suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,715 Commits 1 Branch 0 Tags 39 MiB
5c5da1d86f
Commit Graph

1004 Commits

Author SHA1 Message Date
Daniel Huigens
5c5da1d86f Fix passing streams to workers in Safari 9 
Safari 9 does not expose the MessagePort object in workers
(but does expose it on window, and also exposes MessageChannel
in workers).
 2019-01-02 14:07:36 +01:00
Sanjana Rajan
836ad2805a
Revert "Web Crypto CFB encryption" 2018-12-23 18:42:24 +01:00
Sanjana Rajan
6c02b25aa5
Merge pull request #820 from twiss/web-crypto-cfb 
Web Crypto CFB encryption
 2018-12-23 17:55:25 +01:00
Sanjana Rajan
529973f2a2
Merge branch 'master' into fix/non-primary-non-revoked-sub-user 2018-12-23 17:52:01 +01:00
Sanjana Rajan
1bee091f2a
Merge pull request #815 from twiss/userIds 
Make fromUserIds/toUserIds params plural, and accept arrays of User IDs
 2018-12-23 17:50:46 +01:00
Daniel Huigens
113c4a5f1e Add CAST5 to always-allowed algorithms 
Golang's OpenPGP implementation uses CAST5 as its fallback.
(The spec mandates TripleDES as fallback.)

Fixes #819.
 2018-12-22 00:00:47 -05:00
Daniel Huigens
95cc9cecf0 Disable Web Workers on browsers without MessageChannel support 
For compatibility with old Firefox / Pale Moon 27
 2018-12-21 23:09:41 -05:00
Daniel Huigens
2c5cb6ad9f Fix armor parsing in edge case where reader.readToEnd() returns new Uint8Array([]) 2018-12-21 17:00:45 -05:00
Daniel Huigens
cfe7ff9bb8 Simplify MDC verification 2018-12-21 13:04:23 -05:00
Daniel Huigens
9691dc9c99 Fix getExpirationTime with capabilities and an expired signing subkey 
When the latest subkey with the requested capabilities is expired,
and the primary key has the requested capabilities, return the
primary key expiry instead.

Also, change isExpired/isDataExpired to still return false at the
date returned by getExpirationTime, so that the latter returns the
last date that the key can still be used.
 2018-12-21 12:49:22 -05:00
Daniel Huigens
668264aa9a Move CFB optimizations into cfb.js 
So that uses of CFB other than sym_encrypted_integrity_protected.js
can benefit from them.

Also, implement CFB resync mode in terms of normal CFB rather than
separately (and duplicated).
 2018-12-20 17:50:01 -05:00
Daniel Huigens
3c10c582e2 Web Crypto CFB encryption 2018-12-20 12:27:23 -05:00
Daniel Huigens
804e91140a Add config values to preferred algorithms 2018-12-17 12:52:30 -05:00
Daniel Huigens
926047f0b3 Default to RFC4880bis-mandated symmetric algos 2018-12-17 12:27:09 -05:00
Daniel Huigens
06608318d4 Fix CMAC of the empty string 
This is currently never called, as EAX always adds a prefix to
the CMAC'ed message.
 2018-12-17 12:27:08 -05:00
Daniel Huigens
9b83f6fcb2 Return generic error on PKESK checksum mismatch when decrypting 2018-12-17 12:27:07 -05:00
Daniel Huigens
e727097bb0 Always look at the same literal data packet in getText() and verify() 2018-12-17 12:27:05 -05:00
Daniel Huigens
8720adcf65 Check signature public key algorithm against issuer key algorithm 2018-12-17 12:27:04 -05:00
Daniel Huigens
3b9676f2e9 Reject messages encrypted with a symmetric algo not in preferred algos 2018-12-17 12:27:03 -05:00
Daniel Huigens
19be0831b9 Add userIds parameter to signPrimaryUser and verifyPrimaryUser 2018-12-14 17:49:09 +01:00
Daniel Huigens
cb3f644708 Validate ECC public keys 2018-12-14 17:21:12 +01:00
Daniel Huigens
d74a2af4d3 Return primary key expiry based on userId param in getExpirationTime 2018-12-14 16:54:55 +01:00
Daniel Huigens
65772d86b3 Make fromUserIds/toUserIds params plural, and accept arrays of User IDs 
Each User ID object is used for the key object at the corresponding index
in the privateKeys/publicKeys arrays.
 2018-12-14 16:54:44 +01:00
Daniel Huigens
d4d94c6fb7 Remove non-AES CFB quick check 2018-12-11 14:05:26 +01:00
Kay Lukas
2dbb8582d7 Add testcases 2018-12-10 20:21:55 +01:00
Kay Lukas
3c0b22268d Prefer a non-revoked primary user 2018-12-10 17:50:21 +01:00
Daniel Huigens
c7339f6f78 Check whether signing key was non-expired at signature creation time 2018-12-10 16:34:44 +01:00
Daniel Huigens
787965981a Check whether message signatures are expired when verifying them 2018-12-10 15:20:24 +01:00
Daniel Huigens
92230d2055 Consider non-expired signatures from expired keys to still be valid 2018-12-10 15:20:11 +01:00
Daniel Huigens
ff86b00315 Fix undefined behavior when reading 3des algo 2018-12-10 14:21:52 +01:00
Kay Lukas
a49529d243 Handle end of stream in compression correctly 2018-12-07 11:47:52 +01:00
Thomas Oberndörfer
a7bae10fe8 Revise check on key revocation sub packet: throwing the exception should only be done on single keys and not discard the whole armored block with possibly multiple keys. Evaluate only self-signatures. 2018-11-30 11:45:31 +01:00
Kay Lukas
c952e833d3 Support 3des as a session key algorithm 2018-11-06 17:38:17 +01:00
Daniel Huigens
997f3e8e38 Compute signed data based on expected signature type 2018-11-05 17:13:40 +01:00
Daniel Huigens
1071cb9bca Fix cloning embedded signatures 2018-11-05 16:32:30 +01:00
Sanjana Rajan
67de70fa01
Merge pull request #798 from twiss/seek-bzip 
Remove bzip2 compression
 2018-11-05 12:58:50 +01:00
Daniel Huigens
08f48bfc2c Switch to seek-bzip 2018-11-05 12:49:53 +01:00
Daniel Huigens
9a7fe9cd45 Bump S2K iteration count parameter 2018-11-05 11:47:46 +01:00
Daniel Huigens
d314a20e0f Don't return keys with an authorized revocation key 2018-11-05 11:47:45 +01:00
Daniel Huigens
8fa3aadea2 Add and require primary key binding signatures on signing keys 
Also, fix keyFlags of signing subkeys.

Also, store Issuer Key ID and Embedded Signature in unhashed rather
than hashed subpackets.
 2018-11-05 11:47:45 +01:00
Daniel Huigens
8c97112449 Throw on critical unknown signature subpackets 2018-11-05 11:47:44 +01:00
Daniel Huigens
47138eed61 Don't trust unhashed signature subpackets 
Also, export packet.Signature.prototype.read_sub_packets.
 2018-11-05 11:47:43 +01:00
Daniel Huigens
327d3e5392 Only accept binary or text signatures when verifying messages 2018-11-05 11:47:39 +01:00
Sanjana Rajan
17f639bc8d
Merge pull request #795 from twiss/web-crypto-hashing 
Web Crypto hashing
 2018-11-05 11:38:41 +01:00
Daniel Huigens
2245df6023 Don't return streams in openpgp.revokeKey() 2018-11-05 11:15:39 +01:00
Daniel Huigens
4faa84daa0 Inline iterated S2K loop 2018-11-01 15:40:04 +01:00
Daniel Huigens
a250ee9f91 Clean up checksum calculation 2018-11-01 14:47:22 +01:00
Daniel Huigens
e8a2c45390 Only use Web Crypto for hashing beyond a treshold number of bytes 
Sending data to the Web Crypto API involves some latency.
 2018-11-01 14:47:22 +01:00
Daniel Huigens
7253df1632 Don't hash when comparing key fingerprints 2018-11-01 14:47:21 +01:00
Daniel Huigens
abce79b509 Use Web Crypto for hashing 2018-11-01 14:11:22 +01:00