From a184ef6ec420e364233d65726d7b7f986aacab6e Mon Sep 17 00:00:00 2001 From: Daniel Huigens Date: Mon, 12 Aug 2019 15:44:50 +0200 Subject: [PATCH] Remove support for the previous draft00 AEAD --- README.md | 2 - src/config/config.js | 10 +- src/key.js | 4 +- src/message.js | 4 +- src/openpgp.js | 5 +- src/packet/sym_encrypted_aead_protected.js | 144 ++++++++++----------- src/packet/sym_encrypted_session_key.js | 2 +- test/general/key.js | 8 +- test/general/openpgp.js | 17 +-- test/general/packet.js | 35 +---- test/general/streaming.js | 8 +- 11 files changed, 88 insertions(+), 151 deletions(-) diff --git a/README.md b/README.md index 888a4624..e9d09d57 100644 --- a/README.md +++ b/README.md @@ -92,8 +92,6 @@ library to convert back and forth between them. openpgp.config.aead_mode = openpgp.enums.aead.experimental_gcm // **Non-standard**, fastest ``` - We previously also implemented an [earlier version](https://tools.ietf.org/html/draft-ford-openpgp-format-00) of the draft (using GCM), which you could enable by setting `openpgp.config.aead_protect = true`. If you need to stay compatible with that version, you need to set `openpgp.config.aead_protect_version = 0`. - * For environments that don't provide native crypto, the library falls back to [asm.js](https://caniuse.com/#feat=asmjs) implementations of AES, SHA-1, and SHA-256. We use [Rusha](https://github.com/srijs/rusha) and [asmCrypto Lite](https://github.com/openpgpjs/asmcrypto-lite) (a minimal subset of asmCrypto.js built specifically for OpenPGP.js). diff --git a/src/config/config.js b/src/config/config.js index f88c70df..b584001b 100644 --- a/src/config/config.js +++ b/src/config/config.js @@ -48,19 +48,11 @@ export default { * Use Authenticated Encryption with Additional Data (AEAD) protection for symmetric encryption. * **NOT INTEROPERABLE WITH OTHER OPENPGP IMPLEMENTATIONS** * **FUTURE OPENPGP.JS VERSIONS MAY BREAK COMPATIBILITY WHEN USING THIS OPTION** + * @see {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-07|RFC4880bis-07} * @memberof module:config * @property {Boolean} aead_protect */ aead_protect: false, - /** - * Use Authenticated Encryption with Additional Data (AEAD) protection for symmetric encryption. - * 0 means we implement a variant of {@link https://tools.ietf.org/html/draft-ford-openpgp-format-00|this IETF draft}. - * 4 means we implement {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04|RFC4880bis-04}. - * Note that this determines how AEAD packets are parsed even when aead_protect is set to false - * @memberof module:config - * @property {Integer} aead_protect_version - */ - aead_protect_version: 4, /** * Default Authenticated Encryption with Additional Data (AEAD) encryption mode * Only has an effect when aead_protect is set to true. diff --git a/src/key.js b/src/key.js index 430c0f03..0d441a91 100644 --- a/src/key.js +++ b/src/key.js @@ -1500,7 +1500,7 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) { enums.symmetric.cast5, enums.symmetric.tripledes ], config.encryption_cipher); - if (config.aead_protect && config.aead_protect_version === 4) { + if (config.aead_protect) { signaturePacket.preferredAeadAlgorithms = createdPreferredAlgos([ enums.aead.eax, enums.aead.ocb @@ -1523,7 +1523,7 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) { signaturePacket.features = [0]; signaturePacket.features[0] |= enums.features.modification_detection; } - if (config.aead_protect && config.aead_protect_version === 4) { + if (config.aead_protect) { signaturePacket.features || (signaturePacket.features = [0]); signaturePacket.features[0] |= enums.features.aead; } diff --git a/src/message.js b/src/message.js index 72d82482..5b2bc51c 100644 --- a/src/message.js +++ b/src/message.js @@ -299,7 +299,7 @@ Message.prototype.encrypt = async function(keys, passwords, sessionKey, wildcard sessionKey = sessionKey.data; } else if (keys && keys.length) { symAlgo = enums.read(enums.symmetric, await getPreferredAlgo('symmetric', keys, date, userIds)); - if (config.aead_protect && config.aead_protect_version === 4 && await isAeadSupported(keys, date, userIds)) { + if (config.aead_protect && await isAeadSupported(keys, date, userIds)) { aeadAlgo = enums.read(enums.aead, await getPreferredAlgo('aead', keys, date, userIds)); } } else if (passwords && passwords.length) { @@ -315,7 +315,7 @@ Message.prototype.encrypt = async function(keys, passwords, sessionKey, wildcard const msg = await encryptSessionKey(sessionKey, symAlgo, aeadAlgo, keys, passwords, wildcard, date, userIds); - if (config.aead_protect && (config.aead_protect_version !== 4 || aeadAlgo)) { + if (config.aead_protect && aeadAlgo) { symEncryptedPacket = new packet.SymEncryptedAEADProtected(); symEncryptedPacket.aeadAlgorithm = aeadAlgo; } else if (config.integrity_protect) { diff --git a/src/openpgp.js b/src/openpgp.js index e86b32ee..4d10c8a6 100644 --- a/src/openpgp.js +++ b/src/openpgp.js @@ -712,8 +712,5 @@ function onError(message, error) { * @returns {Boolean} If authenticated encryption should be used */ function nativeAEAD() { - return config.aead_protect && ( - ((config.aead_protect_version !== 4 || config.aead_mode === enums.aead.experimental_gcm) && util.getWebCrypto()) || - (config.aead_protect_version === 4 && config.aead_mode === enums.aead.eax && util.getWebCrypto()) - ); + return config.aead_protect && (config.aead_mode === enums.aead.eax || config.aead_mode === enums.aead.experimental_gcm) && util.getWebCrypto(); } diff --git a/src/packet/sym_encrypted_aead_protected.js b/src/packet/sym_encrypted_aead_protected.js index 6332c058..70bbdaef 100644 --- a/src/packet/sym_encrypted_aead_protected.js +++ b/src/packet/sym_encrypted_aead_protected.js @@ -63,13 +63,9 @@ SymEncryptedAEADProtected.prototype.read = async function (bytes) { if (await reader.readByte() !== VERSION) { // The only currently defined value is 1. throw new Error('Invalid packet version.'); } - if (config.aead_protect_version === 4) { - this.cipherAlgo = await reader.readByte(); - this.aeadAlgo = await reader.readByte(); - this.chunkSizeByte = await reader.readByte(); - } else { - this.aeadAlgo = enums.aead.experimental_gcm; - } + this.cipherAlgo = await reader.readByte(); + this.aeadAlgo = await reader.readByte(); + this.chunkSizeByte = await reader.readByte(); const mode = crypto[enums.read(enums.aead, this.aeadAlgo)]; this.iv = await reader.readBytes(mode.ivLength); this.encrypted = reader.remainder(); @@ -81,10 +77,7 @@ SymEncryptedAEADProtected.prototype.read = async function (bytes) { * @returns {Uint8Array | ReadableStream} The encrypted payload */ SymEncryptedAEADProtected.prototype.write = function () { - if (config.aead_protect_version === 4) { - return util.concat([new Uint8Array([this.version, this.cipherAlgo, this.aeadAlgo, this.chunkSizeByte]), this.iv, this.encrypted]); - } - return util.concat([new Uint8Array([this.version]), this.iv, this.encrypted]); + return util.concat([new Uint8Array([this.version, this.cipherAlgo, this.aeadAlgo, this.chunkSizeByte]), this.iv, this.encrypted]); }; /** @@ -96,9 +89,6 @@ SymEncryptedAEADProtected.prototype.write = function () { * @async */ SymEncryptedAEADProtected.prototype.decrypt = async function (sessionKeyAlgorithm, key, streaming) { - if (config.aead_protect_version !== 4) { - this.cipherAlgo = enums.write(enums.symmetric, sessionKeyAlgorithm); - } await this.packets.read(await this.crypt('decrypt', key, stream.clone(this.encrypted), streaming), streaming); return true; }; @@ -112,7 +102,7 @@ SymEncryptedAEADProtected.prototype.decrypt = async function (sessionKeyAlgorith */ SymEncryptedAEADProtected.prototype.encrypt = async function (sessionKeyAlgorithm, key, streaming) { this.cipherAlgo = enums.write(enums.symmetric, sessionKeyAlgorithm); - this.aeadAlgo = config.aead_protect_version === 4 ? enums.write(enums.aead, this.aeadAlgorithm) : enums.aead.experimental_gcm; + this.aeadAlgo = enums.write(enums.aead, this.aeadAlgorithm); const mode = crypto[enums.read(enums.aead, this.aeadAlgo)]; this.iv = await crypto.random.getRandomBytes(mode.ivLength); // generate new random IV this.chunkSizeByte = config.aead_chunk_size_byte; @@ -133,69 +123,65 @@ SymEncryptedAEADProtected.prototype.crypt = async function (fn, key, data, strea const cipher = enums.read(enums.symmetric, this.cipherAlgo); const mode = crypto[enums.read(enums.aead, this.aeadAlgo)]; const modeInstance = await mode(cipher, key); - if (config.aead_protect_version === 4) { - const tagLengthIfDecrypting = fn === 'decrypt' ? mode.tagLength : 0; - const chunkSize = 2 ** (this.chunkSizeByte + 6) + tagLengthIfDecrypting; // ((uint64_t)1 << (c + 6)) - const adataBuffer = new ArrayBuffer(21); - const adataArray = new Uint8Array(adataBuffer, 0, 13); - const adataTagArray = new Uint8Array(adataBuffer); - const adataView = new DataView(adataBuffer); - const chunkIndexArray = new Uint8Array(adataBuffer, 5, 8); - adataArray.set([0xC0 | this.tag, this.version, this.cipherAlgo, this.aeadAlgo, this.chunkSizeByte], 0); - let chunkIndex = 0; - let latestPromise = Promise.resolve(); - let cryptedBytes = 0; - let queuedBytes = 0; - const iv = this.iv; - return stream.transformPair(data, async (readable, writable) => { - const reader = stream.getReader(readable); - const buffer = new TransformStream({}, { - highWaterMark: streaming ? util.getHardwareConcurrency() * 2 ** (config.aead_chunk_size_byte + 6) : Infinity, - size: array => array.length - }); - stream.pipe(buffer.readable, writable); - const writer = stream.getWriter(buffer.writable); - try { - while (true) { - let chunk = await reader.readBytes(chunkSize + tagLengthIfDecrypting) || new Uint8Array(); - const finalChunk = chunk.subarray(chunk.length - tagLengthIfDecrypting); - chunk = chunk.subarray(0, chunk.length - tagLengthIfDecrypting); - let cryptedPromise; - let done; - if (!chunkIndex || chunk.length) { - reader.unshift(finalChunk); - cryptedPromise = modeInstance[fn](chunk, mode.getNonce(iv, chunkIndexArray), adataArray); - } else { - // After the last chunk, we either encrypt a final, empty - // data chunk to get the final authentication tag or - // validate that final authentication tag. - adataView.setInt32(13 + 4, cryptedBytes); // Should be setInt64(13, ...) - cryptedPromise = modeInstance[fn](finalChunk, mode.getNonce(iv, chunkIndexArray), adataTagArray); - done = true; - } - cryptedBytes += chunk.length - tagLengthIfDecrypting; - queuedBytes += chunk.length - tagLengthIfDecrypting; - // eslint-disable-next-line no-loop-func - latestPromise = latestPromise.then(() => cryptedPromise).then(async crypted => { - await writer.ready; - await writer.write(crypted); - queuedBytes -= chunk.length; - }).catch(err => writer.abort(err)); - if (done || queuedBytes > writer.desiredSize) { - await latestPromise; // Respect backpressure - } - if (!done) { - adataView.setInt32(5 + 4, ++chunkIndex); // Should be setInt64(5, ...) - } else { - await writer.close(); - break; - } - } - } catch(e) { - await writer.abort(e); - } + const tagLengthIfDecrypting = fn === 'decrypt' ? mode.tagLength : 0; + const chunkSize = 2 ** (this.chunkSizeByte + 6) + tagLengthIfDecrypting; // ((uint64_t)1 << (c + 6)) + const adataBuffer = new ArrayBuffer(21); + const adataArray = new Uint8Array(adataBuffer, 0, 13); + const adataTagArray = new Uint8Array(adataBuffer); + const adataView = new DataView(adataBuffer); + const chunkIndexArray = new Uint8Array(adataBuffer, 5, 8); + adataArray.set([0xC0 | this.tag, this.version, this.cipherAlgo, this.aeadAlgo, this.chunkSizeByte], 0); + let chunkIndex = 0; + let latestPromise = Promise.resolve(); + let cryptedBytes = 0; + let queuedBytes = 0; + const iv = this.iv; + return stream.transformPair(data, async (readable, writable) => { + const reader = stream.getReader(readable); + const buffer = new TransformStream({}, { + highWaterMark: streaming ? util.getHardwareConcurrency() * 2 ** (config.aead_chunk_size_byte + 6) : Infinity, + size: array => array.length }); - } else { - return modeInstance[fn](await stream.readToEnd(data), this.iv); - } + stream.pipe(buffer.readable, writable); + const writer = stream.getWriter(buffer.writable); + try { + while (true) { + let chunk = await reader.readBytes(chunkSize + tagLengthIfDecrypting) || new Uint8Array(); + const finalChunk = chunk.subarray(chunk.length - tagLengthIfDecrypting); + chunk = chunk.subarray(0, chunk.length - tagLengthIfDecrypting); + let cryptedPromise; + let done; + if (!chunkIndex || chunk.length) { + reader.unshift(finalChunk); + cryptedPromise = modeInstance[fn](chunk, mode.getNonce(iv, chunkIndexArray), adataArray); + } else { + // After the last chunk, we either encrypt a final, empty + // data chunk to get the final authentication tag or + // validate that final authentication tag. + adataView.setInt32(13 + 4, cryptedBytes); // Should be setInt64(13, ...) + cryptedPromise = modeInstance[fn](finalChunk, mode.getNonce(iv, chunkIndexArray), adataTagArray); + done = true; + } + cryptedBytes += chunk.length - tagLengthIfDecrypting; + queuedBytes += chunk.length - tagLengthIfDecrypting; + // eslint-disable-next-line no-loop-func + latestPromise = latestPromise.then(() => cryptedPromise).then(async crypted => { + await writer.ready; + await writer.write(crypted); + queuedBytes -= chunk.length; + }).catch(err => writer.abort(err)); + if (done || queuedBytes > writer.desiredSize) { + await latestPromise; // Respect backpressure + } + if (!done) { + adataView.setInt32(5 + 4, ++chunkIndex); // Should be setInt64(5, ...) + } else { + await writer.close(); + break; + } + } + } catch(e) { + await writer.abort(e); + } + }); }; diff --git a/src/packet/sym_encrypted_session_key.js b/src/packet/sym_encrypted_session_key.js index a526c3f5..b1422080 100644 --- a/src/packet/sym_encrypted_session_key.js +++ b/src/packet/sym_encrypted_session_key.js @@ -49,7 +49,7 @@ import util from '../util'; */ function SymEncryptedSessionKey() { this.tag = enums.packet.symEncryptedSessionKey; - this.version = config.aead_protect && config.aead_protect_version === 4 ? 5 : 4; + this.version = config.aead_protect ? 5 : 4; this.sessionKey = null; this.sessionKeyEncryptionAlgorithm = null; this.sessionKeyAlgorithm = 'aes256'; diff --git a/test/general/key.js b/test/general/key.js index d56e6a62..f6e6d09f 100644 --- a/test/general/key.js +++ b/test/general/key.js @@ -1672,7 +1672,7 @@ function versionSpecificTests() { expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage); const sym = openpgp.enums.symmetric; expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes256, sym.aes128, sym.aes192, sym.cast5, sym.tripledes]); - if (openpgp.config.aead_protect && openpgp.config.aead_protect_version === 4) { + if (openpgp.config.aead_protect) { const aead = openpgp.enums.aead; expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.eax, aead.ocb]); } @@ -1709,7 +1709,7 @@ function versionSpecificTests() { expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage); const sym = openpgp.enums.symmetric; expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes192, sym.aes256, sym.aes128, sym.cast5, sym.tripledes]); - if (openpgp.config.aead_protect && openpgp.config.aead_protect_version === 4) { + if (openpgp.config.aead_protect) { const aead = openpgp.enums.aead; expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.experimental_gcm, aead.eax, aead.ocb]); } @@ -2210,21 +2210,17 @@ describe('Key', function() { let v5_keysVal; let aead_protectVal; - let aead_protect_versionVal; tryTests('V5', versionSpecificTests, { if: !openpgp.config.saucelabs, beforeEach: function() { v5_keysVal = openpgp.config.v5_keys; aead_protectVal = openpgp.config.aead_protect; - aead_protect_versionVal = openpgp.config.aead_protect_version; openpgp.config.v5_keys = true; openpgp.config.aead_protect = true; - openpgp.config.aead_protect_version = 4; }, afterEach: function() { openpgp.config.v5_keys = v5_keysVal; openpgp.config.aead_protect = aead_protectVal; - openpgp.config.aead_protect_version = aead_protect_versionVal; } }); diff --git a/test/general/openpgp.js b/test/general/openpgp.js index e6758b09..1d76dd40 100644 --- a/test/general/openpgp.js +++ b/test/general/openpgp.js @@ -693,7 +693,6 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() { let zero_copyVal; let use_nativeVal; let aead_protectVal; - let aead_protect_versionVal; let aead_modeVal; let aead_chunk_size_byteVal; let v5_keysVal; @@ -721,7 +720,6 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() { zero_copyVal = openpgp.config.zero_copy; use_nativeVal = openpgp.config.use_native; aead_protectVal = openpgp.config.aead_protect; - aead_protect_versionVal = openpgp.config.aead_protect_version; aead_modeVal = openpgp.config.aead_mode; aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte; v5_keysVal = openpgp.config.v5_keys; @@ -731,7 +729,6 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() { openpgp.config.zero_copy = zero_copyVal; openpgp.config.use_native = use_nativeVal; openpgp.config.aead_protect = aead_protectVal; - openpgp.config.aead_protect_version = aead_protect_versionVal; openpgp.config.aead_mode = aead_modeVal; openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal; openpgp.config.v5_keys = v5_keysVal; @@ -849,14 +846,6 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() { } }); - tryTests('GCM mode', tests, { - if: !openpgp.config.saucelabs, - beforeEach: function() { - openpgp.config.aead_protect = true; - openpgp.config.aead_protect_version = 0; - } - }); - tryTests('GCM mode (V5 keys)', tests, { if: true, beforeEach: function() { @@ -1199,7 +1188,7 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() { return openpgp.encrypt(encOpt).then(async function (encrypted) { expect(encrypted.data).to.match(/^-----BEGIN PGP MESSAGE/); decOpt.message = await openpgp.message.readArmored(encrypted.data); - expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aead_protect && openpgp.config.aead_protect_version !== 4); + expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(false); return openpgp.decrypt(decOpt); }).then(function (decrypted) { expect(decrypted.data).to.equal(plaintext); @@ -1222,7 +1211,7 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() { return openpgp.encrypt(encOpt).then(async function (encrypted) { expect(encrypted.data).to.match(/^-----BEGIN PGP MESSAGE/); decOpt.message = await openpgp.message.readArmored(encrypted.data); - expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aead_protect && openpgp.config.aead_protect_version !== 4); + expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(false); return openpgp.decrypt(decOpt); }).then(function (decrypted) { expect(decrypted.data).to.equal(plaintext); @@ -1264,7 +1253,7 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() { }; return openpgp.encrypt(encOpt).then(async function (encrypted) { decOpt.message = await openpgp.message.readArmored(encrypted.data); - expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aead_protect && openpgp.config.aead_protect_version !== 4); + expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(false); return openpgp.decrypt(decOpt); }).then(async function (decrypted) { expect(decrypted.data).to.equal(plaintext); diff --git a/test/general/packet.js b/test/general/packet.js index 53a40fb8..6451aaf1 100644 --- a/test/general/packet.js +++ b/test/general/packet.js @@ -150,11 +150,9 @@ describe("Packet", function() { }); }); - it('Sym. encrypted AEAD protected packet (draft04)', async function() { + it('Sym. encrypted AEAD protected packet (AEAD)', async function() { let aead_protectVal = openpgp.config.aead_protect; - let aead_protect_versionVal = openpgp.config.aead_protect_version; openpgp.config.aead_protect = true; - openpgp.config.aead_protect_version = 4; const testText = input.createSomeMessage(); const key = new Uint8Array([1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2]); @@ -177,7 +175,6 @@ describe("Packet", function() { expect(await openpgp.stream.readToEnd(msg2[0].packets[0].data)).to.deep.equal(literal.data); } finally { openpgp.config.aead_protect = aead_protectVal; - openpgp.config.aead_protect_version = aead_protect_versionVal; } }); @@ -201,17 +198,15 @@ describe("Packet", function() { return cryptStub; } - it('Sym. encrypted AEAD protected packet is encrypted in parallel (GCM, draft04)', async function() { + it('Sym. encrypted AEAD protected packet is encrypted in parallel (AEAD, GCM)', async function() { const webCrypto = openpgp.util.getWebCrypto(); if (!webCrypto) return; const encryptStub = cryptStub(webCrypto, 'encrypt'); const decryptStub = cryptStub(webCrypto, 'decrypt'); let aead_protectVal = openpgp.config.aead_protect; - let aead_protect_versionVal = openpgp.config.aead_protect_version; let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte; openpgp.config.aead_protect = true; - openpgp.config.aead_protect_version = 4; openpgp.config.aead_chunk_size_byte = 0; const testText = input.createSomeMessage(); @@ -238,14 +233,13 @@ describe("Packet", function() { expect(decryptStub.callCount > 1).to.be.true; } finally { openpgp.config.aead_protect = aead_protectVal; - openpgp.config.aead_protect_version = aead_protect_versionVal; openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal; encryptStub.restore(); decryptStub.restore(); } }); - it('Sym. encrypted AEAD protected packet test vector (draft04)', async function() { + it('Sym. encrypted AEAD protected packet test vector (AEAD)', async function() { // From https://gitlab.com/openpgp-wg/rfc4880bis/commit/00b20923e6233fb6ff1666ecd5acfefceb32907d let packetBytes = openpgp.util.hex_to_Uint8Array(` @@ -257,10 +251,8 @@ describe("Packet", function() { `.replace(/\s+/g, '')); let aead_protectVal = openpgp.config.aead_protect; - let aead_protect_versionVal = openpgp.config.aead_protect_version; let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte; openpgp.config.aead_protect = true; - openpgp.config.aead_protect_version = 4; openpgp.config.aead_chunk_size_byte = 14; const iv = openpgp.util.hex_to_Uint8Array('b7 32 37 9f 73 c4 92 8d e2 5f ac fe 65 17 ec 10'.replace(/\s+/g, '')); @@ -290,7 +282,6 @@ describe("Packet", function() { expect(await openpgp.stream.readToEnd(msg2[0].packets[0].data)).to.deep.equal(literal.data); } finally { openpgp.config.aead_protect = aead_protectVal; - openpgp.config.aead_protect_version = aead_protect_versionVal; openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal; randomBytesStub.restore(); } @@ -495,11 +486,9 @@ describe("Packet", function() { expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data)); }); - it('Sym. encrypted session key reading/writing (draft04)', async function() { + it('Sym. encrypted session key reading/writing (AEAD)', async function() { let aead_protectVal = openpgp.config.aead_protect; - let aead_protect_versionVal = openpgp.config.aead_protect_version; openpgp.config.aead_protect = true; - openpgp.config.aead_protect_version = 4; try { const passphrase = 'hello'; @@ -533,19 +522,16 @@ describe("Packet", function() { expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data)); } finally { openpgp.config.aead_protect = aead_protectVal; - openpgp.config.aead_protect_version = aead_protect_versionVal; } }); - it('Sym. encrypted session key reading/writing test vector (EAX, draft04)', async function() { + it('Sym. encrypted session key reading/writing test vector (EAX, AEAD)', async function() { // From https://gitlab.com/openpgp-wg/rfc4880bis/blob/00b20923/back.mkd#sample-aead-eax-encryption-and-decryption let aead_protectVal = openpgp.config.aead_protect; - let aead_protect_versionVal = openpgp.config.aead_protect_version; let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte; let s2k_iteration_count_byteVal = openpgp.config.s2k_iteration_count_byte; openpgp.config.aead_protect = true; - openpgp.config.aead_protect_version = 4; openpgp.config.aead_chunk_size_byte = 14; openpgp.config.s2k_iteration_count_byte = 0x90; @@ -608,22 +594,19 @@ describe("Packet", function() { expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data)); } finally { openpgp.config.aead_protect = aead_protectVal; - openpgp.config.aead_protect_version = aead_protect_versionVal; openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal; openpgp.config.s2k_iteration_count_byte = s2k_iteration_count_byteVal; randomBytesStub.restore(); } }); - it('Sym. encrypted session key reading/writing test vector (OCB, draft04)', async function() { + it('Sym. encrypted session key reading/writing test vector (AEAD, OCB)', async function() { // From https://gitlab.com/openpgp-wg/rfc4880bis/blob/00b20923/back.mkd#sample-aead-ocb-encryption-and-decryption let aead_protectVal = openpgp.config.aead_protect; - let aead_protect_versionVal = openpgp.config.aead_protect_version; let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte; let s2k_iteration_count_byteVal = openpgp.config.s2k_iteration_count_byte; openpgp.config.aead_protect = true; - openpgp.config.aead_protect_version = 4; openpgp.config.aead_chunk_size_byte = 14; openpgp.config.s2k_iteration_count_byte = 0x90; @@ -687,7 +670,6 @@ describe("Packet", function() { expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data)); } finally { openpgp.config.aead_protect = aead_protectVal; - openpgp.config.aead_protect_version = aead_protect_versionVal; openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal; openpgp.config.s2k_iteration_count_byte = s2k_iteration_count_byteVal; randomBytesStub.restore(); @@ -873,11 +855,9 @@ V+HOQJQxXJkVRYa3QrFUehiMzTeqqMdgC6ZqJy7+ }); }); - it('Writing and encryption of a secret key packet. (draft04)', async function() { + it('Writing and encryption of a secret key packet. (AEAD)', async function() { let aead_protectVal = openpgp.config.aead_protect; - let aead_protect_versionVal = openpgp.config.aead_protect_version; openpgp.config.aead_protect = true; - openpgp.config.aead_protect_version = 4; const key = new openpgp.packet.List(); key.push(new openpgp.packet.SecretKey()); @@ -905,7 +885,6 @@ V+HOQJQxXJkVRYa3QrFUehiMzTeqqMdgC6ZqJy7+ expect(key[0].params.toString()).to.equal(key2[0].params.toString()); } finally { openpgp.config.aead_protect = aead_protectVal; - openpgp.config.aead_protect_version = aead_protect_versionVal; } }); diff --git a/test/general/streaming.js b/test/general/streaming.js index e9ee2a1b..72aab6fe 100644 --- a/test/general/streaming.js +++ b/test/general/streaming.js @@ -353,7 +353,7 @@ function tests() { expect(verified.signatures).to.exist.and.have.length(1); }); - it('Encrypt and decrypt larger message roundtrip (draft04)', async function() { + it('Encrypt and decrypt larger message roundtrip (AEAD)', async function() { let aead_protectValue = openpgp.config.aead_protect; let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte; openpgp.config.aead_protect = true; @@ -382,7 +382,7 @@ function tests() { } }); - it('Encrypt and decrypt larger text message roundtrip (draft04)', async function() { + it('Encrypt and decrypt larger text message roundtrip (AEAD)', async function() { let aead_protectValue = openpgp.config.aead_protect; let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte; openpgp.config.aead_protect = true; @@ -449,7 +449,7 @@ function tests() { expect(canceled).to.be.true; }); - it('Input stream should be canceled when canceling decrypted stream (draft04)', async function() { + it('Input stream should be canceled when canceling decrypted stream (AEAD)', async function() { let aead_protectValue = openpgp.config.aead_protect; let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte; openpgp.config.aead_protect = true; @@ -527,7 +527,7 @@ function tests() { expect(i).to.be.lessThan(expectedType === 'web' ? 50 : 100); }); - it("Don't pull entire input stream when we're not pulling decrypted stream (draft04)", async function() { + it("Don't pull entire input stream when we're not pulling decrypted stream (AEAD)", async function() { let aead_protectValue = openpgp.config.aead_protect; let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte; openpgp.config.aead_protect = true;