Add enums.publicKey.eddsaLegacy

Set to replace `enums.publicKey.eddsa`, which can still be used everywhere, but it will be dropped in v6. Deprecation notices have been added to ease transition.
2023-09-28 19:21:24 +02:00 · 2023-09-28 19:21:24 +02:00 · 5b283550b7
commit 5b283550b7
parent d6145ac73e
7 changed files with 22 additions and 24 deletions
--- a/openpgp.d.ts
+++ b/openpgp.d.ts
@ -820,7 +820,9 @@ export namespace enums {
    dsa = 17,
    ecdh = 18,
    ecdsa = 19,
+    /** @deprecated use `eddsaLegacy` instead */
    eddsa = 22,
+    eddsaLegacy = 22,
    aedh = 23,
    aedsa = 24,
  }
--- a/src/crypto/crypto.js
+++ b/src/crypto/crypto.js
@ -168,8 +168,7 @@ export function parsePublicKeyParams(algo, bytes) {
      const Q = util.readMPI(bytes.subarray(read)); read += Q.length + 2;
      return { read: read, publicParams: { oid, Q } };
    }
-    case enums.publicKey.eddsa:
-    case enums.publicKey.ed25519Legacy: {
+    case enums.publicKey.eddsaLegacy: {
      const oid = new OID(); read += oid.read(bytes);
      checkSupportedCurve(oid);
      let Q = util.readMPI(bytes.subarray(read)); read += Q.length + 2;
@ -224,8 +223,7 @@ export function parsePrivateKeyParams(algo, bytes, publicParams) {
      d = util.leftPad(d, curve.payloadSize);
      return { read, privateParams: { d } };
    }
-    case enums.publicKey.eddsa:
-    case enums.publicKey.ed25519Legacy: {
+    case enums.publicKey.eddsaLegacy: {
      const curve = new CurveWithOID(publicParams.oid);
      let seed = util.readMPI(bytes.subarray(read)); read += seed.length + 2;
      seed = util.leftPad(seed, curve.payloadSize);
@ -331,8 +329,7 @@ export function generateParams(algo, bits, oid) {
        privateParams: { d: secret },
        publicParams: { oid: new OID(oid), Q }
      }));
-    case enums.publicKey.eddsa:
-    case enums.publicKey.ed25519Legacy:
+    case enums.publicKey.eddsaLegacy:
      return publicKey.elliptic.generate(oid).then(({ oid, Q, secret }) => ({
        privateParams: { seed: secret },
        publicParams: { oid: new OID(oid), Q }
@ -401,8 +398,7 @@ export async function validateParams(algo, publicParams, privateParams) {
      const { d } = privateParams;
      return algoModule.validateParams(oid, Q, d);
    }
-    case enums.publicKey.eddsa:
-    case enums.publicKey.ed25519Legacy: {
+    case enums.publicKey.eddsaLegacy: {
      const { Q, oid } = publicParams;
      const { seed } = privateParams;
      return publicKey.elliptic.eddsaLegacy.validateParams(oid, Q, seed);
--- a/src/crypto/public_key/elliptic/oid_curves.js
+++ b/src/crypto/public_key/elliptic/oid_curves.js
@ -92,7 +92,7 @@ const curves = {
  },
  ed25519: {
    oid: [0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01],
-    keyType: enums.publicKey.eddsa,
+    keyType: enums.publicKey.eddsaLegacy,
    hash: enums.hash.sha512,
    node: false, // nodeCurves.ed25519 TODO
    payloadSize: 32
--- a/src/crypto/signature.js
+++ b/src/crypto/signature.js
@ -46,8 +46,7 @@ export function parseSignatureParams(algo, signature) {
    // Algorithm-Specific Fields for legacy EdDSA signatures:
    // -  MPI of an EC point r.
    // -  EdDSA value s, in MPI, in the little endian representation
-    case enums.publicKey.eddsa:
-    case enums.publicKey.ed25519Legacy: {
+    case enums.publicKey.eddsaLegacy: {
      // When parsing little-endian MPI data, we always need to left-pad it, as done with big-endian values:
      // https://www.ietf.org/archive/id/draft-ietf-openpgp-rfc4880bis-10.html#section-3.2-9
      let r = util.readMPI(signature.subarray(read)); read += r.length + 2;
@ -103,8 +102,7 @@ export async function verify(algo, hashAlgo, signature, publicParams, data, hash
      const s = util.leftPad(signature.s, curveSize);
      return publicKey.elliptic.ecdsa.verify(oid, hashAlgo, { r, s }, data, Q, hashed);
    }
-    case enums.publicKey.eddsa:
-    case enums.publicKey.ed25519Legacy: {
+    case enums.publicKey.eddsaLegacy: {
      const { oid, Q } = publicParams;
      // signature already padded on parsing
      return publicKey.elliptic.eddsaLegacy.verify(oid, hashAlgo, signature, data, Q, hashed);
@ -158,8 +156,7 @@ export async function sign(algo, hashAlgo, publicKeyParams, privateKeyParams, da
      const { d } = privateKeyParams;
      return publicKey.elliptic.ecdsa.sign(oid, hashAlgo, data, Q, d, hashed);
    }
-    case enums.publicKey.eddsa:
-    case enums.publicKey.ed25519Legacy: {
+    case enums.publicKey.eddsaLegacy: {
      const { oid, Q } = publicKeyParams;
      const { seed } = privateKeyParams;
      return publicKey.elliptic.eddsaLegacy.sign(oid, hashAlgo, data, Q, seed, hashed);
--- a/src/enums.js
+++ b/src/enums.js
@ -111,8 +111,11 @@ export default {
    ecdsa: 19,
    /** EdDSA (Sign only) - deprecated by crypto-refresh (replaced by `ed25519` identifier below)
     * [{@link https://tools.ietf.org/html/draft-koch-eddsa-for-openpgp-04|Draft RFC}] */
-    ed25519Legacy: 22, // NB: this is declared before `eddsa` to translate 22 to 'eddsa' for backwards compatibility
-    eddsa: 22, // to be deprecated in v6
+    eddsaLegacy: 22, // NB: this is declared before `eddsa` to translate 22 to 'eddsa' for backwards compatibility
+    /** @deprecated use `eddsaLegacy` instead */
+    ed25519Legacy: 22,
+    /** @deprecated use `eddsaLegacy` instead */
+    eddsa: 22,
    /** Reserved for AEDH */
    aedh: 23,
    /** Reserved for AEDSA */
--- a/src/key/helper.js
+++ b/src/key/helper.js
@ -137,7 +137,7 @@ export async function getPreferredHashAlgo(key, keyPacket, date = new Date(), us
      switch (keyPacket.algorithm) {
        case enums.publicKey.ecdh:
        case enums.publicKey.ecdsa:
-        case enums.publicKey.eddsa:
+        case enums.publicKey.eddsaLegacy:
          prefAlgo = crypto.publicKey.elliptic.getPreferredHashAlgo(keyPacket.publicParams.oid);
      }
  }
@ -348,7 +348,7 @@ export function sanitizeKeyOptions(options, subkeyDefaults = {}) {
        options.curve = options.sign ? enums.curve.ed25519 : enums.curve.curve25519;
      }
      if (options.sign) {
-        options.algorithm = options.curve === enums.curve.ed25519 ? enums.publicKey.eddsa : enums.publicKey.ecdsa;
+        options.algorithm = options.curve === enums.curve.ed25519 ? enums.publicKey.eddsaLegacy : enums.publicKey.ecdsa;
      } else {
        options.algorithm = enums.publicKey.ecdh;
      }
@ -377,7 +377,7 @@ export function isValidEncryptionKeyPacket(keyPacket, signature) {
  return keyAlgo !== enums.publicKey.dsa &&
    keyAlgo !== enums.publicKey.rsaSign &&
    keyAlgo !== enums.publicKey.ecdsa &&
-    keyAlgo !== enums.publicKey.eddsa &&
+    keyAlgo !== enums.publicKey.eddsaLegacy &&
    keyAlgo !== enums.publicKey.ed25519 &&
    (!signature.keyFlags ||
      (signature.keyFlags[0] & enums.keyFlags.encryptCommunication) !== 0 ||
@ -417,7 +417,7 @@ export function checkKeyRequirements(keyPacket, config) {
      }
      break;
    case enums.publicKey.ecdsa:
-    case enums.publicKey.eddsa:
+    case enums.publicKey.eddsaLegacy:
    case enums.publicKey.ecdh:
      if (config.rejectCurves.has(algoInfo.curve)) {
        throw new Error(`Support for ${algoInfo.algorithm} keys using curve ${algoInfo.curve} is disabled.`);
--- a/test/general/config.js
+++ b/test/general/config.js
@ -178,7 +178,7 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI
        showComment: true,
        preferredCompressionAlgorithm: openpgp.enums.compression.zip,
        preferredHashAlgorithm: openpgp.enums.hash.sha512,
-        rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsa]) // should not matter in this context
+        rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsaLegacy]) // should not matter in this context
      };
      const opt2 = { privateKey: origKey, userIDs, config };
      const { privateKey: refKeyArmored2 } = await openpgp.reformatKey(opt2);
@ -366,7 +366,7 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI
    await expect(openpgp.sign(opt2)).to.be.rejectedWith(/Insecure hash algorithm/);

    await expect(openpgp.sign({
-      message, signingKeys: [key], config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsa]) }
+      message, signingKeys: [key], config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsaLegacy]) }
    })).to.be.eventually.rejectedWith(/eddsa keys are considered too weak/);
    await expect(openpgp.sign({
      message, signingKeys: [key], config: { rejectCurves: new Set([openpgp.enums.curve.ed25519]) }
@ -411,7 +411,7 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI
    const opt4 = {
      message: await openpgp.readMessage({ armoredMessage: signed }),
      verificationKeys: [key],
-      config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsa]) }
+      config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsaLegacy]) }
    };
    const { signatures: [sig4] } = await openpgp.verify(opt4);
    await expect(sig4.verified).to.be.rejectedWith(/eddsa keys are considered too weak/);