When encrypting/signing a stream, this allows you to indicate whether it's a
stream of Strings or Uint8Arrays (using message.fromText or message.fromBinary,
respectively.)
When signing text, this allows you to control whether to create a cleartext
message or a regular armored text message.
When creating a detached signature, it allows you to control whether it's "meant
for" (verifying against) a cleartext message. A cleartext message has trailing
whitespace trimmed before signing. This fixes the case of passing a detached
signature from sign() to encrypt(). Since encrypt() doesn't create a cleartext
message, the signature would be invalid if the text contained lines with
trailing whitespace.
- Allow leading spaces in headers (since we were already accepting
leading spaces everywhere else in the armored text).
- Read ReadableStreams before passing them to a Worker
This change corrects verification of certifications over User Attributes
(such as photos).
Before this change the code did not differentiate between User IDs and
User Attributes as both of them were stored in `data.userid` [0] and
incorrectly used the User ID constant (0xB4) for both cases.
This change fixes the bug by storing User IDs in `userId` property and
User Attributes in `userAttribute` property. The check for property
existence has been modified to avoid comparisons with `undefined` as the
`User` class sets `null` for not assigned packets instead of
`undefined`.
Only data structures for signing and verification were modified and not
the properties used in the `User` class.
[0]: 11b2d2de3c/src/key.js (L872)
There are dozens of links in the OpenPGP.js codebase that are http but
could be replaced with https links. I've converted as many of them as
i could find.
TODO: if using lower level functions, key.verifyPrimaryUser() MUST be
called and resolved before calling key.getSigning/EncryptionKeyPacket(),
key.getPrimaryUser(), etc.
Also: adds a flag to allow verification with expired keys from:
(cherry picked from commit b9d175d998)
(cherry picked from commit 50940b2a1e)
