suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,796 Commits 1 Branch 0 Tags 39 MiB
34e6eacb2f
Commit Graph

1796 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sanjana Rajan
d24bdd5fa2 Release new version 2018-12-17 19:44:08 +01:00
Daniel Huigens
f0f9a5c2a4 Fix key generation tests on Node 
The Node tests set the key bit size to 512, which is not big enough
to sign a SHA384 hash + header.
 2018-12-17 13:32:27 -05:00
Daniel Huigens
b1b19946d8
Merge pull request #816 from twiss/security-fixes 
Security fixes
 2018-12-17 18:55:30 +01:00
Daniel Huigens
804e91140a Add config values to preferred algorithms 2018-12-17 12:52:30 -05:00
Daniel Huigens
926047f0b3 Default to RFC4880bis-mandated symmetric algos 2018-12-17 12:27:09 -05:00
Daniel Huigens
06608318d4 Fix CMAC of the empty string 
This is currently never called, as EAX always adds a prefix to
the CMAC'ed message.
 2018-12-17 12:27:08 -05:00
Daniel Huigens
9b83f6fcb2 Return generic error on PKESK checksum mismatch when decrypting 2018-12-17 12:27:07 -05:00
Daniel Huigens
e727097bb0 Always look at the same literal data packet in getText() and verify() 2018-12-17 12:27:05 -05:00
Daniel Huigens
8720adcf65 Check signature public key algorithm against issuer key algorithm 2018-12-17 12:27:04 -05:00
Daniel Huigens
3b9676f2e9 Reject messages encrypted with a symmetric algo not in preferred algos 2018-12-17 12:27:03 -05:00
Sanjana Rajan
a173e568af
Merge pull request #817 from meitar/revkey-readme-fix 
Fix revocation example in README, use `revocationCertificate`.
 2018-12-17 14:40:59 +01:00
Meitar M
cd61531b41
Fix revocation example in README, use revocationCertificate. 
There is no longer any `revocationSignature` member of OpenPGP.js `key`
objects, and the `options` object passed to the `revokeKey()` method no
longer accepts a `revocationSignature` member, either. These have been
changed to `revocationCertificate`, so this commit updates the examples
that use this part of the API to reflect the current implementation.
 2018-12-15 15:14:40 -05:00
Daniel Huigens
19be0831b9 Add userIds parameter to signPrimaryUser and verifyPrimaryUser 2018-12-14 17:49:09 +01:00
Daniel Huigens
cb3f644708 Validate ECC public keys 2018-12-14 17:21:12 +01:00
Daniel Huigens
d74a2af4d3 Return primary key expiry based on userId param in getExpirationTime 2018-12-14 16:54:55 +01:00
Daniel Huigens
65772d86b3 Make fromUserIds/toUserIds params plural, and accept arrays of User IDs 
Each User ID object is used for the key object at the corresponding index
in the privateKeys/publicKeys arrays.
 2018-12-14 16:54:44 +01:00
Daniel Huigens
d4d94c6fb7 Remove non-AES CFB quick check 2018-12-11 14:05:26 +01:00
Kay Lukas
2dbb8582d7 Add testcases 2018-12-10 20:21:55 +01:00
Kay Lukas
3c0b22268d Prefer a non-revoked primary user 2018-12-10 17:50:21 +01:00
Daniel Huigens
c7339f6f78 Check whether signing key was non-expired at signature creation time 2018-12-10 16:34:44 +01:00
Daniel Huigens
787965981a Check whether message signatures are expired when verifying them 2018-12-10 15:20:24 +01:00
Daniel Huigens
92230d2055 Consider non-expired signatures from expired keys to still be valid 2018-12-10 15:20:11 +01:00
Daniel Huigens
ff86b00315 Fix undefined behavior when reading 3des algo 2018-12-10 14:21:52 +01:00
Sanjana Rajan
6c1738ff34 Release new version 2018-12-07 13:51:03 +01:00
Sanjana Rajan
798ac529df
Merge pull request #810 from KAYLukas/fix/pako-missing-eof 
Handle end of stream in compression correctly
 2018-12-07 11:52:25 +01:00
Kay Lukas
a49529d243 Handle end of stream in compression correctly 2018-12-07 11:47:52 +01:00
Sanjana Rajan
9d585cd35d
Merge pull request #808 from mailvelope/rev-key-fix 
Move key revocation check to key class. Evaluate only self-signatures.
 2018-12-01 11:32:23 +00:00
Thomas Oberndörfer
a7bae10fe8 Revise check on key revocation sub packet: throwing the exception should only be done on single keys and not discard the whole armored block with possibly multiple keys. Evaluate only self-signatures. 2018-11-30 11:45:31 +01:00
Sanjana Rajan
47e6e2fc28
Merge pull request #805 from Frontwise/no_arrow_func_in_compat_build 
Compat build: specify target browsers
 2018-11-28 11:54:28 +01:00
Simon Epskamp
44d81aabff Compat build: specify target browsers 
To make compat build more deterministic. Fixes #804
 2018-11-26 10:27:22 +01:00
Sanjana Rajan
161b034367
Merge pull request #802 from KAYLukas/feat/3-des 
Support 3des as a valid algorithmname in a session key
 2018-11-06 17:43:37 +01:00
Kay Lukas
c952e833d3 Support 3des as a session key algorithm 2018-11-06 17:38:17 +01:00
Sanjana Rajan
65de9b3e28 Release new version 2018-11-06 13:42:15 +01:00
Sanjana Rajan
86225cb1fa
Merge pull request #799 from twiss/signature-data 
Compute signed data based on expected signature type
 2018-11-06 13:38:42 +01:00
Daniel Huigens
79124a9680 Fix security test generating signing subkey on Safari 10 2018-11-06 11:48:16 +01:00
Daniel Huigens
c037b96037 Babelify seek-bzip for compat build 2018-11-05 18:00:21 +01:00
Daniel Huigens
f96bf45fb2 Lower S2K iteration count parameter in tests 2018-11-05 18:00:20 +01:00
Daniel Huigens
997f3e8e38 Compute signed data based on expected signature type 2018-11-05 17:13:40 +01:00
Daniel Huigens
1071cb9bca Fix cloning embedded signatures 2018-11-05 16:32:30 +01:00
Sanjana Rajan
a6e20d7abd Release new version 2018-11-05 14:14:49 +01:00
Sanjana Rajan
67de70fa01
Merge pull request #798 from twiss/seek-bzip 
Remove bzip2 compression
 2018-11-05 12:58:50 +01:00
Daniel Huigens
08f48bfc2c Switch to seek-bzip 2018-11-05 12:49:53 +01:00
Sanjana Rajan
0be9113366
Merge pull request #797 from twiss/security-fixes 
Security fixes
 2018-11-05 11:58:31 +01:00
Daniel Huigens
9a7fe9cd45 Bump S2K iteration count parameter 2018-11-05 11:47:46 +01:00
Daniel Huigens
d314a20e0f Don't return keys with an authorized revocation key 2018-11-05 11:47:45 +01:00
Daniel Huigens
8fa3aadea2 Add and require primary key binding signatures on signing keys 
Also, fix keyFlags of signing subkeys.

Also, store Issuer Key ID and Embedded Signature in unhashed rather
than hashed subpackets.
 2018-11-05 11:47:45 +01:00
Daniel Huigens
8c97112449 Throw on critical unknown signature subpackets 2018-11-05 11:47:44 +01:00
Daniel Huigens
47138eed61 Don't trust unhashed signature subpackets 
Also, export packet.Signature.prototype.read_sub_packets.
 2018-11-05 11:47:43 +01:00
Daniel Huigens
327d3e5392 Only accept binary or text signatures when verifying messages 2018-11-05 11:47:39 +01:00
Sanjana Rajan
17f639bc8d
Merge pull request #795 from twiss/web-crypto-hashing 
Web Crypto hashing
 2018-11-05 11:38:41 +01:00