Keyring handling and storage should be handled in the application, as
localStorage may not meet the durability requirements of the
application, for example.
Refactor functions to take the configuration as a parameter.
This allows setting a config option for a single function call, whereas
setting `openpgp.config` could lead to concurrency-related issues when
multiple async function calls are made at the same time.
`openpgp.config` is used as default for unset config values in top-level
functions.
`openpgp.config` is used as default config object in low-level functions
(i.e., when calling a low-level function, it may be required to pass
`{ ...openpgp.config, modifiedConfig: modifiedValue }`).
Also,
- remove `config.rsaBlinding`: blinding is now always applied to RSA decryption
- remove `config.debug`: debugging mode can be enabled by setting
`process.env.NODE_ENV = 'development'`
- remove `config.useNative`: native crypto is always used when available
In the lightweight build, lazily load bn.js only when necessary.
Also, use Uint8Arrays instead of strings in PKCS1 padding functions, and
check that the leading zero is present when decoding EME-PKCS1 padding.
This PR adds four config options to configure whether and how to load
indutny/elliptic: use_indutny_elliptic, external_indutny_elliptic,
indutny_elliptic_path and indutny_elliptic_fetch_options.
Also:
- Use tweetnacl.js instead of indutny/elliptic for curve25519 key generation
- Don't initialize indutny's curve25519, improving performance when using that curve
- Verify NIST signatures using Web Crypto instead of indutny/elliptic when not streaming
- Move KeyPair.sign/verify to ecdsa.js
- Move KeyPair.derive to ecdh.js
- Move keyFromPrivate and keyFromPublic to a new indutnyKey.js file
This change implements Web Key Directory lookup using user's e-mail
address. The target host is the same as the e-mail's domain and the
local-part is hashed with SHA-1 and encoded using Z-Base32 encoding.
Implemented is basic flow of version 06 of OpenPGP Web Key Directory
draft [0].
It was necessary to update node-fetch package to allow returning array
buffers from HTTP responses.
If openpgpjs is used in the browser all keys retrieved from Web Key
Directory should have `Access-Control-Allow-Origin` header set to `*`
(including 404 Not found responses).
[0]: https://datatracker.ietf.org/doc/draft-koch-openpgp-webkey-service/
