suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Separate config option to use V5 keys from AEAD config option

Browse Source
This commit is contained in:
Daniel Huigens 2019-08-12 15:32:35 +02:00
parent 9bb1710a9f
commit 80c535eeb7
5 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/config/config.js
View File

@ -76,6 +76,14 @@ export default {
* @property {Integer} aead_chunk_size_byte
*/
aead_chunk_size_byte: 12,
/**
* Use V5 keys.
* **NOT INTEROPERABLE WITH OTHER OPENPGP IMPLEMENTATIONS**
* **FUTURE OPENPGP.JS VERSIONS MAY BREAK COMPATIBILITY WHEN USING THIS OPTION**
* @memberof module:config
* @property {Boolean} v5_keys
*/
v5_keys: false,
/**
* {@link https://tools.ietf.org/html/rfc4880#section-3.7.1.3|RFC4880 3.7.1.3}:
* Iteration Count Byte for S2K (String to Key)

3
src/key.js
View File

@ -1526,6 +1526,9 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
if (config.aead_protect && config.aead_protect_version === 4) {
signaturePacket.features || (signaturePacket.features = [0]);
signaturePacket.features[0] |= enums.features.aead;
}
if (config.v5_keys) {
signaturePacket.features || (signaturePacket.features = [0]);
signaturePacket.features[0] |= enums.features.v5_keys;
}
if (options.keyExpirationTime > 0) {

2
src/packet/public_key.js
View File

@ -56,7 +56,7 @@ function PublicKey(date=new Date()) {
* Packet version
* @type {Integer}
*/
this.version = config.aead_protect && config.aead_protect_version === 4 ? 5 : 4;
this.version = config.v5_keys ? 5 : 4;
/**
* Key creation date.
* @type {Date}

8
test/general/key.js
View File

@ -1680,7 +1680,7 @@ function versionSpecificTests() {
expect(key.users[0].selfCertifications[0].preferredHashAlgorithms).to.eql([hash.sha256, hash.sha512, hash.sha1]);
const compr = openpgp.enums.compression;
expect(key.users[0].selfCertifications[0].preferredCompressionAlgorithms).to.eql([compr.zlib, compr.zip]);
expect(key.users[0].selfCertifications[0].features).to.eql(openpgp.config.aead_protect && openpgp.config.aead_protect_version === 4 ? [7] : [1]);
expect(key.users[0].selfCertifications[0].features).to.eql(openpgp.config.v5_keys ? [7] : [1]);
};
const opt = {numBits: 512, userIds: 'test <a@b.com>', passphrase: 'hello'};
if (openpgp.util.getWebCryptoAll()) { opt.numBits = 2048; } // webkit webcrypto accepts minimum 2048 bit keys
@ -1717,7 +1717,7 @@ function versionSpecificTests() {
expect(key.users[0].selfCertifications[0].preferredHashAlgorithms).to.eql([hash.sha224, hash.sha256, hash.sha512, hash.sha1]);
const compr = openpgp.enums.compression;
expect(key.users[0].selfCertifications[0].preferredCompressionAlgorithms).to.eql([compr.zlib, compr.zip]);
expect(key.users[0].selfCertifications[0].features).to.eql(openpgp.config.aead_protect && openpgp.config.aead_protect_version === 4 ? [7] : [1]);
expect(key.users[0].selfCertifications[0].features).to.eql(openpgp.config.v5_keys ? [7] : [1]);
};
const opt = {numBits: 512, userIds: 'test <a@b.com>', passphrase: 'hello'};
if (openpgp.util.getWebCryptoAll()) { opt.numBits = 2048; } // webkit webcrypto accepts minimum 2048 bit keys
@ -2208,17 +2208,21 @@ describe('Key', function() {
describe('V4', versionSpecificTests);
let v5_keysVal;
let aead_protectVal;
let aead_protect_versionVal;
tryTests('V5', versionSpecificTests, {
if: !openpgp.config.saucelabs,
beforeEach: function() {
v5_keysVal = openpgp.config.v5_keys;
aead_protectVal = openpgp.config.aead_protect;
aead_protect_versionVal = openpgp.config.aead_protect_version;
openpgp.config.v5_keys = true;
openpgp.config.aead_protect = true;
openpgp.config.aead_protect_version = 4;
},
afterEach: function() {
openpgp.config.v5_keys = v5_keysVal;
openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_protect_version = aead_protect_versionVal;
}

6
test/general/openpgp.js
View File

@ -696,6 +696,7 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
let aead_protect_versionVal;
let aead_modeVal;
let aead_chunk_size_byteVal;
let v5_keysVal;
beforeEach(async function() {
publicKey = await openpgp.key.readArmored(pub_key);
@ -723,6 +724,7 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
aead_protect_versionVal = openpgp.config.aead_protect_version;
aead_modeVal = openpgp.config.aead_mode;
aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
v5_keysVal = openpgp.config.v5_keys;
});
afterEach(function() {
@ -732,6 +734,7 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
openpgp.config.aead_protect_version = aead_protect_versionVal;
openpgp.config.aead_mode = aead_modeVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
openpgp.config.v5_keys = v5_keysVal;
});
it('Configuration', async function() {
@ -854,11 +857,12 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
}
});
tryTests('GCM mode (draft04)', tests, {
tryTests('GCM mode (V5 keys)', tests, {
if: true,
beforeEach: function() {
openpgp.config.aead_protect = true;
openpgp.config.aead_mode = openpgp.enums.aead.experimental_gcm;
openpgp.config.v5_keys = true;
// Monkey-patch AEAD feature flag
publicKey.keys[0].users[0].selfCertifications[0].features = [7];