suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,860 Commits 1 Branch 0 Tags 39 MiB
1e37b27673
Commit Graph

204 Commits

Author SHA1 Message Date
Ilya Chesnokov
1e37b27673 Use rsaBits=2048 in addSubkey tests when using Web Crypto (#971) 
Fix tests failing in old browsers due to too low rsaBits.

Also, always throw in addSubkey when rsaBits is too low.
 2019-09-24 13:53:12 +02:00
Daniel Huigens
fbbeaa3cd9
Rename numBits and bits to rsaBits (#970) 
Keep supporting the old names as well though in `openpgp.generateKey`
and `getAlgorithmInfo`, but not in `openpgp.key.generate` (as it is
recommended that developers use `openpgp.generateKey` instead, and
it now throws when using `numBits` instead of `rsaBits`, so there's
no risk of silent key security downgrade).

The old names are now deprecated, and might be removed in v5.
 2019-09-18 13:40:44 +02:00
Ilya Chesnokov
7f40ab0940 Implement Key.prototype.addSubkey (#963) 2019-09-16 15:53:19 +02:00
Daniel Huigens
a731a607ce Fix writing newly generated embedded primary key binding signatures 2019-09-11 18:11:15 +02:00
Ilya Chesnokov
5d9629d6a3 Style fixes; add spaces around all infix operators, remove new Buffer (#954) 
* Add "space-infix-ops": "error" rule

* Remove deprecated Buffer constructor

* Resolve new-cap eslint rule

* @twiss: Clarify code that selects curve and algorithm
 2019-08-30 12:27:30 +02:00
Daniel Huigens
a184ef6ec4 Remove support for the previous draft00 AEAD 2019-08-12 17:46:37 +02:00
Daniel Huigens
80c535eeb7 Separate config option to use V5 keys from AEAD config option 2019-08-12 17:46:37 +02:00
Daniel Huigens
735d6d088f Implement V5 signatures 2019-08-12 17:46:37 +02:00
Ilya Chesnokov
6d626ea70c Style fixes and new style rules for eslint (#919) 2019-06-28 15:33:18 +02:00
Daniel Huigens
43441bfe0d openpgp.reformatKey: Fix key preferences for signing subkeys 2019-05-23 17:37:20 +02:00
Thomas Oberndörfer
038d8466fe Add date parameter to user.verifyAllCertifications and user.verify methods (#871) 
Also, in user.verifyCertificate, fix certificate.isExpired check for keys with future creation date.
 2019-03-08 17:33:36 +01:00
Thomas Oberndörfer
b1be7d1202 Fix merging multiple subkey binding signatures (#868) 2019-02-28 10:34:46 -08:00
Sanjana Rajan
529973f2a2
Merge branch 'master' into fix/non-primary-non-revoked-sub-user 2018-12-23 17:52:01 +01:00
Sanjana Rajan
1bee091f2a
Merge pull request #815 from twiss/userIds 
Make fromUserIds/toUserIds params plural, and accept arrays of User IDs
 2018-12-23 17:50:46 +01:00
Daniel Huigens
9691dc9c99 Fix getExpirationTime with capabilities and an expired signing subkey 
When the latest subkey with the requested capabilities is expired,
and the primary key has the requested capabilities, return the
primary key expiry instead.

Also, change isExpired/isDataExpired to still return false at the
date returned by getExpirationTime, so that the latter returns the
last date that the key can still be used.
 2018-12-21 12:49:22 -05:00
Daniel Huigens
804e91140a Add config values to preferred algorithms 2018-12-17 12:52:30 -05:00
Daniel Huigens
926047f0b3 Default to RFC4880bis-mandated symmetric algos 2018-12-17 12:27:09 -05:00
Daniel Huigens
19be0831b9 Add userIds parameter to signPrimaryUser and verifyPrimaryUser 2018-12-14 17:49:09 +01:00
Daniel Huigens
d74a2af4d3 Return primary key expiry based on userId param in getExpirationTime 2018-12-14 16:54:55 +01:00
Daniel Huigens
65772d86b3 Make fromUserIds/toUserIds params plural, and accept arrays of User IDs 
Each User ID object is used for the key object at the corresponding index
in the privateKeys/publicKeys arrays.
 2018-12-14 16:54:44 +01:00
Kay Lukas
2dbb8582d7 Add testcases 2018-12-10 20:21:55 +01:00
Kay Lukas
3c0b22268d Prefer a non-revoked primary user 2018-12-10 17:50:21 +01:00
Thomas Oberndörfer
a7bae10fe8 Revise check on key revocation sub packet: throwing the exception should only be done on single keys and not discard the whole armored block with possibly multiple keys. Evaluate only self-signatures. 2018-11-30 11:45:31 +01:00
Daniel Huigens
997f3e8e38 Compute signed data based on expected signature type 2018-11-05 17:13:40 +01:00
Daniel Huigens
d314a20e0f Don't return keys with an authorized revocation key 2018-11-05 11:47:45 +01:00
Daniel Huigens
8fa3aadea2 Add and require primary key binding signatures on signing keys 
Also, fix keyFlags of signing subkeys.

Also, store Issuer Key ID and Embedded Signature in unhashed rather
than hashed subpackets.
 2018-11-05 11:47:45 +01:00
Daniel Huigens
7253df1632 Don't hash when comparing key fingerprints 2018-11-01 14:47:21 +01:00
Daniel Huigens
ac6b57781b Make isValid*KeyPacket inner functions 2018-09-22 23:03:10 +02:00
Daniel Huigens
bbcdacef8d Small documentation fixes 2018-09-22 23:03:10 +02:00
Daniel Huigens
b3af56b8a3 Ignore third-party revocation signatures 
This check was removed in ec22dab.
 2018-09-22 23:03:10 +02:00
Daniel Huigens
a1c47ecdea Indicate an error when parsing a key with an authorized revocation key 
Since we will ignore revocation signatures from authorized revocation keys,
it is dangerous to use these keys.
 2018-09-22 23:03:10 +02:00
Daniel Huigens
5cf61daa19 Check validity of signatures before using them 2018-09-22 23:03:10 +02:00
Sanjana Rajan
d43437473f bugfix - when a requested key capability is not present, return null expiration 2018-09-03 21:59:58 -07:00
Daniel Huigens
e055d86062 Update documentation 2018-08-14 17:50:26 +02:00
Daniel Huigens
00a2c0c0c2 Support unicode surrogate code points 2018-08-14 17:24:40 +02:00
Daniel Huigens
ca537e439d Comments & code style 2018-08-14 16:35:38 +02:00
Daniel Huigens
4e749965f2 Remove support for V3 keys and signatures 2018-08-10 14:46:26 +02:00
Daniel Huigens
05479e6e6b Don't warn about await in loops 2018-08-10 14:44:01 +02:00
Daniel Huigens
0372bf78f1 Make (de)armoring and packet reading asynchronous 2018-08-10 14:44:01 +02:00
Sanjana Rajan
c79bda1d37 bugfix - compare create time from key packet 2018-08-03 14:21:15 +02:00
Sanjana Rajan
438d47f634 handle case where primary user doesn't exist when getting exp time 2018-07-24 17:17:12 +02:00
Wiktor Kwapisiewicz
19e3c344fd
Fix verification of User Attributes 
This change corrects verification of certifications over User Attributes
(such as photos).

Before this change the code did not differentiate between User IDs and
User Attributes as both of them were stored in `data.userid` [0] and
incorrectly used the User ID constant (0xB4) for both cases.

This change fixes the bug by storing User IDs in `userId` property and
User Attributes in `userAttribute` property. The check for property
existence has been modified to avoid comparisons with `undefined` as the
`User` class sets `null` for not assigned packets instead of
`undefined`.

Only data structures for signing and verification were modified and not
the properties used in the `User` class.

[0]: 11b2d2de3c/src/key.js (L872)
 2018-07-24 13:03:46 +02:00
Daniel Huigens
15e6f0d654 Replace get(Sub)KeyPackets with get(Sub)Keys 2018-07-19 15:03:25 +02:00
Daniel Huigens
91b7165b78 Add key/subKey.getKeyId, getFingerprint, getAlgorithmInfo, getCreationTime, isDecrypted 2018-07-19 15:03:25 +02:00
Daniel Huigens
8cfe817b18 Remove getEncryptionKeyPacket and getSigningKeyPacket 
Also, rename subKey.subKey to keyPacket and alias key.primaryKey as keyPacket.
 2018-07-19 13:31:03 +02:00
Daniel Huigens
a49276a158 Allow checking expiry of subkeys by capability, keyId or userId 2018-07-18 14:40:28 +02:00
Daniel Huigens
06746b6a77 Use latest created subkey when possible 2018-07-18 14:29:59 +02:00
Daniel Huigens
8f3e448fa6 Remove obsolete JSDoc comment 2018-07-13 18:15:53 +02:00
Sanjana Rajan
53f473bfa7
Merge pull request #734 from twiss/key-revocation 
Key revocation
 2018-07-13 17:46:48 +02:00
Daniel Huigens
3fd0fa8f68 Various key revocation fixes 2018-07-13 17:45:09 +02:00