suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove support for the previous draft00 AEAD

Browse Source
This commit is contained in:
Daniel Huigens 2019-08-12 15:44:50 +02:00
parent 80c535eeb7
commit a184ef6ec4
11 changed files with 88 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -92,8 +92,6 @@ library to convert back and forth between them.
openpgp.config.aead_mode = openpgp.enums.aead.experimental_gcm // **Non-standard**, fastest openpgp.config.aead_mode = openpgp.enums.aead.experimental_gcm // **Non-standard**, fastest
``` ```
We previously also implemented an [earlier version](https://tools.ietf.org/html/draft-ford-openpgp-format-00) of the draft (using GCM), which you could enable by setting `openpgp.config.aead_protect = true`. If you need to stay compatible with that version, you need to set `openpgp.config.aead_protect_version = 0`.
* For environments that don't provide native crypto, the library falls back to [asm.js](https://caniuse.com/#feat=asmjs) implementations of AES, SHA-1, and SHA-256. We use [Rusha](https://github.com/srijs/rusha) and [asmCrypto Lite](https://github.com/openpgpjs/asmcrypto-lite) (a minimal subset of asmCrypto.js built specifically for OpenPGP.js). * For environments that don't provide native crypto, the library falls back to [asm.js](https://caniuse.com/#feat=asmjs) implementations of AES, SHA-1, and SHA-256. We use [Rusha](https://github.com/srijs/rusha) and [asmCrypto Lite](https://github.com/openpgpjs/asmcrypto-lite) (a minimal subset of asmCrypto.js built specifically for OpenPGP.js).

10
src/config/config.js
View File

@ -48,19 +48,11 @@ export default {
* Use Authenticated Encryption with Additional Data (AEAD) protection for symmetric encryption. * Use Authenticated Encryption with Additional Data (AEAD) protection for symmetric encryption.
* **NOT INTEROPERABLE WITH OTHER OPENPGP IMPLEMENTATIONS** * **NOT INTEROPERABLE WITH OTHER OPENPGP IMPLEMENTATIONS**
* **FUTURE OPENPGP.JS VERSIONS MAY BREAK COMPATIBILITY WHEN USING THIS OPTION** * **FUTURE OPENPGP.JS VERSIONS MAY BREAK COMPATIBILITY WHEN USING THIS OPTION**
* @see {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-07|RFC4880bis-07}
* @memberof module:config * @memberof module:config
* @property {Boolean} aead_protect * @property {Boolean} aead_protect
*/ */
aead_protect: false, aead_protect: false,
/**
* Use Authenticated Encryption with Additional Data (AEAD) protection for symmetric encryption.
* 0 means we implement a variant of {@link https://tools.ietf.org/html/draft-ford-openpgp-format-00|this IETF draft}.
* 4 means we implement {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04|RFC4880bis-04}.
* Note that this determines how AEAD packets are parsed even when aead_protect is set to false
* @memberof module:config
* @property {Integer} aead_protect_version
*/
aead_protect_version: 4,
/** /**
* Default Authenticated Encryption with Additional Data (AEAD) encryption mode * Default Authenticated Encryption with Additional Data (AEAD) encryption mode
* Only has an effect when aead_protect is set to true. * Only has an effect when aead_protect is set to true.

4
src/key.js
View File

@ -1500,7 +1500,7 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
enums.symmetric.cast5, enums.symmetric.cast5,
enums.symmetric.tripledes enums.symmetric.tripledes
], config.encryption_cipher); ], config.encryption_cipher);
if (config.aead_protect && config.aead_protect_version === 4) { if (config.aead_protect) {
signaturePacket.preferredAeadAlgorithms = createdPreferredAlgos([ signaturePacket.preferredAeadAlgorithms = createdPreferredAlgos([
enums.aead.eax, enums.aead.eax,
enums.aead.ocb enums.aead.ocb
@ -1523,7 +1523,7 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
signaturePacket.features = [0]; signaturePacket.features = [0];
signaturePacket.features[0] |= enums.features.modification_detection; signaturePacket.features[0] |= enums.features.modification_detection;
} }
if (config.aead_protect && config.aead_protect_version === 4) { if (config.aead_protect) {
signaturePacket.features || (signaturePacket.features = [0]); signaturePacket.features || (signaturePacket.features = [0]);
signaturePacket.features[0] |= enums.features.aead; signaturePacket.features[0] |= enums.features.aead;
} }

4
src/message.js
View File

@ -299,7 +299,7 @@ Message.prototype.encrypt = async function(keys, passwords, sessionKey, wildcard
sessionKey = sessionKey.data; sessionKey = sessionKey.data;
} else if (keys && keys.length) { } else if (keys && keys.length) {
symAlgo = enums.read(enums.symmetric, await getPreferredAlgo('symmetric', keys, date, userIds)); symAlgo = enums.read(enums.symmetric, await getPreferredAlgo('symmetric', keys, date, userIds));
if (config.aead_protect && config.aead_protect_version === 4 && await isAeadSupported(keys, date, userIds)) { if (config.aead_protect && await isAeadSupported(keys, date, userIds)) {
aeadAlgo = enums.read(enums.aead, await getPreferredAlgo('aead', keys, date, userIds)); aeadAlgo = enums.read(enums.aead, await getPreferredAlgo('aead', keys, date, userIds));
} }
} else if (passwords && passwords.length) { } else if (passwords && passwords.length) {
@ -315,7 +315,7 @@ Message.prototype.encrypt = async function(keys, passwords, sessionKey, wildcard
const msg = await encryptSessionKey(sessionKey, symAlgo, aeadAlgo, keys, passwords, wildcard, date, userIds); const msg = await encryptSessionKey(sessionKey, symAlgo, aeadAlgo, keys, passwords, wildcard, date, userIds);
if (config.aead_protect && (config.aead_protect_version !== 4 || aeadAlgo)) { if (config.aead_protect && aeadAlgo) {
symEncryptedPacket = new packet.SymEncryptedAEADProtected(); symEncryptedPacket = new packet.SymEncryptedAEADProtected();
symEncryptedPacket.aeadAlgorithm = aeadAlgo; symEncryptedPacket.aeadAlgorithm = aeadAlgo;
} else if (config.integrity_protect) { } else if (config.integrity_protect) {

5
src/openpgp.js
View File

@ -712,8 +712,5 @@ function onError(message, error) {
* @returns {Boolean} If authenticated encryption should be used * @returns {Boolean} If authenticated encryption should be used
*/ */
function nativeAEAD() { function nativeAEAD() {
return config.aead_protect && ( return config.aead_protect && (config.aead_mode === enums.aead.eax || config.aead_mode === enums.aead.experimental_gcm) && util.getWebCrypto();
((config.aead_protect_version !== 4 || config.aead_mode === enums.aead.experimental_gcm) && util.getWebCrypto()) ||
(config.aead_protect_version === 4 && config.aead_mode === enums.aead.eax && util.getWebCrypto())
);
} }

16
src/packet/sym_encrypted_aead_protected.js
View File

@ -63,13 +63,9 @@ SymEncryptedAEADProtected.prototype.read = async function (bytes) {
if (await reader.readByte() !== VERSION) { // The only currently defined value is 1. if (await reader.readByte() !== VERSION) { // The only currently defined value is 1.
throw new Error('Invalid packet version.'); throw new Error('Invalid packet version.');
} }
if (config.aead_protect_version === 4) {
this.cipherAlgo = await reader.readByte(); this.cipherAlgo = await reader.readByte();
this.aeadAlgo = await reader.readByte(); this.aeadAlgo = await reader.readByte();
this.chunkSizeByte = await reader.readByte(); this.chunkSizeByte = await reader.readByte();
} else {
this.aeadAlgo = enums.aead.experimental_gcm;
}
const mode = crypto[enums.read(enums.aead, this.aeadAlgo)]; const mode = crypto[enums.read(enums.aead, this.aeadAlgo)];
this.iv = await reader.readBytes(mode.ivLength); this.iv = await reader.readBytes(mode.ivLength);
this.encrypted = reader.remainder(); this.encrypted = reader.remainder();
@ -81,10 +77,7 @@ SymEncryptedAEADProtected.prototype.read = async function (bytes) {
* @returns {Uint8Array | ReadableStream<Uint8Array>} The encrypted payload * @returns {Uint8Array | ReadableStream<Uint8Array>} The encrypted payload
*/ */
SymEncryptedAEADProtected.prototype.write = function () { SymEncryptedAEADProtected.prototype.write = function () {
if (config.aead_protect_version === 4) {
return util.concat([new Uint8Array([this.version, this.cipherAlgo, this.aeadAlgo, this.chunkSizeByte]), this.iv, this.encrypted]); return util.concat([new Uint8Array([this.version, this.cipherAlgo, this.aeadAlgo, this.chunkSizeByte]), this.iv, this.encrypted]);
}
return util.concat([new Uint8Array([this.version]), this.iv, this.encrypted]);
}; };
/** /**
@ -96,9 +89,6 @@ SymEncryptedAEADProtected.prototype.write = function () {
* @async * @async
*/ */
SymEncryptedAEADProtected.prototype.decrypt = async function (sessionKeyAlgorithm, key, streaming) { SymEncryptedAEADProtected.prototype.decrypt = async function (sessionKeyAlgorithm, key, streaming) {
if (config.aead_protect_version !== 4) {
this.cipherAlgo = enums.write(enums.symmetric, sessionKeyAlgorithm);
}
await this.packets.read(await this.crypt('decrypt', key, stream.clone(this.encrypted), streaming), streaming); await this.packets.read(await this.crypt('decrypt', key, stream.clone(this.encrypted), streaming), streaming);
return true; return true;
}; };
@ -112,7 +102,7 @@ SymEncryptedAEADProtected.prototype.decrypt = async function (sessionKeyAlgorith
*/ */
SymEncryptedAEADProtected.prototype.encrypt = async function (sessionKeyAlgorithm, key, streaming) { SymEncryptedAEADProtected.prototype.encrypt = async function (sessionKeyAlgorithm, key, streaming) {
this.cipherAlgo = enums.write(enums.symmetric, sessionKeyAlgorithm); this.cipherAlgo = enums.write(enums.symmetric, sessionKeyAlgorithm);
this.aeadAlgo = config.aead_protect_version === 4 ? enums.write(enums.aead, this.aeadAlgorithm) : enums.aead.experimental_gcm; this.aeadAlgo = enums.write(enums.aead, this.aeadAlgorithm);
const mode = crypto[enums.read(enums.aead, this.aeadAlgo)]; const mode = crypto[enums.read(enums.aead, this.aeadAlgo)];
this.iv = await crypto.random.getRandomBytes(mode.ivLength); // generate new random IV this.iv = await crypto.random.getRandomBytes(mode.ivLength); // generate new random IV
this.chunkSizeByte = config.aead_chunk_size_byte; this.chunkSizeByte = config.aead_chunk_size_byte;
@ -133,7 +123,6 @@ SymEncryptedAEADProtected.prototype.crypt = async function (fn, key, data, strea
const cipher = enums.read(enums.symmetric, this.cipherAlgo); const cipher = enums.read(enums.symmetric, this.cipherAlgo);
const mode = crypto[enums.read(enums.aead, this.aeadAlgo)]; const mode = crypto[enums.read(enums.aead, this.aeadAlgo)];
const modeInstance = await mode(cipher, key); const modeInstance = await mode(cipher, key);
if (config.aead_protect_version === 4) {
const tagLengthIfDecrypting = fn === 'decrypt' ? mode.tagLength : 0; const tagLengthIfDecrypting = fn === 'decrypt' ? mode.tagLength : 0;
const chunkSize = 2 ** (this.chunkSizeByte + 6) + tagLengthIfDecrypting; // ((uint64_t)1 << (c + 6)) const chunkSize = 2 ** (this.chunkSizeByte + 6) + tagLengthIfDecrypting; // ((uint64_t)1 << (c + 6))
const adataBuffer = new ArrayBuffer(21); const adataBuffer = new ArrayBuffer(21);
@ -195,7 +184,4 @@ SymEncryptedAEADProtected.prototype.crypt = async function (fn, key, data, strea
await writer.abort(e); await writer.abort(e);
} }
}); });
} else {
return modeInstance[fn](await stream.readToEnd(data), this.iv);
}
}; };

2
src/packet/sym_encrypted_session_key.js
View File

@ -49,7 +49,7 @@ import util from '../util';
*/ */
function SymEncryptedSessionKey() { function SymEncryptedSessionKey() {
this.tag = enums.packet.symEncryptedSessionKey; this.tag = enums.packet.symEncryptedSessionKey;
this.version = config.aead_protect && config.aead_protect_version === 4 ? 5 : 4; this.version = config.aead_protect ? 5 : 4;
this.sessionKey = null; this.sessionKey = null;
this.sessionKeyEncryptionAlgorithm = null; this.sessionKeyEncryptionAlgorithm = null;
this.sessionKeyAlgorithm = 'aes256'; this.sessionKeyAlgorithm = 'aes256';

8
test/general/key.js
View File

@ -1672,7 +1672,7 @@ function versionSpecificTests() {
expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage); expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage);
const sym = openpgp.enums.symmetric; const sym = openpgp.enums.symmetric;
expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes256, sym.aes128, sym.aes192, sym.cast5, sym.tripledes]); expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes256, sym.aes128, sym.aes192, sym.cast5, sym.tripledes]);
if (openpgp.config.aead_protect && openpgp.config.aead_protect_version === 4) { if (openpgp.config.aead_protect) {
const aead = openpgp.enums.aead; const aead = openpgp.enums.aead;
expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.eax, aead.ocb]); expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.eax, aead.ocb]);
} }
@ -1709,7 +1709,7 @@ function versionSpecificTests() {
expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage); expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage);
const sym = openpgp.enums.symmetric; const sym = openpgp.enums.symmetric;
expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes192, sym.aes256, sym.aes128, sym.cast5, sym.tripledes]); expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes192, sym.aes256, sym.aes128, sym.cast5, sym.tripledes]);
if (openpgp.config.aead_protect && openpgp.config.aead_protect_version === 4) { if (openpgp.config.aead_protect) {
const aead = openpgp.enums.aead; const aead = openpgp.enums.aead;
expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.experimental_gcm, aead.eax, aead.ocb]); expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.experimental_gcm, aead.eax, aead.ocb]);
} }
@ -2210,21 +2210,17 @@ describe('Key', function() {
let v5_keysVal; let v5_keysVal;
let aead_protectVal; let aead_protectVal;
let aead_protect_versionVal;
tryTests('V5', versionSpecificTests, { tryTests('V5', versionSpecificTests, {
if: !openpgp.config.saucelabs, if: !openpgp.config.saucelabs,
beforeEach: function() { beforeEach: function() {
v5_keysVal = openpgp.config.v5_keys; v5_keysVal = openpgp.config.v5_keys;
aead_protectVal = openpgp.config.aead_protect; aead_protectVal = openpgp.config.aead_protect;
aead_protect_versionVal = openpgp.config.aead_protect_version;
openpgp.config.v5_keys = true; openpgp.config.v5_keys = true;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
openpgp.config.aead_protect_version = 4;
}, },
afterEach: function() { afterEach: function() {
openpgp.config.v5_keys = v5_keysVal; openpgp.config.v5_keys = v5_keysVal;
openpgp.config.aead_protect = aead_protectVal; openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_protect_version = aead_protect_versionVal;
} }
}); });

17
test/general/openpgp.js
View File

@ -693,7 +693,6 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
let zero_copyVal; let zero_copyVal;
let use_nativeVal; let use_nativeVal;
let aead_protectVal; let aead_protectVal;
let aead_protect_versionVal;
let aead_modeVal; let aead_modeVal;
let aead_chunk_size_byteVal; let aead_chunk_size_byteVal;
let v5_keysVal; let v5_keysVal;
@ -721,7 +720,6 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
zero_copyVal = openpgp.config.zero_copy; zero_copyVal = openpgp.config.zero_copy;
use_nativeVal = openpgp.config.use_native; use_nativeVal = openpgp.config.use_native;
aead_protectVal = openpgp.config.aead_protect; aead_protectVal = openpgp.config.aead_protect;
aead_protect_versionVal = openpgp.config.aead_protect_version;
aead_modeVal = openpgp.config.aead_mode; aead_modeVal = openpgp.config.aead_mode;
aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte; aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
v5_keysVal = openpgp.config.v5_keys; v5_keysVal = openpgp.config.v5_keys;
@ -731,7 +729,6 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
openpgp.config.zero_copy = zero_copyVal; openpgp.config.zero_copy = zero_copyVal;
openpgp.config.use_native = use_nativeVal; openpgp.config.use_native = use_nativeVal;
openpgp.config.aead_protect = aead_protectVal; openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_protect_version = aead_protect_versionVal;
openpgp.config.aead_mode = aead_modeVal; openpgp.config.aead_mode = aead_modeVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal; openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
openpgp.config.v5_keys = v5_keysVal; openpgp.config.v5_keys = v5_keysVal;
@ -849,14 +846,6 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
} }
}); });
tryTests('GCM mode', tests, {
if: !openpgp.config.saucelabs,
beforeEach: function() {
openpgp.config.aead_protect = true;
openpgp.config.aead_protect_version = 0;
}
});
tryTests('GCM mode (V5 keys)', tests, { tryTests('GCM mode (V5 keys)', tests, {
if: true, if: true,
beforeEach: function() { beforeEach: function() {
@ -1199,7 +1188,7 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
return openpgp.encrypt(encOpt).then(async function (encrypted) { return openpgp.encrypt(encOpt).then(async function (encrypted) {
expect(encrypted.data).to.match(/^-----BEGIN PGP MESSAGE/); expect(encrypted.data).to.match(/^-----BEGIN PGP MESSAGE/);
decOpt.message = await openpgp.message.readArmored(encrypted.data); decOpt.message = await openpgp.message.readArmored(encrypted.data);
expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aead_protect && openpgp.config.aead_protect_version !== 4); expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(false);
return openpgp.decrypt(decOpt); return openpgp.decrypt(decOpt);
}).then(function (decrypted) { }).then(function (decrypted) {
expect(decrypted.data).to.equal(plaintext); expect(decrypted.data).to.equal(plaintext);
@ -1222,7 +1211,7 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
return openpgp.encrypt(encOpt).then(async function (encrypted) { return openpgp.encrypt(encOpt).then(async function (encrypted) {
expect(encrypted.data).to.match(/^-----BEGIN PGP MESSAGE/); expect(encrypted.data).to.match(/^-----BEGIN PGP MESSAGE/);
decOpt.message = await openpgp.message.readArmored(encrypted.data); decOpt.message = await openpgp.message.readArmored(encrypted.data);
expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aead_protect && openpgp.config.aead_protect_version !== 4); expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(false);
return openpgp.decrypt(decOpt); return openpgp.decrypt(decOpt);
}).then(function (decrypted) { }).then(function (decrypted) {
expect(decrypted.data).to.equal(plaintext); expect(decrypted.data).to.equal(plaintext);
@ -1264,7 +1253,7 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
}; };
return openpgp.encrypt(encOpt).then(async function (encrypted) { return openpgp.encrypt(encOpt).then(async function (encrypted) {
decOpt.message = await openpgp.message.readArmored(encrypted.data); decOpt.message = await openpgp.message.readArmored(encrypted.data);
expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aead_protect && openpgp.config.aead_protect_version !== 4); expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(false);
return openpgp.decrypt(decOpt); return openpgp.decrypt(decOpt);
}).then(async function (decrypted) { }).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext); expect(decrypted.data).to.equal(plaintext);

35
test/general/packet.js
View File

@ -150,11 +150,9 @@ describe("Packet", function() {
}); });
}); });
it('Sym. encrypted AEAD protected packet (draft04)', async function() { it('Sym. encrypted AEAD protected packet (AEAD)', async function() {
let aead_protectVal = openpgp.config.aead_protect; let aead_protectVal = openpgp.config.aead_protect;
let aead_protect_versionVal = openpgp.config.aead_protect_version;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
openpgp.config.aead_protect_version = 4;
const testText = input.createSomeMessage(); const testText = input.createSomeMessage();
const key = new Uint8Array([1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2]); const key = new Uint8Array([1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2]);
@ -177,7 +175,6 @@ describe("Packet", function() {
expect(await openpgp.stream.readToEnd(msg2[0].packets[0].data)).to.deep.equal(literal.data); expect(await openpgp.stream.readToEnd(msg2[0].packets[0].data)).to.deep.equal(literal.data);
} finally { } finally {
openpgp.config.aead_protect = aead_protectVal; openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_protect_version = aead_protect_versionVal;
} }
}); });
@ -201,17 +198,15 @@ describe("Packet", function() {
return cryptStub; return cryptStub;
} }
it('Sym. encrypted AEAD protected packet is encrypted in parallel (GCM, draft04)', async function() { it('Sym. encrypted AEAD protected packet is encrypted in parallel (AEAD, GCM)', async function() {
const webCrypto = openpgp.util.getWebCrypto(); const webCrypto = openpgp.util.getWebCrypto();
if (!webCrypto) return; if (!webCrypto) return;
const encryptStub = cryptStub(webCrypto, 'encrypt'); const encryptStub = cryptStub(webCrypto, 'encrypt');
const decryptStub = cryptStub(webCrypto, 'decrypt'); const decryptStub = cryptStub(webCrypto, 'decrypt');
let aead_protectVal = openpgp.config.aead_protect; let aead_protectVal = openpgp.config.aead_protect;
let aead_protect_versionVal = openpgp.config.aead_protect_version;
let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte; let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
openpgp.config.aead_protect_version = 4;
openpgp.config.aead_chunk_size_byte = 0; openpgp.config.aead_chunk_size_byte = 0;
const testText = input.createSomeMessage(); const testText = input.createSomeMessage();
@ -238,14 +233,13 @@ describe("Packet", function() {
expect(decryptStub.callCount > 1).to.be.true; expect(decryptStub.callCount > 1).to.be.true;
} finally { } finally {
openpgp.config.aead_protect = aead_protectVal; openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_protect_version = aead_protect_versionVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal; openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
encryptStub.restore(); encryptStub.restore();
decryptStub.restore(); decryptStub.restore();
} }
}); });
it('Sym. encrypted AEAD protected packet test vector (draft04)', async function() { it('Sym. encrypted AEAD protected packet test vector (AEAD)', async function() {
// From https://gitlab.com/openpgp-wg/rfc4880bis/commit/00b20923e6233fb6ff1666ecd5acfefceb32907d // From https://gitlab.com/openpgp-wg/rfc4880bis/commit/00b20923e6233fb6ff1666ecd5acfefceb32907d
let packetBytes = openpgp.util.hex_to_Uint8Array(` let packetBytes = openpgp.util.hex_to_Uint8Array(`
@ -257,10 +251,8 @@ describe("Packet", function() {
`.replace(/\s+/g, '')); `.replace(/\s+/g, ''));
let aead_protectVal = openpgp.config.aead_protect; let aead_protectVal = openpgp.config.aead_protect;
let aead_protect_versionVal = openpgp.config.aead_protect_version;
let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte; let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
openpgp.config.aead_protect_version = 4;
openpgp.config.aead_chunk_size_byte = 14; openpgp.config.aead_chunk_size_byte = 14;
const iv = openpgp.util.hex_to_Uint8Array('b7 32 37 9f 73 c4 92 8d e2 5f ac fe 65 17 ec 10'.replace(/\s+/g, '')); const iv = openpgp.util.hex_to_Uint8Array('b7 32 37 9f 73 c4 92 8d e2 5f ac fe 65 17 ec 10'.replace(/\s+/g, ''));
@ -290,7 +282,6 @@ describe("Packet", function() {
expect(await openpgp.stream.readToEnd(msg2[0].packets[0].data)).to.deep.equal(literal.data); expect(await openpgp.stream.readToEnd(msg2[0].packets[0].data)).to.deep.equal(literal.data);
} finally { } finally {
openpgp.config.aead_protect = aead_protectVal; openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_protect_version = aead_protect_versionVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal; openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
randomBytesStub.restore(); randomBytesStub.restore();
} }
@ -495,11 +486,9 @@ describe("Packet", function() {
expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data)); expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data));
}); });
it('Sym. encrypted session key reading/writing (draft04)', async function() { it('Sym. encrypted session key reading/writing (AEAD)', async function() {
let aead_protectVal = openpgp.config.aead_protect; let aead_protectVal = openpgp.config.aead_protect;
let aead_protect_versionVal = openpgp.config.aead_protect_version;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
openpgp.config.aead_protect_version = 4;
try { try {
const passphrase = 'hello'; const passphrase = 'hello';
@ -533,19 +522,16 @@ describe("Packet", function() {
expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data)); expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data));
} finally { } finally {
openpgp.config.aead_protect = aead_protectVal; openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_protect_version = aead_protect_versionVal;
} }
}); });
it('Sym. encrypted session key reading/writing test vector (EAX, draft04)', async function() { it('Sym. encrypted session key reading/writing test vector (EAX, AEAD)', async function() {
// From https://gitlab.com/openpgp-wg/rfc4880bis/blob/00b20923/back.mkd#sample-aead-eax-encryption-and-decryption // From https://gitlab.com/openpgp-wg/rfc4880bis/blob/00b20923/back.mkd#sample-aead-eax-encryption-and-decryption
let aead_protectVal = openpgp.config.aead_protect; let aead_protectVal = openpgp.config.aead_protect;
let aead_protect_versionVal = openpgp.config.aead_protect_version;
let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte; let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
let s2k_iteration_count_byteVal = openpgp.config.s2k_iteration_count_byte; let s2k_iteration_count_byteVal = openpgp.config.s2k_iteration_count_byte;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
openpgp.config.aead_protect_version = 4;
openpgp.config.aead_chunk_size_byte = 14; openpgp.config.aead_chunk_size_byte = 14;
openpgp.config.s2k_iteration_count_byte = 0x90; openpgp.config.s2k_iteration_count_byte = 0x90;
@ -608,22 +594,19 @@ describe("Packet", function() {
expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data)); expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data));
} finally { } finally {
openpgp.config.aead_protect = aead_protectVal; openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_protect_version = aead_protect_versionVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal; openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
openpgp.config.s2k_iteration_count_byte = s2k_iteration_count_byteVal; openpgp.config.s2k_iteration_count_byte = s2k_iteration_count_byteVal;
randomBytesStub.restore(); randomBytesStub.restore();
} }
}); });
it('Sym. encrypted session key reading/writing test vector (OCB, draft04)', async function() { it('Sym. encrypted session key reading/writing test vector (AEAD, OCB)', async function() {
// From https://gitlab.com/openpgp-wg/rfc4880bis/blob/00b20923/back.mkd#sample-aead-ocb-encryption-and-decryption // From https://gitlab.com/openpgp-wg/rfc4880bis/blob/00b20923/back.mkd#sample-aead-ocb-encryption-and-decryption
let aead_protectVal = openpgp.config.aead_protect; let aead_protectVal = openpgp.config.aead_protect;
let aead_protect_versionVal = openpgp.config.aead_protect_version;
let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte; let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
let s2k_iteration_count_byteVal = openpgp.config.s2k_iteration_count_byte; let s2k_iteration_count_byteVal = openpgp.config.s2k_iteration_count_byte;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
openpgp.config.aead_protect_version = 4;
openpgp.config.aead_chunk_size_byte = 14; openpgp.config.aead_chunk_size_byte = 14;
openpgp.config.s2k_iteration_count_byte = 0x90; openpgp.config.s2k_iteration_count_byte = 0x90;
@ -687,7 +670,6 @@ describe("Packet", function() {
expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data)); expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data));
} finally { } finally {
openpgp.config.aead_protect = aead_protectVal; openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_protect_version = aead_protect_versionVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal; openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
openpgp.config.s2k_iteration_count_byte = s2k_iteration_count_byteVal; openpgp.config.s2k_iteration_count_byte = s2k_iteration_count_byteVal;
randomBytesStub.restore(); randomBytesStub.restore();
@ -873,11 +855,9 @@ V+HOQJQxXJkVRYa3QrFUehiMzTeqqMdgC6ZqJy7+
}); });
}); });
it('Writing and encryption of a secret key packet. (draft04)', async function() { it('Writing and encryption of a secret key packet. (AEAD)', async function() {
let aead_protectVal = openpgp.config.aead_protect; let aead_protectVal = openpgp.config.aead_protect;
let aead_protect_versionVal = openpgp.config.aead_protect_version;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
openpgp.config.aead_protect_version = 4;
const key = new openpgp.packet.List(); const key = new openpgp.packet.List();
key.push(new openpgp.packet.SecretKey()); key.push(new openpgp.packet.SecretKey());
@ -905,7 +885,6 @@ V+HOQJQxXJkVRYa3QrFUehiMzTeqqMdgC6ZqJy7+
expect(key[0].params.toString()).to.equal(key2[0].params.toString()); expect(key[0].params.toString()).to.equal(key2[0].params.toString());
} finally { } finally {
openpgp.config.aead_protect = aead_protectVal; openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_protect_version = aead_protect_versionVal;
} }
}); });

8
test/general/streaming.js
View File

@ -353,7 +353,7 @@ function tests() {
expect(verified.signatures).to.exist.and.have.length(1); expect(verified.signatures).to.exist.and.have.length(1);
}); });
it('Encrypt and decrypt larger message roundtrip (draft04)', async function() { it('Encrypt and decrypt larger message roundtrip (AEAD)', async function() {
let aead_protectValue = openpgp.config.aead_protect; let aead_protectValue = openpgp.config.aead_protect;
let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte; let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
@ -382,7 +382,7 @@ function tests() {
} }
}); });
it('Encrypt and decrypt larger text message roundtrip (draft04)', async function() { it('Encrypt and decrypt larger text message roundtrip (AEAD)', async function() {
let aead_protectValue = openpgp.config.aead_protect; let aead_protectValue = openpgp.config.aead_protect;
let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte; let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
@ -449,7 +449,7 @@ function tests() {
expect(canceled).to.be.true; expect(canceled).to.be.true;
}); });
it('Input stream should be canceled when canceling decrypted stream (draft04)', async function() { it('Input stream should be canceled when canceling decrypted stream (AEAD)', async function() {
let aead_protectValue = openpgp.config.aead_protect; let aead_protectValue = openpgp.config.aead_protect;
let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte; let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;
@ -527,7 +527,7 @@ function tests() {
expect(i).to.be.lessThan(expectedType === 'web' ? 50 : 100); expect(i).to.be.lessThan(expectedType === 'web' ? 50 : 100);
}); });
it("Don't pull entire input stream when we're not pulling decrypted stream (draft04)", async function() { it("Don't pull entire input stream when we're not pulling decrypted stream (AEAD)", async function() {
let aead_protectValue = openpgp.config.aead_protect; let aead_protectValue = openpgp.config.aead_protect;
let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte; let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte;
openpgp.config.aead_protect = true; openpgp.config.aead_protect = true;