate_block: pbkdf2_generate_block
    };
-}
+};

 },{}],11:[function(require,module,exports){
 'use strict';
@ -3431,8 +3430,7 @@ exports.Sha1 = Sha1;
 Object.defineProperty(exports, "__esModule", {
    value: true
 });
-exports.sha256_asm = sha256_asm;
-function sha256_asm(stdlib, foreign, buffer) {
+var sha256_asm = exports.sha256_asm = function sha256_asm(stdlib, foreign, buffer) {
    "use asm";

    // SHA256 state
@ -4240,7 +4238,7 @@ function sha256_asm(stdlib, foreign, buffer) {
        // PBKDF2-HMAC-SHA256
        pbkdf2_generate_block: pbkdf2_generate_block
    };
-}
+};

 },{}],13:[function(require,module,exports){
 'use strict';
@ -20665,7 +20663,7 @@ exports.default = {
   * @memberof module:config
   * @property {String} versionstring A version string to be included in armored messages
   */
-  versionstring: "OpenPGP.js v4.7.2",
+  versionstring: "OpenPGP.js v4.8.0",
  /**
   * @memberof module:config
   * @property {String} commentstring A comment string to be included in armored messages
@ -28978,7 +28976,7 @@ function isDataExpired(keyPacket, signature, date = new Date()) {

 /**
 * Create Binding signature to the key according to the {@link https://tools.ietf.org/html/rfc4880#section-5.2.1}
- * @param {module:packet.SecretSubkey|} subkey Subkey key packet
+ * @param {module:packet.SecretSubkey} subkey Subkey key packet
 * @param {module:packet.SecretKey} primaryKey Primary key packet
 * @param {Object} options
 */
@ -29617,7 +29615,7 @@ Key.prototype.getSigningKey = async function (keyId = null, date = new Date(), u
 Key.prototype.getEncryptionKey = async function (keyId, date = new Date(), userId = {}) {
  const primaryKey = this.keyPacket;
  if ((await this.verifyPrimaryKey(date, userId)) === _enums2.default.keyStatus.valid) {
-    // V4: by convention subkeys are preffered for encryption service
+    // V4: by convention subkeys are preferred for encryption service
    const subKeys = this.subKeys.slice().sort((a, b) => b.keyPacket.created - a.keyPacket.created);
    for (let i = 0; i < subKeys.length; i++) {
      if (!keyId || subKeys[i].getKeyId().equals(keyId)) {
@ -29698,6 +29696,30 @@ Key.prototype.decrypt = async function (passphrases, keyId = null) {
  return results.every(result => result === true);
 };

+/**
+ * Check whether the private and public key parameters of the primary key match
+ * @returns {Promise<Boolean>} true if the primary key parameters correspond
+ * @async
+ */
+Key.prototype.validate = async function () {
+  if (!this.isPrivate()) {
+    throw new Error("Can't validate a public key");
+  }
+  const signingKeyPacket = this.primaryKey;
+  if (!signingKeyPacket.isDecrypted()) {
+    throw new Error("Key is not decrypted");
+  }
+  const data = new _packet2.default.Literal();
+  data.setBytes(new Uint8Array(), 'binary');
+  const signature = new _packet2.default.Signature();
+  signature.publicKeyAlgorithm = signingKeyPacket.algorithm;
+  signature.hashAlgorithm = _enums2.default.hash.sha256;
+  const signatureType = _enums2.default.signature.binary;
+  signature.signatureType = signatureType;
+  await signature.sign(signingKeyPacket, data);
+  return signature.verify(signingKeyPacket, signatureType, data);
+};
+
 /**
 * Checks if a signature on a key is revoked
 * @param  {module:packet.SecretKey|
@ -30065,7 +30087,7 @@ Key.prototype.verifyAllUsers = async function (keys) {
 *                             The number of seconds after the key creation time that the key expires
 * @param {String} curve       (optional) Elliptic curve for ECC keys
 * @param {Date} date          (optional) Override the creation date of the key and the key signatures
- * @param {Boolean} subkeys    (optional) Indicates whether the subkey should sign rather than encrypt. Defaults to false
+ * @param {Boolean} sign       (optional) Indicates whether the subkey should sign rather than encrypt. Defaults to false
 * @returns {Promise<module:key.Key>}
 * @async
 */
@ -35179,10 +35201,10 @@ SecretKey.prototype.decrypt = async function (passphrase) {
  }

  let key;
-  if (this.s2k_usage === 255 || this.s2k_usage === 254 || this.s2k_usage === 253) {
+  if (this.s2k_usage === 254 || this.s2k_usage === 253) {
    key = await produceEncryptionKey(this.s2k, passphrase, this.symmetric);
  } else {
-    key = await _crypto2.default.hash.md5(passphrase);
+    throw new Error('Unsupported legacy encrypted key');
  }

  let cleartext;
@ -35200,19 +35222,10 @@ SecretKey.prototype.decrypt = async function (passphrase) {
  } else {
    const cleartextWithHash = await _crypto2.default.cfb.decrypt(this.symmetric, key, this.keyMaterial, this.iv);

-    let hash;
-    let hashlen;
-    if (this.s2k_usage === 255) {
-      hashlen = 2;
-      cleartext = cleartextWithHash.subarray(0, -hashlen);
-      hash = _util2.default.write_checksum(cleartext);
-    } else {
-      hashlen = 20;
-      cleartext = cleartextWithHash.subarray(0, -hashlen);
-      hash = await _crypto2.default.hash.sha1(cleartext);
-    }
+    cleartext = cleartextWithHash.subarray(0, -20);
+    const hash = await _crypto2.default.hash.sha1(cleartext);

-    if (!_util2.default.equalsUint8Array(hash, cleartextWithHash.subarray(-hashlen))) {
+    if (!_util2.default.equalsUint8Array(hash, cleartextWithHash.subarray(-20))) {
      throw new Error('Incorrect key passphrase');
    }
  }
--- a/dist/lightweight/openpgp.min.js
+++ b/dist/lightweight/openpgp.min.js
--- a/dist/lightweight/openpgp.worker.js
+++ b/dist/lightweight/openpgp.worker.js
@ -104,6 +104,16 @@ function seedRandom(buffer) {
  openpgp.crypto.random.randomBuffer.set(buffer);
 }

+const keyCache = new Map();
+function getCachedKey(key) {
+  const armor = key.armor();
+  if (keyCache.has(armor)) {
+    return keyCache.get(armor);
+  }
+  keyCache.set(armor, key);
+  return key;
+}
+
 /**
 * Generic proxy function that handles all commands from the public api.
 * @param  {String} method    The public api function to be delegated to the worker thread
@ -118,6 +128,13 @@ function delegate(id, method, options) {
  openpgp.util.restoreStreams(options);
  // parse cloned packets
  options = openpgp.packet.clone.parseClonedPackets(options, method);
+  // cache keys by armor, so that we don't have to repeatedly verify self-signatures
+  if (options.publicKeys) {
+    options.publicKeys = options.publicKeys.map(getCachedKey);
+  }
+  if (options.privateKeys) {
+    options.privateKeys = options.privateKeys.map(getCachedKey);
+  }
  openpgp[method](options).then(function(data) {
    // clone packets (for web worker structured cloning algorithm)
    response({ id:id, event:'method-return', data:openpgp.packet.clone.clonePackets(data) });
--- a/dist/lightweight/openpgp.worker.min.js
+++ b/dist/lightweight/openpgp.worker.min.js
@ -1,2 +1,2 @@
-/*! OpenPGP.js v4.7.2 - 2019-12-20 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
-!function(){return function e(n,t,r){function o(a,f){if(!t[a]){if(!n[a]){var s="function"==typeof require&&require;if(!f&&s)return s(a,!0);if(i)return i(a,!0);var u=new Error("Cannot find module '"+a+"'");throw u.code="MODULE_NOT_FOUND",u}var c=t[a]={exports:{}};n[a][0].call(c.exports,function(e){return o(n[a][1][e]||e)},c,c.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;function a(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}r.crypto.random.randomBuffer.init(i,function(){return o.length||self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data||{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array||(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var f=0;f<i.length;f++)i[f]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void a({id:e,event:"method-return",err:"Unknown Worker Event"});r.util.restoreStreams(t),t=r.packet.clone.parseClonedPackets(t,n),r[n](t).then(function(n){a({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),a({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options||{})}},postMessage({event:"loaded"})},{}]},{},[1]);
+/*! OpenPGP.js v4.8.0 - 2020-01-14 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+!function(){return function e(n,t,r){function o(a,s){if(!t[a]){if(!n[a]){var u="function"==typeof require&&require;if(!s&&u)return u(a,!0);if(i)return i(a,!0);var c=new Error("Cannot find module '"+a+"'");throw c.code="MODULE_NOT_FOUND",c}var f=t[a]={exports:{}};n[a][0].call(f.exports,function(e){return o(n[a][1][e]||e)},f,f.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;r.crypto.random.randomBuffer.init(i,function(){return o.length||self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data||{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array||(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var a=0;a<i.length;a++)i[a]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void u({id:e,event:"method-return",err:"Unknown Worker Event"});r.util.restoreStreams(t),(t=r.packet.clone.parseClonedPackets(t,n)).publicKeys&&(t.publicKeys=t.publicKeys.map(s));t.privateKeys&&(t.privateKeys=t.privateKeys.map(s));r[n](t).then(function(n){u({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),u({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options||{})}};const a=new Map;function s(e){const n=e.armor();return a.has(n)?a.get(n):(a.set(n,e),e)}function u(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}postMessage({event:"loaded"})},{}]},{},[1]);
--- a/dist/openpgp.js
+++ b/dist/openpgp.js
@ -2487,8 +2487,7 @@ exports.Hash = Hash;
 Object.defineProperty(exports, "__esModule", {
    value: true
 });
-exports.sha1_asm = sha1_asm;
-function sha1_asm(stdlib, foreign, buffer) {
+var sha1_asm = exports.sha1_asm = function sha1_asm(stdlib, foreign, buffer) {
    "use asm";

    // SHA256 state
@ -3375,7 +3374,7 @@ function sha1_asm(stdlib, foreign, buffer) {
        // PBKDF2-HMAC-SHA1
        pbkdf2_generate_block: pbkdf2_generate_block
    };
-}
+};

 },{}],11:[function(require,module,exports){
 'use strict';
@ -3431,8 +3430,7 @@ exports.Sha1 = Sha1;
 Object.defineProperty(exports, "__esModule", {
    value: true
 });
-exports.sha256_asm = sha256_asm;
-function sha256_asm(stdlib, foreign, buffer) {
+var sha256_asm = exports.sha256_asm = function sha256_asm(stdlib, foreign, buffer) {
    "use asm";

    // SHA256 state
@ -4240,7 +4238,7 @@ function sha256_asm(stdlib, foreign, buffer) {
        // PBKDF2-HMAC-SHA256
        pbkdf2_generate_block: pbkdf2_generate_block
    };
-}
+};

 },{}],13:[function(require,module,exports){
 'use strict';
@ -25052,7 +25050,7 @@ exports.default = {
   * @memberof module:config
   * @property {String} versionstring A version string to be included in armored messages
   */
-  versionstring: "OpenPGP.js v4.7.2",
+  versionstring: "OpenPGP.js v4.8.0",
  /**
   * @memberof module:config
   * @property {String} commentstring A comment string to be included in armored messages
@ -33365,7 +33363,7 @@ function isDataExpired(keyPacket, signature, date = new Date()) {

 /**
 * Create Binding signature to the key according to the {@link https://tools.ietf.org/html/rfc4880#section-5.2.1}
- * @param {module:packet.SecretSubkey|} subkey Subkey key packet
+ * @param {module:packet.SecretSubkey} subkey Subkey key packet
 * @param {module:packet.SecretKey} primaryKey Primary key packet
 * @param {Object} options
 */
@ -34004,7 +34002,7 @@ Key.prototype.getSigningKey = async function (keyId = null, date = new Date(), u
 Key.prototype.getEncryptionKey = async function (keyId, date = new Date(), userId = {}) {
  const primaryKey = this.keyPacket;
  if ((await this.verifyPrimaryKey(date, userId)) === _enums2.default.keyStatus.valid) {
-    // V4: by convention subkeys are preffered for encryption service
+    // V4: by convention subkeys are preferred for encryption service
    const subKeys = this.subKeys.slice().sort((a, b) => b.keyPacket.created - a.keyPacket.created);
    for (let i = 0; i < subKeys.length; i++) {
      if (!keyId || subKeys[i].getKeyId().equals(keyId)) {
@ -34085,6 +34083,30 @@ Key.prototype.decrypt = async function (passphrases, keyId = null) {
  return results.every(result => result === true);
 };

+/**
+ * Check whether the private and public key parameters of the primary key match
+ * @returns {Promise<Boolean>} true if the primary key parameters correspond
+ * @async
+ */
+Key.prototype.validate = async function () {
+  if (!this.isPrivate()) {
+    throw new Error("Can't validate a public key");
+  }
+  const signingKeyPacket = this.primaryKey;
+  if (!signingKeyPacket.isDecrypted()) {
+    throw new Error("Key is not decrypted");
+  }
+  const data = new _packet2.default.Literal();
+  data.setBytes(new Uint8Array(), 'binary');
+  const signature = new _packet2.default.Signature();
+  signature.publicKeyAlgorithm = signingKeyPacket.algorithm;
+  signature.hashAlgorithm = _enums2.default.hash.sha256;
+  const signatureType = _enums2.default.signature.binary;
+  signature.signatureType = signatureType;
+  await signature.sign(signingKeyPacket, data);
+  return signature.verify(signingKeyPacket, signatureType, data);
+};
+
 /**
 * Checks if a signature on a key is revoked
 * @param  {module:packet.SecretKey|
@ -34452,7 +34474,7 @@ Key.prototype.verifyAllUsers = async function (keys) {
 *                             The number of seconds after the key creation time that the key expires
 * @param {String} curve       (optional) Elliptic curve for ECC keys
 * @param {Date} date          (optional) Override the creation date of the key and the key signatures
- * @param {Boolean} subkeys    (optional) Indicates whether the subkey should sign rather than encrypt. Defaults to false
+ * @param {Boolean} sign       (optional) Indicates whether the subkey should sign rather than encrypt. Defaults to false
 * @returns {Promise<module:key.Key>}
 * @async
 */
@ -39566,10 +39588,10 @@ SecretKey.prototype.decrypt = async function (passphrase) {
  }

  let key;
-  if (this.s2k_usage === 255 || this.s2k_usage === 254 || this.s2k_usage === 253) {
+  if (this.s2k_usage === 254 || this.s2k_usage === 253) {
    key = await produceEncryptionKey(this.s2k, passphrase, this.symmetric);
  } else {
-    key = await _crypto2.default.hash.md5(passphrase);
+    throw new Error('Unsupported legacy encrypted key');
  }

  let cleartext;
@ -39587,19 +39609,10 @@ SecretKey.prototype.decrypt = async function (passphrase) {
  } else {
    const cleartextWithHash = await _crypto2.default.cfb.decrypt(this.symmetric, key, this.keyMaterial, this.iv);

-    let hash;
-    let hashlen;
-    if (this.s2k_usage === 255) {
-      hashlen = 2;
-      cleartext = cleartextWithHash.subarray(0, -hashlen);
-      hash = _util2.default.write_checksum(cleartext);
-    } else {
-      hashlen = 20;
-      cleartext = cleartextWithHash.subarray(0, -hashlen);
-      hash = await _crypto2.default.hash.sha1(cleartext);
-    }
+    cleartext = cleartextWithHash.subarray(0, -20);
+    const hash = await _crypto2.default.hash.sha1(cleartext);

-    if (!_util2.default.equalsUint8Array(hash, cleartextWithHash.subarray(-hashlen))) {
+    if (!_util2.default.equalsUint8Array(hash, cleartextWithHash.subarray(-20))) {
      throw new Error('Incorrect key passphrase');
    }
  }
--- a/dist/openpgp.min.js
+++ b/dist/openpgp.min.js
--- a/dist/openpgp.worker.js
+++ b/dist/openpgp.worker.js
@ -104,6 +104,16 @@ function seedRandom(buffer) {
  openpgp.crypto.random.randomBuffer.set(buffer);
 }

+const keyCache = new Map();
+function getCachedKey(key) {
+  const armor = key.armor();
+  if (keyCache.has(armor)) {
+    return keyCache.get(armor);
+  }
+  keyCache.set(armor, key);
+  return key;
+}
+
 /**
 * Generic proxy function that handles all commands from the public api.
 * @param  {String} method    The public api function to be delegated to the worker thread
@ -118,6 +128,13 @@ function delegate(id, method, options) {
  openpgp.util.restoreStreams(options);
  // parse cloned packets
  options = openpgp.packet.clone.parseClonedPackets(options, method);
+  // cache keys by armor, so that we don't have to repeatedly verify self-signatures
+  if (options.publicKeys) {
+    options.publicKeys = options.publicKeys.map(getCachedKey);
+  }
+  if (options.privateKeys) {
+    options.privateKeys = options.privateKeys.map(getCachedKey);
+  }
  openpgp[method](options).then(function(data) {
    // clone packets (for web worker structured cloning algorithm)
    response({ id:id, event:'method-return', data:openpgp.packet.clone.clonePackets(data) });
--- a/dist/openpgp.worker.min.js
+++ b/dist/openpgp.worker.min.js
@ -1,2 +1,2 @@
-/*! OpenPGP.js v4.7.2 - 2019-12-20 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
-!function(){return function e(n,t,r){function o(a,f){if(!t[a]){if(!n[a]){var s="function"==typeof require&&require;if(!f&&s)return s(a,!0);if(i)return i(a,!0);var u=new Error("Cannot find module '"+a+"'");throw u.code="MODULE_NOT_FOUND",u}var c=t[a]={exports:{}};n[a][0].call(c.exports,function(e){return o(n[a][1][e]||e)},c,c.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;function a(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}r.crypto.random.randomBuffer.init(i,function(){return o.length||self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data||{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array||(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var f=0;f<i.length;f++)i[f]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void a({id:e,event:"method-return",err:"Unknown Worker Event"});r.util.restoreStreams(t),t=r.packet.clone.parseClonedPackets(t,n),r[n](t).then(function(n){a({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),a({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options||{})}},postMessage({event:"loaded"})},{}]},{},[1]);
+/*! OpenPGP.js v4.8.0 - 2020-01-14 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+!function(){return function e(n,t,r){function o(a,s){if(!t[a]){if(!n[a]){var u="function"==typeof require&&require;if(!s&&u)return u(a,!0);if(i)return i(a,!0);var c=new Error("Cannot find module '"+a+"'");throw c.code="MODULE_NOT_FOUND",c}var f=t[a]={exports:{}};n[a][0].call(f.exports,function(e){return o(n[a][1][e]||e)},f,f.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;r.crypto.random.randomBuffer.init(i,function(){return o.length||self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data||{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array||(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var a=0;a<i.length;a++)i[a]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void u({id:e,event:"method-return",err:"Unknown Worker Event"});r.util.restoreStreams(t),(t=r.packet.clone.parseClonedPackets(t,n)).publicKeys&&(t.publicKeys=t.publicKeys.map(s));t.privateKeys&&(t.privateKeys=t.privateKeys.map(s));r[n](t).then(function(n){u({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),u({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options||{})}};const a=new Map;function s(e){const n=e.armor();return a.has(n)?a.get(n):(a.set(n,e),e)}function u(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}postMessage({event:"loaded"})},{}]},{},[1]);
--- a/npm-shrinkwrap.json
+++ b/npm-shrinkwrap.json
@ -1,6 +1,6 @@
 {
  "name": "openpgp",
-  "version": "4.7.2",
+  "version": "4.8.0",
  "lockfileVersion": 1,
  "requires": true,
  "dependencies": {
--- a/package.json
+++ b/package.json
@ -1,7 +1,7 @@
 {
  "name": "openpgp",
  "description": "OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.",
-  "version": "4.7.2",
+  "version": "4.8.0",
  "license": "LGPL-3.0+",
  "homepage": "https://openpgpjs.org/",
  "engines": {