suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add enums.curve.ed25519Legacy and .x25519Legacy

Browse Source 
Set to replace `enums.curve.ed25519` (resp. `.curve25519`), which can still be used everywhere,
but it will be dropped in v6.
Deprecation notices have been added to ease transition.
This commit is contained in:
larabr 2023-10-03 18:47:39 +02:00
parent a12ca976a0
commit 99ba76c695
5 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openpgp.d.ts vendored
View File

@ -831,8 +831,12 @@ export namespace enums {
p256 = 'p256', p256 = 'p256',
p384 = 'p384', p384 = 'p384',
p521 = 'p521', p521 = 'p521',
/** @deprecated use `ed25519Legacy` instead */
ed25519 = 'ed25519', ed25519 = 'ed25519',
ed25519Legacy = 'ed25519',
/** @deprecated use `x25519Legacy` instead */
curve25519 = 'curve25519', curve25519 = 'curve25519',
x25519Legacy = 'curve25519',
secp256k1 = 'secp256k1', secp256k1 = 'secp256k1',
brainpoolP256r1 = 'brainpoolP256r1', brainpoolP256r1 = 'brainpoolP256r1',
brainpoolP384r1 = 'brainpoolP384r1', brainpoolP384r1 = 'brainpoolP384r1',

8
src/enums.js
View File

@ -43,17 +43,21 @@ export default {
'2b8104000a': 'secp256k1', '2b8104000a': 'secp256k1',
'2B8104000A': 'secp256k1', '2B8104000A': 'secp256k1',
/** Ed25519 */ /** Ed25519 - deprecated by crypto-refresh (replaced by standaone Ed25519 algo) */
'ed25519Legacy': 'ed25519',
'ED25519': 'ed25519', 'ED25519': 'ed25519',
/** @deprecated use `ed25519Legacy` instead */
'ed25519': 'ed25519', 'ed25519': 'ed25519',
'Ed25519': 'ed25519', 'Ed25519': 'ed25519',
'1.3.6.1.4.1.11591.15.1': 'ed25519', '1.3.6.1.4.1.11591.15.1': 'ed25519',
'2b06010401da470f01': 'ed25519', '2b06010401da470f01': 'ed25519',
'2B06010401DA470F01': 'ed25519', '2B06010401DA470F01': 'ed25519',
/** Curve25519 */ /** Curve25519 - deprecated by crypto-refresh (replaced by standaone X25519 algo) */
'x25519Legacy': 'curve25519',
'X25519': 'curve25519', 'X25519': 'curve25519',
'cv25519': 'curve25519', 'cv25519': 'curve25519',
/** @deprecated use `x25519Legacy` instead */
'curve25519': 'curve25519', 'curve25519': 'curve25519',
'Curve25519': 'curve25519', 'Curve25519': 'curve25519',
'1.3.6.1.4.1.3029.1.5.1': 'curve25519', '1.3.6.1.4.1.3029.1.5.1': 'curve25519',

6
src/key/helper.js
View File

@ -333,11 +333,11 @@ export function sanitizeKeyOptions(options, subkeyDefaults = {}) {
} catch (e) { } catch (e) {
throw new Error('Unknown curve'); throw new Error('Unknown curve');
} }
if (options.curve === enums.curve.ed25519 || options.curve === enums.curve.curve25519) { if (options.curve === enums.curve.ed25519Legacy || options.curve === enums.curve.x25519Legacy) {
options.curve = options.sign ? enums.curve.ed25519 : enums.curve.curve25519; options.curve = options.sign ? enums.curve.ed25519Legacy : enums.curve.x25519Legacy;
} }
if (options.sign) { if (options.sign) {
options.algorithm = options.curve === enums.curve.ed25519 ? enums.publicKey.eddsaLegacy : enums.publicKey.ecdsa; options.algorithm = options.curve === enums.curve.ed25519Legacy ? enums.publicKey.eddsaLegacy : enums.publicKey.ecdsa;
} else { } else {
options.algorithm = enums.publicKey.ecdh; options.algorithm = enums.publicKey.ecdh;
} }

8
test/general/config.js
View File

@ -296,11 +296,11 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI
})).to.be.eventually.rejectedWith(/ecdh keys are considered too weak/); })).to.be.eventually.rejectedWith(/ecdh keys are considered too weak/);
await expect(openpgp.encrypt({ await expect(openpgp.encrypt({
message, encryptionKeys: [key], config: { rejectCurves: new Set([openpgp.enums.curve.curve25519]) } message, encryptionKeys: [key], config: { rejectCurves: new Set([openpgp.enums.curve.x25519Legacy]) }
})).to.be.eventually.rejectedWith(/Support for ecdh keys using curve curve25519 is disabled/); })).to.be.eventually.rejectedWith(/Support for ecdh keys using curve curve25519 is disabled/);
const echdEncrypted = await openpgp.encrypt({ const echdEncrypted = await openpgp.encrypt({
message, encryptionKeys: [key], config: { rejectCurves: new Set([openpgp.enums.curve.ed25519]) } message, encryptionKeys: [key], config: { rejectCurves: new Set([openpgp.enums.curve.ed25519Legacy]) }
}); });
expect(echdEncrypted).to.match(/---BEGIN PGP MESSAGE---/); expect(echdEncrypted).to.match(/---BEGIN PGP MESSAGE---/);
} finally { } finally {
@ -369,7 +369,7 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI
message, signingKeys: [key], config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsaLegacy]) } message, signingKeys: [key], config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsaLegacy]) }
})).to.be.eventually.rejectedWith(/eddsa keys are considered too weak/); })).to.be.eventually.rejectedWith(/eddsa keys are considered too weak/);
await expect(openpgp.sign({ await expect(openpgp.sign({
message, signingKeys: [key], config: { rejectCurves: new Set([openpgp.enums.curve.ed25519]) } message, signingKeys: [key], config: { rejectCurves: new Set([openpgp.enums.curve.ed25519Legacy]) }
})).to.be.eventually.rejectedWith(/Support for eddsa keys using curve ed25519 is disabled/); })).to.be.eventually.rejectedWith(/Support for eddsa keys using curve ed25519 is disabled/);
}); });
@ -419,7 +419,7 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI
const opt5 = { const opt5 = {
message: await openpgp.readMessage({ armoredMessage: signed }), message: await openpgp.readMessage({ armoredMessage: signed }),
verificationKeys: [key], verificationKeys: [key],
config: { rejectCurves: new Set([openpgp.enums.curve.ed25519]) } config: { rejectCurves: new Set([openpgp.enums.curve.ed25519Legacy]) }
}; };
const { signatures: [sig5] } = await openpgp.verify(opt5); const { signatures: [sig5] } = await openpgp.verify(opt5);
await expect(sig5.verified).to.be.eventually.rejectedWith(/Support for eddsa keys using curve ed25519 is disabled/); await expect(sig5.verified).to.be.eventually.rejectedWith(/Support for eddsa keys using curve ed25519 is disabled/);

2
test/general/key.js
View File

@ -4070,7 +4070,7 @@ XvmoLueOOShu01X/kaylMqaT8w==
const subkey = newPrivateKey.subkeys[total]; const subkey = newPrivateKey.subkeys[total];
expect(subkey).to.exist; expect(subkey).to.exist;
expect(subkey.getAlgorithmInfo().algorithm).to.be.equal('ecdh'); expect(subkey.getAlgorithmInfo().algorithm).to.be.equal('ecdh');
expect(subkey.getAlgorithmInfo().curve).to.be.equal(openpgp.enums.curve.curve25519); expect(subkey.getAlgorithmInfo().curve).to.be.equal(openpgp.enums.curve.x25519Legacy);
await subkey.verify(); await subkey.verify();
}); });