To encrypt/decrypt a key, the top-level functions `openpgp.encryptKey` and
`openpgp.decryptKey` should be used instead: these don't mutate the key;
instead, they either return a new encrypted/decrypted key object or throw an
error.
With `Key.prototype.encrypt` and `decrypt`, which mutated the key, it was
possible to end up in an inconsistent state if some (sub)keys could be
decrypted but others couldn't, they would both mutate the key and throw an
error, which is unexpected.
Note that the `keyID` parameter is not supported by `encryptKey`/`decryptKey`,
since partial key decryption is not recommended. If you still need to decrypt
a single subkey or primary key `k`, you can call `k.keyPacket.decrypt(...)`,
followed by `k.keyPacket.validate(...)`. Similarly, for encryption, call
`k.keyPacket.encrypt(...)`.
Additionally, `openpgp.generateKey` now requires `options.userIDs` again,
since otherwise the key is basically unusable. This was a regression from v4,
since we now allow parsing keys without user IDs (but still not using them).
- Use PascalCase for classes, with uppercase acronyms.
- Use camelCase for function and variables. First word/acronym is always
lowercase, otherwise acronyms are uppercase.
Also, make the packet classes' `tag` properties `static`.
Make all `read*` functions accept an options object, so that we can add config
options to them later (for #1166). This is necessary so that we can remove the
global `openpgp.config`, which doesn't work that well when importing
individual functions.
Furthermore, merge `readMessage` and `readArmoredMessage` into one function,
et cetera.
Instead of as modules.
Replace *.read with read*, *.readArmored with readArmored*, etc.
Replace cleartext.readArmored with readArmoredCleartextMessage.
Replace message.fromText with Message.fromText, etc.
Use `key.keyPacket.validate` instead of `crypto.publicKey.validateParams`, see
https://github.com/openpgpjs/openpgpjs/pull/1116#discussion_r447781386.
Also, `key.decrypt` now only throws on error, no other value is returned.
Also, fix typo (rebase error) that caused tests to fail in Safari for p521.
openpgp.encrypt, sign, encryptSessionKey, encryptKey and decryptKey now
return their result directly without wrapping it in a "result" object.
Also, remove the `detached` and `returnSessionKey` options of
openpgp.encrypt.
This PR adds four config options to configure whether and how to load
indutny/elliptic: use_indutny_elliptic, external_indutny_elliptic,
indutny_elliptic_path and indutny_elliptic_fetch_options.
Also:
- Use tweetnacl.js instead of indutny/elliptic for curve25519 key generation
- Don't initialize indutny's curve25519, improving performance when using that curve
- Verify NIST signatures using Web Crypto instead of indutny/elliptic when not streaming
- Move KeyPair.sign/verify to ecdsa.js
- Move KeyPair.derive to ecdh.js
- Move keyFromPrivate and keyFromPublic to a new indutnyKey.js file
