suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rename config option names to camelCase (#1088)

Browse Source
This commit is contained in:
Ilya Chesnokov 2020-04-23 18:46:38 +07:00 committed by Daniel Huigens
parent 63b6d215e3
commit d415bc2546
34 changed files with 343 additions and 344 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
src/config/config.js
View File

@ -25,14 +25,14 @@ import enums from '../enums';
export default {
/**
* @memberof module:config
* @property {Integer} prefer_hash_algorithm Default hash algorithm {@link module:enums.hash}
* @property {Integer} preferHashAlgorithm Default hash algorithm {@link module:enums.hash}
*/
prefer_hash_algorithm: enums.hash.sha256,
preferHashAlgorithm: enums.hash.sha256,
/**
* @memberof module:config
* @property {Integer} encryption_cipher Default encryption cipher {@link module:enums.symmetric}
* @property {Integer} encryptionCipher Default encryption cipher {@link module:enums.symmetric}
*/
encryption_cipher: enums.symmetric.aes256,
encryptionCipher: enums.symmetric.aes256,
/**
* @memberof module:config
* @property {Integer} compression Default compression algorithm {@link module:enums.compression}
@ -40,186 +40,186 @@ export default {
compression: enums.compression.uncompressed,
/**
* @memberof module:config
* @property {Integer} deflate_level Default zip/zlib compression level, between 1 and 9
* @property {Integer} deflateLevel Default zip/zlib compression level, between 1 and 9
*/
deflate_level: 6,
deflateLevel: 6,
/**
* Use Authenticated Encryption with Additional Data (AEAD) protection for symmetric encryption.
* Note: not all OpenPGP implementations are compatible with this option.
* @see {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-07|RFC4880bis-07}
* @memberof module:config
* @property {Boolean} aead_protect
* @property {Boolean} aeadProtect
*/
aead_protect: true,
aeadProtect: true,
/**
* Default Authenticated Encryption with Additional Data (AEAD) encryption mode
* Only has an effect when aead_protect is set to true.
* Only has an effect when aeadProtect is set to true.
* @memberof module:config
* @property {Integer} aead_mode Default AEAD mode {@link module:enums.aead}
* @property {Integer} aeadMode Default AEAD mode {@link module:enums.aead}
*/
aead_mode: enums.aead.eax,
aeadMode: enums.aead.eax,
/**
* Chunk Size Byte for Authenticated Encryption with Additional Data (AEAD) mode
* Only has an effect when aead_protect is set to true.
* Only has an effect when aeadProtect is set to true.
* Must be an integer value from 0 to 56.
* @memberof module:config
* @property {Integer} aead_chunk_size_byte
* @property {Integer} aeadChunkSizeByte
*/
aead_chunk_size_byte: 12,
aeadChunkSizeByte: 12,
/**
* Use V5 keys.
* Note: not all OpenPGP implementations are compatible with this option
* @memberof module:config
* @property {Boolean} v5_keys
* @property {Boolean} v5Keys
*/
v5_keys: true,
v5Keys: true,
/**
* {@link https://tools.ietf.org/html/rfc4880#section-3.7.1.3|RFC4880 3.7.1.3}:
* Iteration Count Byte for S2K (String to Key)
* @memberof module:config
* @property {Integer} s2k_iteration_count_byte
* @property {Integer} s2kIterationCountByte
*/
s2k_iteration_count_byte: 224,
s2kIterationCountByte: 224,
/** Use integrity protection for symmetric encryption
* @memberof module:config
* @property {Boolean} integrity_protect
* @property {Boolean} integrityProtect
*/
integrity_protect: true,
integrityProtect: true,
/**
* @memberof module:config
* @property {Boolean} ignore_mdc_error Fail on decrypt if message is not integrity protected
* @property {Boolean} ignoreMdcError Fail on decrypt if message is not integrity protected
*/
ignore_mdc_error: false,
ignoreMdcError: false,
/**
* @memberof module:config
* @property {Boolean} allow_unauthenticated_stream Stream unauthenticated data before integrity has been checked
* @property {Boolean} allowUnauthenticatedStream Stream unauthenticated data before integrity has been checked
*/
allow_unauthenticated_stream: false,
allowUnauthenticatedStream: false,
/**
* @memberof module:config
* @property {Boolean} checksum_required Do not throw error when armor is missing a checksum
* @property {Boolean} checksumRequired Do not throw error when armor is missing a checksum
*/
checksum_required: false,
checksumRequired: false,
/**
* @memberof module:config
* @property {Boolean} rsa_blinding
* @property {Boolean} rsaBlinding
*/
rsa_blinding: true,
rsaBlinding: true,
/**
* Work-around for rare GPG decryption bug when encrypting with multiple passwords.
* **Slower and slightly less secure**
* @memberof module:config
* @property {Boolean} password_collision_check
* @property {Boolean} passwordCollisionCheck
*/
password_collision_check: false,
passwordCollisionCheck: false,
/**
* @memberof module:config
* @property {Boolean} revocations_expire If true, expired revocation signatures are ignored
* @property {Boolean} revocationsExpire If true, expired revocation signatures are ignored
*/
revocations_expire: false,
revocationsExpire: false,
/**
* Allow decryption using RSA keys without `encrypt` flag.
* This setting is potentially insecure, but it is needed to get around an old openpgpjs bug
* where key flags were ignored when selecting a key for encryption.
* @memberof module:config
* @property {Boolean} allow_insecure_decryption_with_signing_keys
* @property {Boolean} allowInsecureDecryptionWithSigningKeys
*/
allow_insecure_decryption_with_signing_keys: false,
allowInsecureDecryptionWithSigningKeys: false,
/**
* @memberof module:config
* @property {Boolean} use_native Use native Node.js crypto/zlib and WebCrypto APIs when available
* @property {Boolean} useNative Use native Node.js crypto/zlib and WebCrypto APIs when available
*/
use_native: true,
useNative: true,
/**
* @memberof module:config
* @property {Integer} min_bytes_for_web_crypto The minimum amount of bytes for which to use native WebCrypto APIs when available
* @property {Integer} minBytesForWebCrypto The minimum amount of bytes for which to use native WebCrypto APIs when available
*/
min_bytes_for_web_crypto: 1000,
minBytesForWebCrypto: 1000,
/**
* @memberof module:config
* @property {Boolean} debug If enabled, debug messages will be printed
*/
debug: false,
debug: false,
/**
* @memberof module:config
* @property {Boolean} tolerant Ignore unsupported/unrecognizable packets instead of throwing an error
*/
tolerant: true,
tolerant: true,
/**
* @memberof module:config
* @property {Boolean} show_version Whether to include {@link module:config/config.versionstring} in armored messages
* @property {Boolean} showVersion Whether to include {@link module:config/config.versionString} in armored messages
*/
show_version: true,
showVersion: true,
/**
* @memberof module:config
* @property {Boolean} show_comment Whether to include {@link module:config/config.commentstring} in armored messages
* @property {Boolean} showComment Whether to include {@link module:config/config.commentString} in armored messages
*/
show_comment: true,
showComment: true,
/**
* @memberof module:config
* @property {String} versionstring A version string to be included in armored messages
* @property {String} versionString A version string to be included in armored messages
*/
versionstring: "OpenPGP.js VERSION",
versionString: "OpenPGP.js VERSION",
/**
* @memberof module:config
* @property {String} commentstring A comment string to be included in armored messages
* @property {String} commentString A comment string to be included in armored messages
*/
commentstring: "https://openpgpjs.org",
commentString: "https://openpgpjs.org",
/**
* @memberof module:config
* @property {String} keyserver
*/
keyserver: "https://keyserver.ubuntu.com",
keyserver: "https://keyserver.ubuntu.com",
/**
* @memberof module:config
* @property {String} node_store
* @property {String} nodeStore
*/
node_store: "./openpgp.store",
nodeStore: "./openpgp.store",
/**
* Max userid string length (used for parsing)
* @memberof module:config
* @property {Integer} max_userid_length
* @property {Integer} maxUseridLength
*/
max_userid_length: 1024 * 5,
maxUseridLength: 1024 * 5,
/**
* Contains notatations that are considered "known". Known notations do not trigger
* validation error when the notation is marked as critical.
* @memberof module:config
* @property {Array} known_notations
* @property {Array} knownNotations
*/
known_notations: ["preferred-email-encoding@pgp.com", "pka-address@gnupg.org"],
knownNotations: ["preferred-email-encoding@pgp.com", "pka-address@gnupg.org"],
/**
* @memberof module:config
* @property {Boolean} use_indutny_elliptic Whether to use the indutny/elliptic library. When false, certain curves will not be supported.
* @property {Boolean} useIndutnyElliptic Whether to use the indutny/elliptic library. When false, certain curves will not be supported.
*/
use_indutny_elliptic: true,
useIndutnyElliptic: true,
/**
* @memberof module:config
* @property {Boolean} external_indutny_elliptic Whether to lazily load the indutny/elliptic library from an external path on demand.
* @property {Boolean} externalIndutnyElliptic Whether to lazily load the indutny/elliptic library from an external path on demand.
*/
external_indutny_elliptic: false,
externalIndutnyElliptic: false,
/**
* @memberof module:config
* @property {String} indutny_elliptic_path The path to load the indutny/elliptic library from. Only has an effect if `config.external_indutny_elliptic` is true.
* @property {String} indutnyEllipticPath The path to load the indutny/elliptic library from. Only has an effect if `config.externalIndutnyElliptic` is true.
*/
indutny_elliptic_path: './elliptic.min.js',
indutnyEllipticPath: './elliptic.min.js',
/**
* @memberof module:config
* @property {Object} indutny_elliptic_fetch_options Options object to pass to `fetch` when loading the indutny/elliptic library. Only has an effect if `config.external_indutny_elliptic` is true.
* @property {Object} indutnyEllipticFetchOptions Options object to pass to `fetch` when loading the indutny/elliptic library. Only has an effect if `config.externalIndutnyElliptic` is true.
*/
indutny_elliptic_fetch_options: {},
indutnyEllipticFetchOptions: {},
/**
* @memberof module:config
* @property {Set<Integer>} reject_hash_algorithms Reject insecure hash algorithms {@link module:enums.hash}
*/
reject_hash_algorithms: new global.Set([enums.hash.md5, enums.hash.ripemd]),
rejectHashAlgorithms: new global.Set([enums.hash.md5, enums.hash.ripemd]),
/**
* @memberof module:config
* @property {Set<Integer>} reject_message_hash_algorithms Reject insecure message hash algorithms {@link module:enums.hash}
*/
reject_message_hash_algorithms: new global.Set([enums.hash.md5, enums.hash.ripemd, enums.hash.sha1])
rejectMessageHashAlgorithms: new global.Set([enums.hash.md5, enums.hash.ripemd, enums.hash.sha1])
};

2
src/crypto/cfb.js
View File

@ -121,7 +121,7 @@ function aesEncrypt(algo, key, pt, iv) {
util.getWebCrypto() &&
key.length !== 24 && // Chrome doesn't support 192 bit keys, see https://www.chromium.org/blink/webcrypto#TOC-AES-support
!util.isStream(pt) &&
pt.length >= 3000 * config.min_bytes_for_web_crypto // Default to a 3MB minimum. Chrome is pretty slow for small messages, see: https://bugs.chromium.org/p/chromium/issues/detail?id=701188#c2
pt.length >= 3000 * config.minBytesForWebCrypto // Default to a 3MB minimum. Chrome is pretty slow for small messages, see: https://bugs.chromium.org/p/chromium/issues/detail?id=701188#c2
) { // Web Crypto
return webEncrypt(algo, key, pt, iv);
}

4
src/crypto/hash/index.js
View File

@ -37,7 +37,7 @@ function node_hash(type) {
function hashjs_hash(hash, webCryptoHash) {
return async function(data) {
if (!util.isStream(data) && webCrypto && webCryptoHash && data.length >= config.min_bytes_for_web_crypto) {
if (!util.isStream(data) && webCrypto && webCryptoHash && data.length >= config.minBytesForWebCrypto) {
return new Uint8Array(await webCrypto.digest(webCryptoHash, data));
}
const hashInstance = hash();
@ -54,7 +54,7 @@ function asmcrypto_hash(hash, webCryptoHash) {
return stream.transform(data, value => {
hashInstance.process(value);
}, () => hashInstance.finish().result);
} else if (webCrypto && webCryptoHash && data.length >= config.min_bytes_for_web_crypto) {
} else if (webCrypto && webCryptoHash && data.length >= config.minBytesForWebCrypto) {
return new Uint8Array(await webCrypto.digest(webCryptoHash, data));
} else {
return hash.bytes(data);

10
src/crypto/public_key/elliptic/indutnyKey.js
View File

@ -44,8 +44,8 @@ export function keyFromPublic(indutnyCurve, pub) {
* @returns {Promise<elliptic>}
*/
async function loadEllipticPromise() {
const path = config.indutny_elliptic_path;
const options = config.indutny_elliptic_fetch_options;
const path = config.indutnyEllipticPath;
const options = config.indutnyEllipticFetchOptions;
const ellipticDlPromise = dl(path, options).catch(() => dl(path, options));
const ellipticContents = await ellipticDlPromise;
const mainUrl = URL.createObjectURL(new Blob([ellipticContents], { type: 'text/javascript' }));
@ -60,12 +60,12 @@ async function loadEllipticPromise() {
let ellipticPromise;
function loadElliptic() {
if (!config.external_indutny_elliptic) {
if (!config.externalIndutnyElliptic) {
return require('elliptic');
}
if (util.detectNode()) {
// eslint-disable-next-line
return require(config.indutny_elliptic_path);
return require(config.indutnyEllipticPath);
}
if (!ellipticPromise) {
ellipticPromise = loadEllipticPromise().catch(e => {
@ -77,7 +77,7 @@ function loadElliptic() {
}
export async function getIndutnyCurve(name) {
if (!config.use_indutny_elliptic) {
if (!config.useIndutnyElliptic) {
throw new Error('This curve is only supported in the full build of OpenPGP.js');
}
const elliptic = await loadElliptic();

4
src/crypto/public_key/rsa.js
View File

@ -527,7 +527,7 @@ export default {
let blinder;
let unblinder;
if (config.rsa_blinding) {
if (config.rsaBlinding) {
unblinder = (await random.getRandomBN(new BN(2), n)).toRed(nred);
blinder = unblinder.redInvm().redPow(e);
data = data.toRed(nred).redMul(blinder).fromRed();
@ -540,7 +540,7 @@ export default {
let result = h.mul(p).add(mp).toRed(nred);
if (config.rsa_blinding) {
if (config.rsaBlinding) {
result = result.redMul(unblinder);
}

2
src/crypto/random.js
View File

@ -27,7 +27,7 @@
import BN from 'bn.js';
import util from '../util';
// Do not use util.getNodeCrypto because we need this regardless of use_native setting
// Do not use util.getNodeCrypto because we need this regardless of useNative setting
const nodeCrypto = util.detectNode() && require('crypto');
export default {

10
src/encoding/armor.js
View File

@ -102,11 +102,11 @@ function getType(text) {
*/
function addheader(customComment) {
let result = "";
if (config.show_version) {
result += "Version: " + config.versionstring + '\r\n';
if (config.showVersion) {
result += "Version: " + config.versionString + '\r\n';
}
if (config.show_comment) {
result += "Comment: " + config.commentstring + '\r\n';
if (config.showComment) {
result += "Comment: " + config.commentString + '\r\n';
}
if (customComment) {
result += "Comment: " + customComment + '\r\n';
@ -332,7 +332,7 @@ function dearmor(input) {
const writer = stream.getWriter(writable);
try {
const checksumVerifiedString = (await checksumVerified).replace('\r\n', '');
if (checksum !== checksumVerifiedString && (checksum || config.checksum_required)) {
if (checksum !== checksumVerifiedString && (checksum || config.checksumRequired)) {
throw new Error("Ascii armor integrity check on message failed: '" + checksum + "' should be '" +
checksumVerifiedString + "'");
}

2
src/enums.js
View File

@ -446,7 +446,7 @@ export default {
aead: 2,
/** 0x04 - Version 5 Public-Key Packet format and corresponding new
* fingerprint format */
v5_keys: 4
v5Keys: 4
},
/** Asserts validity and converts from string/integer to integer. */

16
src/key/factory.js
View File

@ -181,18 +181,18 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
enums.symmetric.aes256,
enums.symmetric.aes128,
enums.symmetric.aes192
], config.encryption_cipher);
if (config.aead_protect) {
], config.encryptionCipher);
if (config.aeadProtect) {
signaturePacket.preferredAeadAlgorithms = createdPreferredAlgos([
enums.aead.eax,
enums.aead.ocb
], config.aead_mode);
], config.aeadMode);
}
signaturePacket.preferredHashAlgorithms = createdPreferredAlgos([
// prefer fast asm.js implementations (SHA-256)
enums.hash.sha256,
enums.hash.sha512
], config.prefer_hash_algorithm);
], config.preferHashAlgorithm);
signaturePacket.preferredCompressionAlgorithms = createdPreferredAlgos([
enums.compression.zlib,
enums.compression.zip,
@ -201,17 +201,17 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
if (index === 0) {
signaturePacket.isPrimaryUserID = true;
}
if (config.integrity_protect) {
if (config.integrityProtect) {
signaturePacket.features = [0];
signaturePacket.features[0] |= enums.features.modification_detection;
}
if (config.aead_protect) {
if (config.aeadProtect) {
signaturePacket.features || (signaturePacket.features = [0]);
signaturePacket.features[0] |= enums.features.aead;
}
if (config.v5_keys) {
if (config.v5Keys) {
signaturePacket.features || (signaturePacket.features = [0]);
signaturePacket.features[0] |= enums.features.v5_keys;
signaturePacket.features[0] |= enums.features.v5Keys;
}
if (options.keyExpirationTime > 0) {
signaturePacket.keyExpirationTime = options.keyExpirationTime;

6
src/key/helper.js
View File

@ -114,7 +114,7 @@ export async function createBindingSignature(subkey, primaryKey, options) {
* @async
*/
export async function getPreferredHashAlgo(key, keyPacket, date = new Date(), userId = {}) {
let hash_algo = config.prefer_hash_algorithm;
let hash_algo = config.preferHashAlgorithm;
let pref_algo = hash_algo;
if (key) {
const primaryUser = await key.getPrimaryUser(date, userId);
@ -260,7 +260,7 @@ export async function isDataRevoked(primaryKey, signatureType, dataToVerify, rev
// third-party key certification, which should only affect
// `verifyAllCertifications`.)
(!signature || revocationSignature.issuerKeyId.equals(signature.issuerKeyId)) &&
!(config.revocations_expire && revocationSignature.isExpired(normDate)) &&
!(config.revocationsExpire && revocationSignature.isExpired(normDate)) &&
(revocationSignature.verified || await revocationSignature.verify(key, signatureType, dataToVerify))
) {
// TODO get an identifier of the revoked object instead
@ -367,7 +367,7 @@ export function isValidDecryptionKeyPacket(signature) {
throw new Error('Signature not verified');
}
if (config.allow_insecure_decryption_with_signing_keys) {
if (config.allowInsecureDecryptionWithSigningKeys) {
// This is only relevant for RSA keys, all other signing ciphers cannot decrypt
return true;
}

2
src/keyring/localstore.js
View File

@ -40,7 +40,7 @@ function LocalStore(prefix) {
if (typeof global !== 'undefined' && global.localStorage) {
this.storage = global.localStorage;
} else {
this.storage = new (require('node-localstorage').LocalStorage)(config.node_store);
this.storage = new (require('node-localstorage').LocalStorage)(config.nodeStore);
}
}

6
src/message.js
View File

@ -286,7 +286,7 @@ Message.prototype.getText = function() {
*/
export async function generateSessionKey(keys = [], date = new Date(), userIds = []) {
const algorithm = enums.read(enums.symmetric, await getPreferredAlgo('symmetric', keys, date, userIds));
const aeadAlgorithm = config.aead_protect && await isAeadSupported(keys, date, userIds) ?
const aeadAlgorithm = config.aeadProtect && await isAeadSupported(keys, date, userIds) ?
enums.read(enums.aead, await getPreferredAlgo('aead', keys, date, userIds)) :
undefined;
const sessionKeyData = await crypto.generateSessionKey(algorithm);
@ -326,7 +326,7 @@ Message.prototype.encrypt = async function(keys, passwords, sessionKey, wildcard
if (aeadAlgorithm) {
symEncryptedPacket = new packet.SymEncryptedAEADProtected();
symEncryptedPacket.aeadAlgorithm = aeadAlgorithm;
} else if (config.integrity_protect) {
} else if (config.integrityProtect) {
symEncryptedPacket = new packet.SymEncryptedIntegrityProtected();
} else {
symEncryptedPacket = new packet.SymmetricallyEncrypted();
@ -391,7 +391,7 @@ export async function encryptSessionKey(sessionKey, algorithm, aeadAlgorithm, pu
}
await symEncryptedSessionKeyPacket.encrypt(password);
if (config.password_collision_check) {
if (config.passwordCollisionCheck) {
const results = await Promise.all(passwords.map(pwd => testDecrypt(symEncryptedSessionKeyPacket, pwd)));
if (results.reduce(sum) !== 1) {
return encryptPassword(sessionKey, algorithm, password);

8
src/packet/compressed.js
View File

@ -169,8 +169,8 @@ let compress_fns;
let decompress_fns;
if (nodeZlib) { // Use Node native zlib for DEFLATE compression/decompression
compress_fns = {
zip: node_zlib(nodeZlib.createDeflateRaw, { level: config.deflate_level }),
zlib: node_zlib(nodeZlib.createDeflate, { level: config.deflate_level })
zip: node_zlib(nodeZlib.createDeflateRaw, { level: config.deflateLevel }),
zlib: node_zlib(nodeZlib.createDeflate, { level: config.deflateLevel })
};
decompress_fns = {
@ -181,8 +181,8 @@ if (nodeZlib) { // Use Node native zlib for DEFLATE compression/decompression
};
} else { // Use JS fallbacks
compress_fns = {
zip: pako_zlib(pako.Deflate, { raw: true, level: config.deflate_level }),
zlib: pako_zlib(pako.Deflate, { level: config.deflate_level })
zip: pako_zlib(pako.Deflate, { raw: true, level: config.deflateLevel }),
zlib: pako_zlib(pako.Deflate, { level: config.deflateLevel })
};
decompress_fns = {

2
src/packet/public_key.js
View File

@ -56,7 +56,7 @@ function PublicKey(date = new Date()) {
* Packet version
* @type {Integer}
*/
this.version = config.v5_keys ? 5 : 4;
this.version = config.v5Keys ? 5 : 4;
/**
* Key creation date.
* @type {Date}

6
src/packet/signature.js
View File

@ -456,7 +456,7 @@ Signature.prototype.read_sub_packet = function (bytes, trusted = true) {
this.notations[name] = util.Uint8Array_to_str(value);
}
if (critical && (config.known_notations.indexOf(name) === -1)) {
if (critical && (config.knownNotations.indexOf(name) === -1)) {
throw new Error("Unknown critical notation: " + name);
}
break;
@ -738,10 +738,10 @@ Signature.prototype.verify = async function (key, signatureType, data, detached
if (!verified) {
throw new Error('Signature verification failed');
}
if (config.reject_hash_algorithms.has(hashAlgorithm)) {
if (config.rejectHashAlgorithms.has(hashAlgorithm)) {
throw new Error('Insecure hash algorithm: ' + enums.read(enums.hash, hashAlgorithm).toUpperCase());
}
if (config.reject_message_hash_algorithms.has(hashAlgorithm) &&
if (config.rejectMessageHashAlgorithms.has(hashAlgorithm) &&
[enums.signature.binary, enums.signature.text].includes(this.signatureType)) {
throw new Error('Insecure message hash algorithm: ' + enums.read(enums.hash, hashAlgorithm).toUpperCase());
}

2
src/packet/sym_encrypted_aead_protected.js
View File

@ -105,7 +105,7 @@ SymEncryptedAEADProtected.prototype.encrypt = async function (sessionKeyAlgorith
this.aeadAlgo = enums.write(enums.aead, this.aeadAlgorithm);
const mode = crypto[enums.read(enums.aead, this.aeadAlgo)];
this.iv = await crypto.random.getRandomBytes(mode.ivLength); // generate new random IV
this.chunkSizeByte = config.aead_chunk_size_byte;
this.chunkSizeByte = config.aeadChunkSizeByte;
const data = this.packets.write();
this.encrypted = await this.crypt('encrypt', key, data, streaming);
};

2
src/packet/sym_encrypted_integrity_protected.js
View File

@ -129,7 +129,7 @@ SymEncryptedIntegrityProtected.prototype.decrypt = async function (sessionKeyAlg
const bytes = stream.slice(tohash, crypto.cipher[sessionKeyAlgorithm].blockSize + 2); // Remove random prefix
let packetbytes = stream.slice(bytes, 0, -2); // Remove MDC packet
packetbytes = stream.concat([packetbytes, stream.fromAsync(() => verifyHash)]);
if (!util.isStream(encrypted) || !config.allow_unauthenticated_stream) {
if (!util.isStream(encrypted) || !config.allowUnauthenticatedStream) {
packetbytes = await stream.readToEnd(packetbytes);
}
await this.packets.read(packetbytes, streaming);

4
src/packet/sym_encrypted_session_key.js
View File

@ -49,11 +49,11 @@ import util from '../util';
*/
function SymEncryptedSessionKey() {
this.tag = enums.packet.symEncryptedSessionKey;
this.version = config.aead_protect ? 5 : 4;
this.version = config.aeadProtect ? 5 : 4;
this.sessionKey = null;
this.sessionKeyEncryptionAlgorithm = null;
this.sessionKeyAlgorithm = 'aes256';
this.aeadAlgorithm = enums.read(enums.aead, config.aead_mode);
this.aeadAlgorithm = enums.read(enums.aead, config.aeadMode);
this.encrypted = null;
this.s2k = null;
this.iv = null;

6
src/packet/symmetrically_encrypted.js
View File

@ -58,9 +58,9 @@ function SymmetricallyEncrypted() {
this.packets = null;
/**
* When true, decrypt fails if message is not integrity protected
* @see module:config.ignore_mdc_error
* @see module:config.ignoreMdcError
*/
this.ignore_mdc_error = config.ignore_mdc_error;
this.ignoreMdcError = config.ignoreMdcError;
}
SymmetricallyEncrypted.prototype.read = function (bytes) {
@ -81,7 +81,7 @@ SymmetricallyEncrypted.prototype.write = function () {
*/
SymmetricallyEncrypted.prototype.decrypt = async function (sessionKeyAlgorithm, key) {
// If MDC errors are not being ignored, all missing MDC packets in symmetrically encrypted data should throw an error
if (!this.ignore_mdc_error) {
if (!this.ignoreMdcError) {
throw new Error('Decryption failed due to missing MDC.');
}

2
src/type/s2k.js
View File

@ -45,7 +45,7 @@ function S2K() {
/** @type {module:enums.s2k} */
this.type = 'iterated';
/** @type {Integer} */
this.c = config.s2k_iteration_count_byte;
this.c = config.s2kIterationCountByte;
/** Eight bytes of salt in a binary string.
* @type {String}
*/

16
src/util.js
View File

@ -478,11 +478,11 @@ export default {
/**
* Get native Web Cryptography api, only the current version of the spec.
* The default configuration is to use the api when available. But it can
* be deactivated with config.use_native
* be deactivated with config.useNative
* @returns {Object} The SubtleCrypto api or 'undefined'
*/
getWebCrypto: function() {
if (!config.use_native) {
if (!config.useNative) {
return;
}
@ -493,11 +493,11 @@ export default {
* Get native Web Cryptography api for all browsers, including legacy
* implementations of the spec e.g IE11 and Safari 8/9. The default
* configuration is to use the api when available. But it can be deactivated
* with config.use_native
* with config.useNative
* @returns {Object} The SubtleCrypto api or 'undefined'
*/
getWebCryptoAll: function() {
if (!config.use_native) {
if (!config.useNative) {
return;
}
@ -537,11 +537,11 @@ export default {
/**
* Get native Node.js crypto api. The default configuration is to use
* the api when available. But it can also be deactivated with config.use_native
* the api when available. But it can also be deactivated with config.useNative
* @returns {Object} The crypto module or 'undefined'
*/
getNodeCrypto: function() {
if (!config.use_native) {
if (!config.useNative) {
return;
}
@ -549,7 +549,7 @@ export default {
},
getNodeZlib: function() {
if (!config.use_native) {
if (!config.useNative) {
return;
}
@ -613,7 +613,7 @@ export default {
* Parse user id.
*/
parseUserId: function(userid) {
if (userid.length > config.max_userid_length) {
if (userid.length > config.maxUseridLength) {
throw new Error('User id string is too long');
}
try {

26
test/crypto/crypto.js
View File

@ -297,7 +297,7 @@ describe('API functional testing', function() {
const ciphertext = await modeInstance.encrypt(util.str_to_Uint8Array(plaintext), iv);
openpgp.config.use_native = nativeDecrypt;
openpgp.config.useNative = nativeDecrypt;
modeInstance = await crypto.gcm(algo, key);
const decrypted = await modeInstance.decrypt(util.str_to_Uint8Array(util.Uint8Array_to_str(ciphertext)), iv);
@ -316,39 +316,39 @@ describe('API functional testing', function() {
});
describe('Symmetric AES-GCM (native)', function() {
let use_nativeVal;
let useNativeVal;
beforeEach(function() {
use_nativeVal = openpgp.config.use_native;
openpgp.config.use_native = true;
useNativeVal = openpgp.config.useNative;
openpgp.config.useNative = true;
});
afterEach(function() {
openpgp.config.use_native = use_nativeVal;
openpgp.config.useNative = useNativeVal;
});
testAESGCM("12345678901234567890123456789012345678901234567890", true);
});
describe('Symmetric AES-GCM (asm.js fallback)', function() {
let use_nativeVal;
let useNativeVal;
beforeEach(function() {
use_nativeVal = openpgp.config.use_native;
openpgp.config.use_native = false;
useNativeVal = openpgp.config.useNative;
openpgp.config.useNative = false;
});
afterEach(function() {
openpgp.config.use_native = use_nativeVal;
openpgp.config.useNative = useNativeVal;
});
testAESGCM("12345678901234567890123456789012345678901234567890", false);
});
describe('Symmetric AES-GCM (native encrypt, asm.js decrypt)', function() {
let use_nativeVal;
let useNativeVal;
beforeEach(function() {
use_nativeVal = openpgp.config.use_native;
openpgp.config.use_native = true;
useNativeVal = openpgp.config.useNative;
openpgp.config.useNative = true;
});
afterEach(function() {
openpgp.config.use_native = use_nativeVal;
openpgp.config.useNative = useNativeVal;
});
testAESGCM("12345678901234567890123456789012345678901234567890", false);

16
test/crypto/eax.js
View File

@ -124,26 +124,26 @@ function testAESEAX() {
}
describe('Symmetric AES-EAX (native)', function() {
let use_nativeVal;
let useNativeVal;
beforeEach(function() {
use_nativeVal = openpgp.config.use_native;
openpgp.config.use_native = true;
useNativeVal = openpgp.config.useNative;
openpgp.config.useNative = true;
});
afterEach(function() {
openpgp.config.use_native = use_nativeVal;
openpgp.config.useNative = useNativeVal;
});
testAESEAX();
});
describe('Symmetric AES-EAX (asm.js fallback)', function() {
let use_nativeVal;
let useNativeVal;
beforeEach(function() {
use_nativeVal = openpgp.config.use_native;
openpgp.config.use_native = false;
useNativeVal = openpgp.config.useNative;
openpgp.config.useNative = false;
});
afterEach(function() {
openpgp.config.use_native = use_nativeVal;
openpgp.config.useNative = useNativeVal;
});
testAESEAX();

12
test/crypto/ecdh.js
View File

@ -67,7 +67,7 @@ describe('ECDH key exchange @lightweight', function () {
)).to.be.rejectedWith(Error, /Not valid curve/).notify(done);
});
it('Invalid ephemeral key', function (done) {
if (!openpgp.config.use_indutny_elliptic && !openpgp.util.getNodeCrypto()) {
if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) {
this.skip();
}
expect(decrypt_message(
@ -75,7 +75,7 @@ describe('ECDH key exchange @lightweight', function () {
)).to.be.rejectedWith(Error, /Private key is not valid for specified curve|Unknown point format/).notify(done);
});
it('Invalid elliptic public key', function (done) {
if (!openpgp.config.use_indutny_elliptic && !openpgp.util.getNodeCrypto()) {
if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) {
this.skip();
}
expect(decrypt_message(
@ -83,7 +83,7 @@ describe('ECDH key exchange @lightweight', function () {
)).to.be.rejectedWith(Error, /Public key is not valid for specified curve|Failed to translate Buffer to a EC_POINT|Invalid elliptic public key/).notify(done);
});
it('Invalid key data integrity', function (done) {
if (!openpgp.config.use_indutny_elliptic && !openpgp.util.getNodeCrypto()) {
if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) {
this.skip();
}
expect(decrypt_message(
@ -200,7 +200,7 @@ describe('ECDH key exchange @lightweight', function () {
describe('ECDHE key generation', function () {
it('Invalid curve', function (done) {
if (!openpgp.config.use_indutny_elliptic && !openpgp.util.getNodeCrypto()) {
if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) {
this.skip();
}
expect(genPublicEphemeralKey("secp256k1", Q1, fingerprint1)
@ -245,7 +245,7 @@ describe('ECDH key exchange @lightweight', function () {
it('Comparing keys derived using webCrypto and elliptic', async function () {
const names = ["p256", "p384", "p521"];
if (!openpgp.util.getWebCrypto() || !openpgp.config.use_indutny_elliptic) {
if (!openpgp.util.getWebCrypto() || !openpgp.config.useIndutnyElliptic) {
// eslint-disable-next-line no-invalid-this
this.skip();
}
@ -269,7 +269,7 @@ describe('ECDH key exchange @lightweight', function () {
});
it('Comparing keys derived using nodeCrypto and elliptic', async function () {
const names = ["p256", "p384", "p521"];
if (!openpgp.util.getNodeCrypto() || !openpgp.config.use_indutny_elliptic) {
if (!openpgp.util.getNodeCrypto() || !openpgp.config.useIndutnyElliptic) {
// eslint-disable-next-line no-invalid-this
this.skip();
}

14
test/crypto/elliptic.js
View File

@ -65,10 +65,10 @@ describe('Elliptic Curve Cryptography @lightweight', function () {
done();
});
it('Creating KeyPair', function () {
if (!openpgp.config.use_indutny_elliptic && !openpgp.util.getNodeCrypto()) {
if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) {
this.skip();
}
const names = openpgp.config.use_indutny_elliptic ? ['p256', 'p384', 'p521', 'secp256k1', 'curve25519', 'brainpoolP256r1', 'brainpoolP384r1', 'brainpoolP512r1'] :
const names = openpgp.config.useIndutnyElliptic ? ['p256', 'p384', 'p521', 'secp256k1', 'curve25519', 'brainpoolP256r1', 'brainpoolP384r1', 'brainpoolP512r1'] :
['p256', 'p384', 'p521', 'curve25519'];
return Promise.all(names.map(function (name) {
const curve = new elliptic_curves.Curve(name);
@ -164,7 +164,7 @@ describe('Elliptic Curve Cryptography @lightweight', function () {
]);
});
it('Invalid public key', async function () {
if (!openpgp.config.use_indutny_elliptic && !openpgp.util.getNodeCrypto()) {
if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) {
this.skip();
}
if (openpgp.util.getNodeCrypto()) {
@ -175,7 +175,7 @@ describe('Elliptic Curve Cryptography @lightweight', function () {
'secp256k1', 8, [], [], [], secp256k1_invalid_point_format
)).to.eventually.be.false;
}
if (openpgp.config.use_indutny_elliptic) {
if (openpgp.config.useIndutnyElliptic) {
return Promise.all([
expect(verify_signature_elliptic(
'secp256k1', 8, [], [], [], []
@ -187,7 +187,7 @@ describe('Elliptic Curve Cryptography @lightweight', function () {
}
});
it('Invalid point', function () {
if (!openpgp.config.use_indutny_elliptic && !openpgp.util.getNodeCrypto()) {
if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) {
this.skip();
}
if (openpgp.util.getNodeCrypto()) {
@ -195,14 +195,14 @@ describe('Elliptic Curve Cryptography @lightweight', function () {
'secp256k1', 8, [], [], [], secp256k1_invalid_point
)).to.eventually.be.false;
}
if (openpgp.config.use_indutny_elliptic) {
if (openpgp.config.useIndutnyElliptic) {
expect(verify_signature_elliptic(
'secp256k1', 8, [], [], [], secp256k1_invalid_point
)).to.be.rejectedWith(Error, /Invalid elliptic public key/);
}
});
it('Invalid signature', function (done) {
if (!openpgp.config.use_indutny_elliptic && !openpgp.util.getNodeCrypto()) {
if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) {
this.skip();
}
expect(verify_signature(

24
test/general/armor.js
View File

@ -170,11 +170,11 @@ describe("ASCII armor", function() {
await expect(openpgp.key.readArmored(privKey)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
// try opposite config
openpgp.config.checksum_required = !openpgp.config.checksum_required;
openpgp.config.checksumRequired = !openpgp.config.checksumRequired;
await expect(openpgp.key.readArmored(privKey)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
// back to default
openpgp.config.checksum_required = !openpgp.config.checksum_required;
openpgp.config.checksumRequired = !openpgp.config.checksumRequired;
});
it('Armor checksum validation - valid', async function () {
@ -202,11 +202,11 @@ describe("ASCII armor", function() {
await openpgp.key.readArmored(privKey);
// try opposite config
openpgp.config.checksum_required = !openpgp.config.checksum_required;
openpgp.config.checksumRequired = !openpgp.config.checksumRequired;
await openpgp.key.readArmored(privKey);
// back to default
openpgp.config.checksum_required = !openpgp.config.checksum_required;
openpgp.config.checksumRequired = !openpgp.config.checksumRequired;
});
it('Armor checksum validation - missing', async function () {
@ -230,22 +230,22 @@ describe("ASCII armor", function() {
'-----END PGP PRIVATE KEY BLOCK-----'].join('\n');
// try with default config
if (openpgp.config.checksum_required) {
if (openpgp.config.checksumRequired) {
await expect(openpgp.key.readArmored(privKeyNoCheckSum)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
} else {
await openpgp.key.readArmored(privKeyNoCheckSum);
}
// try opposite config
openpgp.config.checksum_required = !openpgp.config.checksum_required;
if (openpgp.config.checksum_required) {
openpgp.config.checksumRequired = !openpgp.config.checksumRequired;
if (openpgp.config.checksumRequired) {
await expect(openpgp.key.readArmored(privKeyNoCheckSum)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
} else {
await openpgp.key.readArmored(privKeyNoCheckSum);
}
// back to default
openpgp.config.checksum_required = !openpgp.config.checksum_required;
openpgp.config.checksumRequired = !openpgp.config.checksumRequired;
});
it('Armor checksum validation - missing - trailing newline', async function () {
@ -270,22 +270,22 @@ describe("ASCII armor", function() {
''].join('\n');
// try with default config
if (openpgp.config.checksum_required) {
if (openpgp.config.checksumRequired) {
await expect(openpgp.key.readArmored(privKeyNoCheckSumWithTrailingNewline)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
} else {
await openpgp.key.readArmored(privKeyNoCheckSumWithTrailingNewline);
}
// try opposite config
openpgp.config.checksum_required = !openpgp.config.checksum_required;
if (openpgp.config.checksum_required) {
openpgp.config.checksumRequired = !openpgp.config.checksumRequired;
if (openpgp.config.checksumRequired) {
await expect(openpgp.key.readArmored(privKeyNoCheckSumWithTrailingNewline)).to.be.rejectedWith(/Ascii armor integrity check on message failed/);
} else {
await openpgp.key.readArmored(privKeyNoCheckSumWithTrailingNewline);
}
// back to default
openpgp.config.checksum_required = !openpgp.config.checksum_required;
openpgp.config.checksumRequired = !openpgp.config.checksumRequired;
});
it('Accept header with trailing whitespace', async function () {

10
test/general/brainpool.js
View File

@ -10,7 +10,7 @@ const expect = chai.expect;
(openpgp.config.ci ? describe.skip : describe)('Brainpool Cryptography @lightweight', function () {
//only x25519 crypto is fully functional in lightbuild
if (!openpgp.config.use_indutny_elliptic && !openpgp.util.getNodeCrypto()) {
if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) {
before(function() {
this.skip();
});
@ -243,13 +243,13 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g=
});
it('Decrypt and verify message with leading zero in hash signed with old elliptic algorithm', async function () {
//this test would not work with nodeCrypto, since message is signed with leading zero stripped from the hash
const use_native = openpgp.config.use_native;
openpgp.config.use_native = false;
const useNative = openpgp.config.useNative;
openpgp.config.useNative = false;
const juliet = await load_priv_key('juliet');
const romeo = await load_pub_key('romeo');
const msg = await openpgp.message.readArmored(data.romeo. message_encrypted_with_leading_zero_in_hash_signed_by_elliptic_with_old_implementation);
const result = await openpgp.decrypt({privateKeys: juliet, publicKeys: [romeo], message: msg});
openpgp.config.use_native = use_native;
openpgp.config.useNative = useNative;
expect(result).to.exist;
expect(result.data).to.equal(data.romeo.message_with_leading_zero_in_hash_old_elliptic_implementation);
expect(result.signatures).to.have.length(1);
@ -336,7 +336,7 @@ function omnibus() {
}
tryTests('Brainpool Omnibus Tests @lightweight', omnibus, {
if: !openpgp.config.ci && (openpgp.config.use_indutny_elliptic || openpgp.util.getNodeCrypto())
if: !openpgp.config.ci && (openpgp.config.useIndutnyElliptic || openpgp.util.getNodeCrypto())
});
// TODO find test vectors

2
test/general/ecc_secp256k1.js
View File

@ -8,7 +8,7 @@ chai.use(require('chai-as-promised'));
const expect = chai.expect;
describe('Elliptic Curve Cryptography for secp256k1 curve @lightweight', function () {
if (!openpgp.config.use_indutny_elliptic && !openpgp.util.getNodeCrypto()) {
if (!openpgp.config.useIndutnyElliptic && !openpgp.util.getNodeCrypto()) {
before(function() {
this.skip();
});

60
test/general/key.js
View File

@ -1976,7 +1976,7 @@ function versionSpecificTests() {
expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage);
const sym = openpgp.enums.symmetric;
expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes256, sym.aes128, sym.aes192]);
if (openpgp.config.aead_protect) {
if (openpgp.config.aeadProtect) {
const aead = openpgp.enums.aead;
expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.eax, aead.ocb]);
}
@ -1986,9 +1986,9 @@ function versionSpecificTests() {
expect(key.users[0].selfCertifications[0].preferredCompressionAlgorithms).to.eql([compr.zlib, compr.zip, compr.uncompressed]);
let expectedFeatures;
if (openpgp.config.v5_keys) {
if (openpgp.config.v5Keys) {
expectedFeatures = [7]; // v5 + aead + mdc
} else if (openpgp.config.aead_protect) {
} else if (openpgp.config.aeadProtect) {
expectedFeatures = [3]; // aead + mdc
} else {
expectedFeatures = [1]; // mdc
@ -2003,14 +2003,14 @@ function versionSpecificTests() {
});
it('Preferences of generated key - with config values', async function() {
const encryption_cipherVal = openpgp.config.encryption_cipher;
const prefer_hash_algorithmVal = openpgp.config.prefer_hash_algorithm;
const encryptionCipherVal = openpgp.config.encryptionCipher;
const preferHashAlgorithmVal = openpgp.config.preferHashAlgorithm;
const compressionVal = openpgp.config.compression;
const aead_modeVal = openpgp.config.aead_mode;
openpgp.config.encryption_cipher = openpgp.enums.symmetric.aes192;
openpgp.config.prefer_hash_algorithm = openpgp.enums.hash.sha224;
const aeadModeVal = openpgp.config.aeadMode;
openpgp.config.encryptionCipher = openpgp.enums.symmetric.aes192;
openpgp.config.preferHashAlgorithm = openpgp.enums.hash.sha224;
openpgp.config.compression = openpgp.enums.compression.zlib;
openpgp.config.aead_mode = openpgp.enums.aead.experimental_gcm;
openpgp.config.aeadMode = openpgp.enums.aead.experimental_gcm;
const testPref = function(key) {
// key flags
@ -2021,7 +2021,7 @@ function versionSpecificTests() {
expect(key.subKeys[0].bindingSignatures[0].keyFlags[0] & keyFlags.encrypt_storage).to.equal(keyFlags.encrypt_storage);
const sym = openpgp.enums.symmetric;
expect(key.users[0].selfCertifications[0].preferredSymmetricAlgorithms).to.eql([sym.aes192, sym.aes256, sym.aes128]);
if (openpgp.config.aead_protect) {
if (openpgp.config.aeadProtect) {
const aead = openpgp.enums.aead;
expect(key.users[0].selfCertifications[0].preferredAeadAlgorithms).to.eql([aead.experimental_gcm, aead.eax, aead.ocb]);
}
@ -2031,9 +2031,9 @@ function versionSpecificTests() {
expect(key.users[0].selfCertifications[0].preferredCompressionAlgorithms).to.eql([compr.zlib, compr.zip, compr.uncompressed]);
let expectedFeatures;
if (openpgp.config.v5_keys) {
if (openpgp.config.v5Keys) {
expectedFeatures = [7]; // v5 + aead + mdc
} else if (openpgp.config.aead_protect) {
} else if (openpgp.config.aeadProtect) {
expectedFeatures = [3]; // aead + mdc
} else {
expectedFeatures = [1]; // mdc
@ -2046,10 +2046,10 @@ function versionSpecificTests() {
testPref(key.key);
testPref(await openpgp.key.readArmored(key.publicKeyArmored));
} finally {
openpgp.config.encryption_cipher = encryption_cipherVal;
openpgp.config.prefer_hash_algorithm = prefer_hash_algorithmVal;
openpgp.config.encryptionCipher = encryptionCipherVal;
openpgp.config.preferHashAlgorithm = preferHashAlgorithmVal;
openpgp.config.compression = compressionVal;
openpgp.config.aead_mode = aead_modeVal;
openpgp.config.aeadMode = aeadModeVal;
}
});
@ -2531,8 +2531,8 @@ function versionSpecificTests() {
describe('Key', function() {
let rsaGenStub;
let v5_keysVal;
let aead_protectVal;
let v5KeysVal;
let aeadProtectVal;
let rsaGenValue = openpgp.crypto.publicKey.rsa.generate(openpgp.util.getWebCryptoAll() ? 2048 : 512, "10001");
beforeEach(function() {
@ -2547,25 +2547,25 @@ describe('Key', function() {
tryTests('V4', versionSpecificTests, {
if: !openpgp.config.ci,
beforeEach: function() {
v5_keysVal = openpgp.config.v5_keys;
openpgp.config.v5_keys = false;
v5KeysVal = openpgp.config.v5Keys;
openpgp.config.v5Keys = false;
},
afterEach: function() {
openpgp.config.v5_keys = v5_keysVal;
openpgp.config.v5Keys = v5KeysVal;
}
});
tryTests('V5', versionSpecificTests, {
if: !openpgp.config.ci,
beforeEach: function() {
v5_keysVal = openpgp.config.v5_keys;
aead_protectVal = openpgp.config.aead_protect;
openpgp.config.v5_keys = true;
openpgp.config.aead_protect = true;
v5KeysVal = openpgp.config.v5Keys;
aeadProtectVal = openpgp.config.aeadProtect;
openpgp.config.v5Keys = true;
openpgp.config.aeadProtect = true;
},
afterEach: function() {
openpgp.config.v5_keys = v5_keysVal;
openpgp.config.aead_protect = aead_protectVal;
openpgp.config.v5Keys = v5KeysVal;
openpgp.config.aeadProtect = aeadProtectVal;
}
});
@ -2699,22 +2699,22 @@ describe('Key', function() {
});
it('should not decrypt using a sign-only RSA key, unless explicitly configured', async function () {
const allowSigningKeyDecryption = openpgp.config.allow_insecure_decryption_with_signing_keys;
const allowSigningKeyDecryption = openpgp.config.allowInsecureDecryptionWithSigningKeys;
const key = await openpgp.key.readArmored(rsaSignOnly);
try {
openpgp.config.allow_insecure_decryption_with_signing_keys = false;
openpgp.config.allowInsecureDecryptionWithSigningKeys = false;
await expect(openpgp.decrypt({
message: await openpgp.message.readArmored(encryptedRsaSignOnly),
privateKeys: key
})).to.be.rejectedWith(/Session key decryption failed/);
openpgp.config.allow_insecure_decryption_with_signing_keys = true;
openpgp.config.allowInsecureDecryptionWithSigningKeys = true;
await expect(openpgp.decrypt({
message: await openpgp.message.readArmored(encryptedRsaSignOnly),
privateKeys: key
})).to.be.fulfilled;
} finally {
openpgp.config.allow_insecure_decryption_with_signing_keys = allowSigningKeyDecryption;
openpgp.config.allowInsecureDecryptionWithSigningKeys = allowSigningKeyDecryption;
}
});

74
test/general/openpgp.js
View File

@ -636,18 +636,18 @@ describe('OpenPGP.js public api tests', function() {
});
describe('generateKey - integration tests', function() {
let use_nativeVal;
let useNativeVal;
beforeEach(function() {
use_nativeVal = openpgp.config.use_native;
useNativeVal = openpgp.config.useNative;
});
afterEach(function() {
openpgp.config.use_native = use_nativeVal;
openpgp.config.useNative = useNativeVal;
});
it('should work in JS', function() {
openpgp.config.use_native = false;
openpgp.config.useNative = false;
const opt = {
userIds: [{ name: 'Test User', email: 'text@example.com' }],
};
@ -660,7 +660,7 @@ describe('OpenPGP.js public api tests', function() {
});
it('should work in with native crypto', function() {
openpgp.config.use_native = true;
openpgp.config.useNative = true;
const opt = {
userIds: [{ name: 'Test User', email: 'text@example.com' }],
};
@ -683,11 +683,11 @@ describe('OpenPGP.js public api tests', function() {
let privateKey;
let publicKey;
let publicKeyNoAEAD;
let use_nativeVal;
let aead_protectVal;
let aead_modeVal;
let aead_chunk_size_byteVal;
let v5_keysVal;
let useNativeVal;
let aeadProtectVal;
let aeadModeVal;
let aeadChunkSizeByteVal;
let v5KeysVal;
beforeEach(async function() {
publicKey = await openpgp.key.readArmored(pub_key);
@ -699,24 +699,24 @@ describe('OpenPGP.js public api tests', function() {
publicKey_2038_2045 = privateKey_2038_2045.toPublic();
privateKey_1337 = await openpgp.key.readArmored(priv_key_expires_1337);
publicKey_1337 = privateKey_1337.toPublic();
use_nativeVal = openpgp.config.use_native;
aead_protectVal = openpgp.config.aead_protect;
aead_modeVal = openpgp.config.aead_mode;
aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
v5_keysVal = openpgp.config.v5_keys;
useNativeVal = openpgp.config.useNative;
aeadProtectVal = openpgp.config.aeadProtect;
aeadModeVal = openpgp.config.aeadMode;
aeadChunkSizeByteVal = openpgp.config.aeadChunkSizeByte;
v5KeysVal = openpgp.config.v5Keys;
});
afterEach(function() {
openpgp.config.use_native = use_nativeVal;
openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_mode = aead_modeVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
openpgp.config.v5_keys = v5_keysVal;
openpgp.config.useNative = useNativeVal;
openpgp.config.aeadProtect = aeadProtectVal;
openpgp.config.aeadMode = aeadModeVal;
openpgp.config.aeadChunkSizeByte = aeadChunkSizeByteVal;
openpgp.config.v5Keys = v5KeysVal;
});
it('Configuration', async function() {
openpgp.config.show_version = false;
openpgp.config.commentstring = 'different';
openpgp.config.showVersion = false;
openpgp.config.commentString = 'different';
return openpgp.encrypt({ publicKeys:publicKey, message:openpgp.message.fromText(plaintext) }).then(function(encrypted) {
expect(encrypted).to.exist;
@ -773,16 +773,16 @@ describe('OpenPGP.js public api tests', function() {
tryTests('CFB mode (asm.js)', tests, {
if: true,
beforeEach: function() {
openpgp.config.aead_protect = false;
openpgp.config.aeadProtect = false;
}
});
tryTests('GCM mode (V5 keys)', tests, {
if: true,
beforeEach: function() {
openpgp.config.aead_protect = true;
openpgp.config.aead_mode = openpgp.enums.aead.experimental_gcm;
openpgp.config.v5_keys = true;
openpgp.config.aeadProtect = true;
openpgp.config.aeadMode = openpgp.enums.aead.experimental_gcm;
openpgp.config.v5Keys = true;
// Monkey-patch AEAD feature flag
publicKey.users[0].selfCertifications[0].features = [7];
@ -794,8 +794,8 @@ describe('OpenPGP.js public api tests', function() {
tryTests('EAX mode (small chunk size)', tests, {
if: true,
beforeEach: function() {
openpgp.config.aead_protect = true;
openpgp.config.aead_chunk_size_byte = 0;
openpgp.config.aeadProtect = true;
openpgp.config.aeadChunkSizeByte = 0;
// Monkey-patch AEAD feature flag
publicKey.users[0].selfCertifications[0].features = [7];
@ -807,8 +807,8 @@ describe('OpenPGP.js public api tests', function() {
tryTests('OCB mode', tests, {
if: !openpgp.config.ci,
beforeEach: function() {
openpgp.config.aead_protect = true;
openpgp.config.aead_mode = openpgp.enums.aead.ocb;
openpgp.config.aeadProtect = true;
openpgp.config.aeadMode = openpgp.enums.aead.ocb;
// Monkey-patch AEAD feature flag
publicKey.users[0].selfCertifications[0].features = [7];
@ -1148,7 +1148,7 @@ describe('OpenPGP.js public api tests', function() {
};
return openpgp.encrypt(encOpt).then(async function (encrypted) {
decOpt.message = await openpgp.message.readArmored(encrypted);
expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aead_protect);
expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aeadProtect);
return openpgp.decrypt(decOpt);
}).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext);
@ -1202,7 +1202,7 @@ describe('OpenPGP.js public api tests', function() {
};
return openpgp.encrypt(encOpt).then(async function (encrypted) {
decOpt.message = await openpgp.message.readArmored(encrypted);
expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aead_protect);
expect(!!decOpt.message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aeadProtect);
return openpgp.decrypt(decOpt);
}).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext);
@ -1231,7 +1231,7 @@ describe('OpenPGP.js public api tests', function() {
detached: true
});
const message = await openpgp.message.readArmored(encrypted);
expect(!!message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aead_protect);
expect(!!message.packets.findPacket(openpgp.enums.packet.symEncryptedAEADProtected)).to.equal(openpgp.config.aeadProtect);
const decrypted = await openpgp.decrypt({
message,
signature: await openpgp.signature.readArmored(signed),
@ -1532,7 +1532,7 @@ describe('OpenPGP.js public api tests', function() {
expect(e.message).to.match(/Ascii armor integrity check on message failed/);
expect(stepReached).to.equal(
j === 0 ? 0 :
(openpgp.config.aead_chunk_size_byte === 0 && (j === 2 || openpgp.util.detectNode() || openpgp.util.getHardwareConcurrency() < 8)) || (!openpgp.config.aead_protect && openpgp.config.allow_unauthenticated_stream) ? 2 :
(openpgp.config.aeadChunkSizeByte === 0 && (j === 2 || openpgp.util.detectNode() || openpgp.util.getHardwareConcurrency() < 8)) || (!openpgp.config.aeadProtect && openpgp.config.allowUnauthenticatedStream) ? 2 :
1
);
return;
@ -2371,8 +2371,8 @@ J9I8AcH94nE77JUtCm7s1kOlo0EIshZsAqJwGveDGdAuabfViVwVxG4I24M6
it('should decrypt broken Blowfish message from old OpenPGP.js', async function() {
openpgp.crypto.cipher.blowfish.blockSize = 16;
openpgp.crypto.cipher.blowfish.prototype.blockSize = 16;
const use_nativeVal = openpgp.config.use_native;
openpgp.config.use_native = false;
const useNativeVal = openpgp.config.useNative;
openpgp.config.useNative = false;
try {
const { data } = await openpgp.decrypt({
passwords: 'test',
@ -2390,7 +2390,7 @@ YCXOZwd3z5lxcj/M
} finally {
openpgp.crypto.cipher.blowfish.blockSize = 8;
openpgp.crypto.cipher.blowfish.prototype.blockSize = 8;
openpgp.config.use_native = use_nativeVal;
openpgp.config.useNative = useNativeVal;
}
});

80
test/general/packet.js
View File

@ -79,7 +79,7 @@ describe("Packet", function() {
const msg2 = new openpgp.message.Message();
await msg2.packets.read(message.write());
msg2.packets[0].ignore_mdc_error = true;
msg2.packets[0].ignoreMdcError = true;
const dec = await msg2.decrypt(null, null, [{ algorithm: algo, data: key }]);
expect(await stringify(dec.packets[0].data)).to.equal(stringify(literal.data));
@ -151,8 +151,8 @@ describe("Packet", function() {
});
it('Sym. encrypted AEAD protected packet (AEAD)', async function() {
let aead_protectVal = openpgp.config.aead_protect;
openpgp.config.aead_protect = true;
let aeadProtectVal = openpgp.config.aeadProtect;
openpgp.config.aeadProtect = true;
const testText = input.createSomeMessage();
const key = new Uint8Array([1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2]);
@ -174,7 +174,7 @@ describe("Packet", function() {
await msg2[0].decrypt(algo, key);
expect(await openpgp.stream.readToEnd(msg2[0].packets[0].data)).to.deep.equal(literal.data);
} finally {
openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aeadProtect = aeadProtectVal;
}
});
@ -204,10 +204,10 @@ describe("Packet", function() {
const encryptStub = cryptStub(webCrypto, 'encrypt');
const decryptStub = cryptStub(webCrypto, 'decrypt');
let aead_protectVal = openpgp.config.aead_protect;
let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
openpgp.config.aead_protect = true;
openpgp.config.aead_chunk_size_byte = 0;
let aeadProtectVal = openpgp.config.aeadProtect;
let aeadChunkSizeByteVal = openpgp.config.aeadChunkSizeByte;
openpgp.config.aeadProtect = true;
openpgp.config.aeadChunkSizeByte = 0;
const testText = input.createSomeMessage();
const key = new Uint8Array([1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2]);
@ -232,8 +232,8 @@ describe("Packet", function() {
expect(encryptStub.callCount > 1).to.be.true;
expect(decryptStub.callCount > 1).to.be.true;
} finally {
openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
openpgp.config.aeadProtect = aeadProtectVal;
openpgp.config.aeadChunkSizeByte = aeadChunkSizeByteVal;
encryptStub.restore();
decryptStub.restore();
}
@ -250,10 +250,10 @@ describe("Packet", function() {
ab 01 3d e1 25 95 86 90 6e ab 24 76
`.replace(/\s+/g, ''));
let aead_protectVal = openpgp.config.aead_protect;
let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
openpgp.config.aead_protect = true;
openpgp.config.aead_chunk_size_byte = 14;
let aeadProtectVal = openpgp.config.aeadProtect;
let aeadChunkSizeByteVal = openpgp.config.aeadChunkSizeByte;
openpgp.config.aeadProtect = true;
openpgp.config.aeadChunkSizeByte = 14;
const iv = openpgp.util.hex_to_Uint8Array('b7 32 37 9f 73 c4 92 8d e2 5f ac fe 65 17 ec 10'.replace(/\s+/g, ''));
const key = openpgp.util.hex_to_Uint8Array('86 f1 ef b8 69 52 32 9f 24 ac d3 bf d0 e5 34 6d'.replace(/\s+/g, ''));
@ -281,8 +281,8 @@ describe("Packet", function() {
await msg2[0].decrypt(algo, key);
expect(await openpgp.stream.readToEnd(msg2[0].packets[0].data)).to.deep.equal(literal.data);
} finally {
openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
openpgp.config.aeadProtect = aeadProtectVal;
openpgp.config.aeadChunkSizeByte = aeadChunkSizeByteVal;
randomBytesStub.restore();
}
});
@ -487,8 +487,8 @@ describe("Packet", function() {
});
it('Sym. encrypted session key reading/writing (AEAD)', async function() {
let aead_protectVal = openpgp.config.aead_protect;
openpgp.config.aead_protect = true;
let aeadProtectVal = openpgp.config.aeadProtect;
openpgp.config.aeadProtect = true;
try {
const passphrase = 'hello';
@ -521,19 +521,19 @@ describe("Packet", function() {
expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data));
} finally {
openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aeadProtect = aeadProtectVal;
}
});
it('Sym. encrypted session key reading/writing test vector (EAX, AEAD)', async function() {
// From https://gitlab.com/openpgp-wg/rfc4880bis/blob/00b20923/back.mkd#sample-aead-eax-encryption-and-decryption
let aead_protectVal = openpgp.config.aead_protect;
let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
let s2k_iteration_count_byteVal = openpgp.config.s2k_iteration_count_byte;
openpgp.config.aead_protect = true;
openpgp.config.aead_chunk_size_byte = 14;
openpgp.config.s2k_iteration_count_byte = 0x90;
let aeadProtectVal = openpgp.config.aeadProtect;
let aeadChunkSizeByteVal = openpgp.config.aeadChunkSizeByte;
let s2kIterationCountByteVal = openpgp.config.s2kIterationCountByte;
openpgp.config.aeadProtect = true;
openpgp.config.aeadChunkSizeByte = 14;
openpgp.config.s2kIterationCountByte = 0x90;
let salt = openpgp.util.hex_to_Uint8Array(`cd5a9f70fbe0bc65`);
let sessionKey = openpgp.util.hex_to_Uint8Array(`86 f1 ef b8 69 52 32 9f 24 ac d3 bf d0 e5 34 6d`.replace(/\s+/g, ''));
@ -593,9 +593,9 @@ describe("Packet", function() {
expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data));
} finally {
openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
openpgp.config.s2k_iteration_count_byte = s2k_iteration_count_byteVal;
openpgp.config.aeadProtect = aeadProtectVal;
openpgp.config.aeadChunkSizeByte = aeadChunkSizeByteVal;
openpgp.config.s2kIterationCountByte = s2kIterationCountByteVal;
randomBytesStub.restore();
}
});
@ -603,12 +603,12 @@ describe("Packet", function() {
it('Sym. encrypted session key reading/writing test vector (AEAD, OCB)', async function() {
// From https://gitlab.com/openpgp-wg/rfc4880bis/blob/00b20923/back.mkd#sample-aead-ocb-encryption-and-decryption
let aead_protectVal = openpgp.config.aead_protect;
let aead_chunk_size_byteVal = openpgp.config.aead_chunk_size_byte;
let s2k_iteration_count_byteVal = openpgp.config.s2k_iteration_count_byte;
openpgp.config.aead_protect = true;
openpgp.config.aead_chunk_size_byte = 14;
openpgp.config.s2k_iteration_count_byte = 0x90;
let aeadProtectVal = openpgp.config.aeadProtect;
let aeadChunkSizeByteVal = openpgp.config.aeadChunkSizeByte;
let s2kIterationCountByteVal = openpgp.config.s2kIterationCountByte;
openpgp.config.aeadProtect = true;
openpgp.config.aeadChunkSizeByte = 14;
openpgp.config.s2kIterationCountByte = 0x90;
let salt = openpgp.util.hex_to_Uint8Array(`9f0b7da3e5ea6477`);
let sessionKey = openpgp.util.hex_to_Uint8Array(`d1 f0 1b a3 0e 13 0a a7 d2 58 2c 16 e0 50 ae 44`.replace(/\s+/g, ''));
@ -669,9 +669,9 @@ describe("Packet", function() {
expect(await stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data));
} finally {
openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteVal;
openpgp.config.s2k_iteration_count_byte = s2k_iteration_count_byteVal;
openpgp.config.aeadProtect = aeadProtectVal;
openpgp.config.aeadChunkSizeByte = aeadChunkSizeByteVal;
openpgp.config.s2kIterationCountByte = s2kIterationCountByteVal;
randomBytesStub.restore();
}
});
@ -870,8 +870,8 @@ V+HOQJQxXJkVRYa3QrFUehiMzTeqqMdgC6ZqJy7+
});
it('Writing and encryption of a secret key packet. (AEAD)', async function() {
let aead_protectVal = openpgp.config.aead_protect;
openpgp.config.aead_protect = true;
let aeadProtectVal = openpgp.config.aeadProtect;
openpgp.config.aeadProtect = true;
const key = new openpgp.packet.List();
key.push(new openpgp.packet.SecretKey());
@ -899,7 +899,7 @@ V+HOQJQxXJkVRYa3QrFUehiMzTeqqMdgC6ZqJy7+
expect(key[0].params.toString()).to.equal(key2[0].params.toString());
} finally {
openpgp.config.aead_protect = aead_protectVal;
openpgp.config.aeadProtect = aeadProtectVal;
}
});

40
test/general/signature.js
View File

@ -841,8 +841,8 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw==
`;
it('Testing signature checking on CAST5-enciphered message', async function() {
const { reject_message_hash_algorithms } = openpgp.config;
Object.assign(openpgp.config, { reject_message_hash_algorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
const { rejectMessageHashAlgorithms } = openpgp.config;
Object.assign(openpgp.config, { rejectMessageHashAlgorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
try {
const priv_key = await openpgp.key.readArmored(priv_key_arm1);
const pub_key = await openpgp.key.readArmored(pub_key_arm1);
@ -853,13 +853,13 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw==
expect(decrypted.signatures[0].valid).to.be.true;
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
} finally {
Object.assign(openpgp.config, { reject_message_hash_algorithms });
Object.assign(openpgp.config, { rejectMessageHashAlgorithms });
}
});
it('Supports decrypting with GnuPG stripped-key extension', async function() {
const { reject_message_hash_algorithms } = openpgp.config;
Object.assign(openpgp.config, { reject_message_hash_algorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
const { rejectMessageHashAlgorithms } = openpgp.config;
Object.assign(openpgp.config, { rejectMessageHashAlgorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
try {
// exercises the GnuPG s2k type 1001 extension:
// the secrets on the primary key have been stripped.
@ -885,7 +885,7 @@ hUhMKMuiM3pRwdIyDOItkUWQmjEEw7/XmhgInkXsCw==
const primaryKey_packet2 = priv_key_gnupg_ext.primaryKey.write();
expect(primaryKey_packet).to.deep.equal(primaryKey_packet2);
} finally {
Object.assign(openpgp.config, { reject_message_hash_algorithms });
Object.assign(openpgp.config, { rejectMessageHashAlgorithms });
}
});
@ -938,8 +938,8 @@ bwM=
});
it('Verify V4 signature. Hash: SHA1. PK: RSA. Signature Type: 0x00 (binary document)', async function() {
const { reject_message_hash_algorithms } = openpgp.config;
Object.assign(openpgp.config, { reject_message_hash_algorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
const { rejectMessageHashAlgorithms } = openpgp.config;
Object.assign(openpgp.config, { rejectMessageHashAlgorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
try {
const signedArmor =
['-----BEGIN PGP MESSAGE-----',
@ -962,7 +962,7 @@ bwM=
expect(await verified[0].verified).to.be.true;
expect((await verified[0].signature).packets.length).to.equal(1);
} finally {
Object.assign(openpgp.config, { reject_message_hash_algorithms });
Object.assign(openpgp.config, { rejectMessageHashAlgorithms });
}
});
@ -1059,7 +1059,7 @@ bwM=
it('Verify succeeds with known signed message with critical notations', async function() {
openpgp.config.tolerant = false;
openpgp.config.known_notations.push('test@example.com');
openpgp.config.knownNotations.push('test@example.com');
try {
const sMsg = await openpgp.message.readArmored(signature_with_critical_notation);
const pub_key = await openpgp.key.readArmored(pub_key_arm2);
@ -1067,7 +1067,7 @@ bwM=
openpgp.stream.pipe(sMsg.getLiteralData(), new openpgp.stream.WritableStream());
expect(await verified[0].verified).to.be.true;
} finally {
openpgp.config.known_notations.pop();
openpgp.config.knownNotations.pop();
openpgp.config.tolerant = true;
}
});
@ -1151,8 +1151,8 @@ PAAeuQTUrcJdZeJ86eQ9cCUB216HCwSKOWTQRzL+hBWKXij4WD4=
it('Verify cleartext signed message with trailing spaces from GPG', async function() {
const { reject_message_hash_algorithms } = openpgp.config;
Object.assign(openpgp.config, { reject_message_hash_algorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
const { rejectMessageHashAlgorithms } = openpgp.config;
Object.assign(openpgp.config, { rejectMessageHashAlgorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
try {
const msg_armor =
`-----BEGIN PGP SIGNED MESSAGE-----
@ -1189,7 +1189,7 @@ zmuVOdNuWQqxT9Sqa84=
expect(cleartextSig.signatures[0].valid).to.be.true;
expect(cleartextSig.signatures[0].signature.packets.length).to.equal(1);
} finally {
Object.assign(openpgp.config, { reject_message_hash_algorithms });
Object.assign(openpgp.config, { rejectMessageHashAlgorithms });
}
});
@ -1220,7 +1220,7 @@ yYDnCgA=
expect(cleartextSig).to.exist;
expect(cleartextSig.data).to.equal(plaintext);
expect(cleartextSig.signatures).to.have.length(1);
expect(cleartextSig.signatures[0].valid).to.equal(!openpgp.config.reject_message_hash_algorithms.has(openpgp.enums.hash.sha1));
expect(cleartextSig.signatures[0].valid).to.equal(!openpgp.config.rejectMessageHashAlgorithms.has(openpgp.enums.hash.sha1));
expect(cleartextSig.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1257,7 +1257,7 @@ yYDnCgA=
expect(cleartextSig).to.exist;
expect(await openpgp.stream.readToEnd(cleartextSig.data)).to.equal(plaintext);
expect(cleartextSig.signatures).to.have.length(1);
if (!openpgp.config.reject_message_hash_algorithms.has(openpgp.enums.hash.sha1)) {
if (!openpgp.config.rejectMessageHashAlgorithms.has(openpgp.enums.hash.sha1)) {
expect(await cleartextSig.signatures[0].verified).to.be.true;
} else {
await expect(cleartextSig.signatures[0].verified).to.be.rejectedWith('Insecure message hash algorithm: SHA1');
@ -1331,15 +1331,15 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
tests();
let reject_message_hash_algorithms;
let rejectMessageHashAlgorithms;
tryTests('Accept SHA-1 signatures', tests, {
if: true,
before: function() {
({ reject_message_hash_algorithms } = openpgp.config);
Object.assign(openpgp.config, { reject_message_hash_algorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
({ rejectMessageHashAlgorithms } = openpgp.config);
Object.assign(openpgp.config, { rejectMessageHashAlgorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]) });
},
after: function() {
Object.assign(openpgp.config, { reject_message_hash_algorithms });
Object.assign(openpgp.config, { rejectMessageHashAlgorithms });
}
});

86
test/general/streaming.js
View File

@ -234,8 +234,8 @@ function tests() {
});
it('Encrypt and decrypt larger message roundtrip', async function() {
let aead_protectValue = openpgp.config.aead_protect;
openpgp.config.aead_protect = false;
let aeadProtectValue = openpgp.config.aeadProtect;
openpgp.config.aeadProtect = false;
const encrypted = await openpgp.encrypt({
message: openpgp.message.fromBinary(data),
passwords: ['test'],
@ -255,14 +255,14 @@ function tests() {
expect(await reader.peekBytes(1024)).to.deep.equal(plaintext[0]);
if (i <= 10) throw new Error('Data arrived early.');
expect(await reader.readToEnd()).to.deep.equal(util.concatUint8Array(plaintext));
openpgp.config.aead_protect = aead_protectValue;
openpgp.config.aeadProtect = aeadProtectValue;
});
it('Encrypt and decrypt larger message roundtrip (allow_unauthenticated_stream=true)', async function() {
let aead_protectValue = openpgp.config.aead_protect;
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
openpgp.config.aead_protect = false;
openpgp.config.allow_unauthenticated_stream = true;
it('Encrypt and decrypt larger message roundtrip (allowUnauthenticatedStream=true)', async function() {
let aeadProtectValue = openpgp.config.aeadProtect;
let allowUnauthenticatedStreamValue = openpgp.config.allowUnauthenticatedStream;
openpgp.config.aeadProtect = false;
openpgp.config.allowUnauthenticatedStream = true;
try {
const encrypted = await openpgp.encrypt({
message: openpgp.message.fromBinary(data),
@ -285,14 +285,14 @@ function tests() {
expect(await reader.readToEnd()).to.deep.equal(util.concatUint8Array(plaintext));
expect(decrypted.signatures).to.exist.and.have.length(0);
} finally {
openpgp.config.aead_protect = aead_protectValue;
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
openpgp.config.aeadProtect = aeadProtectValue;
openpgp.config.allowUnauthenticatedStream = allowUnauthenticatedStreamValue;
}
});
it('Encrypt and decrypt larger message roundtrip using public keys (allow_unauthenticated_stream=true)', async function() {
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
openpgp.config.allow_unauthenticated_stream = true;
it('Encrypt and decrypt larger message roundtrip using public keys (allowUnauthenticatedStream=true)', async function() {
let allowUnauthenticatedStreamValue = openpgp.config.allowUnauthenticatedStream;
openpgp.config.allowUnauthenticatedStream = true;
try {
const encrypted = await openpgp.encrypt({
message: openpgp.message.fromBinary(data),
@ -315,13 +315,13 @@ function tests() {
dataArrived();
expect(await reader.readToEnd()).to.deep.equal(util.concatUint8Array(plaintext));
} finally {
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
openpgp.config.allowUnauthenticatedStream = allowUnauthenticatedStreamValue;
}
});
it('Encrypt and decrypt larger message roundtrip using curve x25519 (allow_unauthenticated_stream=true)', async function() {
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
openpgp.config.allow_unauthenticated_stream = true;
it('Encrypt and decrypt larger message roundtrip using curve x25519 (allowUnauthenticatedStream=true)', async function() {
let allowUnauthenticatedStreamValue = openpgp.config.allowUnauthenticatedStream;
openpgp.config.allowUnauthenticatedStream = true;
const priv = await openpgp.key.readArmored(xPriv);
const pub = await openpgp.key.readArmored(xPub);
await priv.decrypt(xPass);
@ -347,13 +347,13 @@ function tests() {
dataArrived();
expect(await reader.readToEnd()).to.deep.equal(util.concatUint8Array(plaintext));
} finally {
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
openpgp.config.allowUnauthenticatedStream = allowUnauthenticatedStreamValue;
}
});
it('Encrypt and decrypt larger message roundtrip using curve brainpool (allow_unauthenticated_stream=true)', async function() {
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
openpgp.config.allow_unauthenticated_stream = true;
it('Encrypt and decrypt larger message roundtrip using curve brainpool (allowUnauthenticatedStream=true)', async function() {
let allowUnauthenticatedStreamValue = openpgp.config.allowUnauthenticatedStream;
openpgp.config.allowUnauthenticatedStream = true;
const priv = await openpgp.key.readArmored(brainpoolPriv);
const pub = await openpgp.key.readArmored(brainpoolPub);
await priv.decrypt(brainpoolPass);
@ -379,15 +379,15 @@ function tests() {
dataArrived();
expect(await reader.readToEnd()).to.deep.equal(util.concatUint8Array(plaintext));
} finally {
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
openpgp.config.allowUnauthenticatedStream = allowUnauthenticatedStreamValue;
}
});
it('Detect MDC modifications (allow_unauthenticated_stream=true)', async function() {
let aead_protectValue = openpgp.config.aead_protect;
openpgp.config.aead_protect = false;
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
openpgp.config.allow_unauthenticated_stream = true;
it('Detect MDC modifications (allowUnauthenticatedStream=true)', async function() {
let aeadProtectValue = openpgp.config.aeadProtect;
openpgp.config.aeadProtect = false;
let allowUnauthenticatedStreamValue = openpgp.config.allowUnauthenticatedStream;
openpgp.config.allowUnauthenticatedStream = true;
try {
const encrypted = await openpgp.encrypt({
message: openpgp.message.fromBinary(data),
@ -415,14 +415,14 @@ function tests() {
await expect(reader.readToEnd()).to.be.rejectedWith('Modification detected.');
expect(decrypted.signatures).to.exist.and.have.length(0);
} finally {
openpgp.config.aead_protect = aead_protectValue;
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
openpgp.config.aeadProtect = aeadProtectValue;
openpgp.config.allowUnauthenticatedStream = allowUnauthenticatedStreamValue;
}
});
it('Detect armor checksum error (allow_unauthenticated_stream=true)', async function() {
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
openpgp.config.allow_unauthenticated_stream = true;
it('Detect armor checksum error (allowUnauthenticatedStream=true)', async function() {
let allowUnauthenticatedStreamValue = openpgp.config.allowUnauthenticatedStream;
openpgp.config.allowUnauthenticatedStream = true;
try {
const encrypted = await openpgp.encrypt({
message: openpgp.message.fromBinary(data),
@ -451,13 +451,13 @@ function tests() {
await expect(reader.readToEnd()).to.be.rejectedWith('Ascii armor integrity check on message failed');
expect(decrypted.signatures).to.exist.and.have.length(1);
} finally {
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
openpgp.config.allowUnauthenticatedStream = allowUnauthenticatedStreamValue;
}
});
it('Detect armor checksum error when not passing public keys (allow_unauthenticated_stream=true)', async function() {
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
openpgp.config.allow_unauthenticated_stream = true;
it('Detect armor checksum error when not passing public keys (allowUnauthenticatedStream=true)', async function() {
let allowUnauthenticatedStreamValue = openpgp.config.allowUnauthenticatedStream;
openpgp.config.allowUnauthenticatedStream = true;
try {
const encrypted = await openpgp.encrypt({
message: openpgp.message.fromBinary(data),
@ -486,7 +486,7 @@ function tests() {
expect(decrypted.signatures).to.exist.and.have.length(1);
expect(await decrypted.signatures[0].verified).to.be.null;
} finally {
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
openpgp.config.allowUnauthenticatedStream = allowUnauthenticatedStreamValue;
}
});
@ -539,8 +539,8 @@ function tests() {
});
it('Encrypt and decrypt larger text message roundtrip (AEAD)', async function() {
let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte;
openpgp.config.aead_chunk_size_byte = 0;
let aeadChunkSizeByteValue = openpgp.config.aeadChunkSizeByte;
openpgp.config.aeadChunkSizeByte = 0;
try {
let plaintext = [];
let i = 0;
@ -574,7 +574,7 @@ function tests() {
dataArrived();
expect((await reader.readToEnd()).toString('utf8')).to.equal(util.concat(plaintext));
} finally {
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteValue;
openpgp.config.aeadChunkSizeByte = aeadChunkSizeByteValue;
}
});
@ -872,10 +872,10 @@ function tests() {
describe('Streaming', function() {
let currentTest = 0;
const aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte;
const aeadChunkSizeByteValue = openpgp.config.aeadChunkSizeByte;
before(async function() {
openpgp.config.aead_chunk_size_byte = 4;
openpgp.config.aeadChunkSizeByte = 4;
pubKey = await openpgp.key.readArmored(pub_key);
privKey = await openpgp.key.readArmored(priv_key);
@ -910,7 +910,7 @@ describe('Streaming', function() {
});
after(function() {
openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteValue;
openpgp.config.aeadChunkSizeByte = aeadChunkSizeByteValue;
});
tryTests('WhatWG Streams', tests, {

1
test/general/x25519.js
View File

@ -537,4 +537,3 @@ function omnibus() {
tryTests('X25519 Omnibus Tests', omnibus, {
if: !openpgp.config.ci
});