Keep supporting the old names as well though in `openpgp.generateKey`
and `getAlgorithmInfo`, but not in `openpgp.key.generate` (as it is
recommended that developers use `openpgp.generateKey` instead, and
it now throws when using `numBits` instead of `rsaBits`, so there's
no risk of silent key security downgrade).
The old names are now deprecated, and might be removed in v5.
When the latest subkey with the requested capabilities is expired,
and the primary key has the requested capabilities, return the
primary key expiry instead.
Also, change isExpired/isDataExpired to still return false at the
date returned by getExpirationTime, so that the latter returns the
last date that the key can still be used.
Since we still run the full test suite on Node.js, this would
only no longer catch bugs which are specific to
- Browser non-draft04 GCM (and don't manifest in draft04 GCM,
and don't manifest in Node.js non-draft04 GCM)
- Browser OCB (which is not natively implemented in the browser)
- Browser V5 Keys
Many tests would run for every encryption mode, or for both V4 and V5 keys,
without there being any difference between the different test runs.
`grunt coverage` before and after this commit reports almost identical
statistics, providing some confidence that no code coverage was lost.
When not requested, we convert the streams to Uint8Arrays.
This makes the generated key safe to pass to a Worker more than once.
Partially reverts 735aa1da.
When encrypting/signing a stream, this allows you to indicate whether it's a
stream of Strings or Uint8Arrays (using message.fromText or message.fromBinary,
respectively.)
When signing text, this allows you to control whether to create a cleartext
message or a regular armored text message.
When creating a detached signature, it allows you to control whether it's "meant
for" (verifying against) a cleartext message. A cleartext message has trailing
whitespace trimmed before signing. This fixes the case of passing a detached
signature from sign() to encrypt(). Since encrypt() doesn't create a cleartext
message, the signature would be invalid if the text contained lines with
trailing whitespace.
- Allow leading spaces in headers (since we were already accepting
leading spaces everywhere else in the armored text).
- Read ReadableStreams before passing them to a Worker
During tests of weird keys [0] it was found out that OpenPGP.js does not
handle keys without valid UIDs well.
There are two issues that this change corrects, first one is adding
filtering of user IDs in `getPrimaryUser` such as only users with self
certifications are considered. Without that change using
`getPrimaryUser` on a key without valid UIDs would throw an exception
(`Cannot read property 'verified' of undefined` [1]).
Second issue is correcting condition whether to throw if no UID was
found. Previous condition checked for `userId` variable, but this is
initialized by default and as such is almost always set. This causes
`key.getPrimaryUser()` (without condition) to throw `Could not find user
that matches that user ID`. The condition has been modified to match the
filter condition (checking if any property of `userId` has been
initialized).
[0]: https://gitlab.com/sequoia-pgp/weird-keys/tree/master/openpgpjs
[1]: 576ed08a54/openpgpjs/results/no-bound-uid.pgp.txt
