suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,320 Commits 1 Branch 0 Tags 39 MiB
8b3b890776
Commit Graph

311 Commits

Author SHA1 Message Date
Daniel Huigens
cde282d4f1 Replace 'global' with 'globalThis' 2021-02-09 19:25:20 +01:00
Ilya Chesnokov
e16807505f Switch util function names to camelCase (#1091) 2021-02-09 19:25:20 +01:00
larabr
8823603396 Remove worker (#1072) 2021-02-09 19:25:20 +01:00
larabr
5ad19c8da8 Generate ECC keys by default (#1065) 
Also, remove the deprecated numBits options of generateKey in favor of rsaBits.
 2021-02-09 19:25:20 +01:00
Daniel Huigens
3817cca3c6 Throw on unarmored messages with garbage data appended 2021-02-09 19:25:20 +01:00
Daniel Huigens
76a8f11780 Don't mutate key in openpgp.encryptKey/decryptKey 2021-02-09 19:25:20 +01:00
Daniel Huigens
9394fec1f4 Throw in openpgp.initWorker if worker failed to load 2021-02-09 19:25:20 +01:00
Daniel Huigens
35c13212dd Remove unnecessary calls to convertStreams() 2021-02-09 19:25:20 +01:00
Daniel Huigens
ef7c38860b Don't unnecessarily return objects in top-level functions 
openpgp.encrypt, sign, encryptSessionKey, encryptKey and decryptKey now
return their result directly without wrapping it in a "result" object.

Also, remove the `detached` and `returnSessionKey` options of
openpgp.encrypt.
 2021-02-09 19:25:20 +01:00
Daniel Huigens
be7b174df4 Add openpgp.generateSessionKey 2021-02-09 19:25:20 +01:00
Daniel Huigens
3a84442b5f Don't use native streams in old Edge 2021-02-09 19:25:20 +01:00
Daniel Huigens
2fffc76060 Don't overwrite Web Streams Polyfill to globals 
Instead, use the ponyfill that's now included in web-stream-tools.
Also, convert back to native ReadableStream when we used the ponyfill.
 2021-02-09 19:25:20 +01:00
Daniel Huigens
37d30c5003 Return strings in Node streams where appropriate 2021-02-09 19:25:20 +01:00
Daniel Huigens
95eb43a3c2 Return data instead of message in encryptSessionKey 
Add `armor=true/false` parameter to decide whether `data` is an armored
String or an unarmored Uint8Array.
 2021-02-09 19:25:20 +01:00
Daniel Huigens
08d6b276e3 Return data as string in openpgp.verify by default 
Add format='utf8'/'binary' param to openpgp.verify in order to be able
to return binary data instead.
 2021-02-09 19:25:20 +01:00
Daniel Huigens
7225251af8 Return Uint8Array(Stream) instead of object when armor = false 2021-02-09 19:25:20 +01:00
Daniel Huigens
e986c47ed5 Remove no-op revocationCertificate option from reformatKey 2020-02-27 16:04:06 +01:00
Daniel Huigens
60822d87d9 Fix generating keys with a date in the future 
This was broken in 8c3bcd1.

(Before then, the revocation certificate was already broken when
generating a key with a date in the future.)
 2020-02-27 16:04:07 +01:00
Daniel Huigens
8c3bcd1f21 Reject signatures using insecure hash algorithms 
Also, switch from returning false to throwing errors in most verify*()
functions, as well as in `await signatures[*].verified`, in order to be
able to show more informative error messages.
 2020-02-25 15:06:15 +01:00
Daniel Huigens
6e13604a64 Replace 'window' with 'global' 
In order to use Web Crypto in application workers, among other things.
 2020-01-24 17:58:04 +01:00
Daniel Huigens
66acd979bf Clear worker key caches in openpgp.destroyWorker() 2020-01-24 17:57:39 +01:00
Daniel Huigens
6ae6012786 Terminate workers in openpgp.destroyWorker() 2020-01-24 17:57:39 +01:00
Ilya Chesnokov
6e7f399eb3 Use Web Crypto & Node crypto for RSA signing and verifying (#999) 
Also, when generating RSA keys in JS, generate them with p < q, as per
the spec.

Also, when generating RSA keys using Web Crypto or Node crypto, swap the
generated p and q around, so that will satisfy p < q in most browsers
(but not old Microsoft Edge, 50% of the time) and so that we can use the
generated u coefficient (p^-1 mod q in OpenPGP, q^-1 mod p in RFC3447).

Then, when signing and verifying, swap p and q again, so that the key
hopefully satisfies Safari's requirement that p > q, and so that we can
keep using u again.
 2019-11-18 14:59:01 +01:00
Daniel Huigens
fbbeaa3cd9
Rename numBits and bits to rsaBits (#970) 
Keep supporting the old names as well though in `openpgp.generateKey`
and `getAlgorithmInfo`, but not in `openpgp.key.generate` (as it is
recommended that developers use `openpgp.generateKey` instead, and
it now throws when using `numBits` instead of `rsaBits`, so there's
no risk of silent key security downgrade).

The old names are now deprecated, and might be removed in v5.
 2019-09-18 13:40:44 +02:00
Daniel Huigens
a731a607ce Fix writing newly generated embedded primary key binding signatures 2019-09-11 18:11:15 +02:00
Ilya Chesnokov
5d9629d6a3 Style fixes; add spaces around all infix operators, remove new Buffer (#954) 
* Add "space-infix-ops": "error" rule

* Remove deprecated Buffer constructor

* Resolve new-cap eslint rule

* @twiss: Clarify code that selects curve and algorithm
 2019-08-30 12:27:30 +02:00
Daniel Huigens
a184ef6ec4 Remove support for the previous draft00 AEAD 2019-08-12 17:46:37 +02:00
Daniel Huigens
237db2c7f3 Fix armor checksum errors being ignored when not streaming 2019-07-19 19:05:26 +02:00
Ilya Chesnokov
6d626ea70c Style fixes and new style rules for eslint (#919) 2019-06-28 15:33:18 +02:00
Daniel Huigens
34e6eacb2f Don't attempt to use workers if they fail to load 2019-05-02 12:08:08 +02:00
Daniel Huigens
7fb2901ede
Fix detached signing of messages created from streams (#887) 2019-04-29 13:45:09 +02:00
Daniel Huigens
9e4cc1acfe Don't throw on signature verification errors in openpgp.decrypt/verify 2019-01-26 11:41:44 +01:00
Sanjana Rajan
1bee091f2a
Merge pull request #815 from twiss/userIds 
Make fromUserIds/toUserIds params plural, and accept arrays of User IDs
 2018-12-23 17:50:46 +01:00
Daniel Huigens
95cc9cecf0 Disable Web Workers on browsers without MessageChannel support 
For compatibility with old Firefox / Pale Moon 27
 2018-12-21 23:09:41 -05:00
Daniel Huigens
65772d86b3 Make fromUserIds/toUserIds params plural, and accept arrays of User IDs 
Each User ID object is used for the key object at the corresponding index
in the privateKeys/publicKeys arrays.
 2018-12-14 16:54:44 +01:00
Daniel Huigens
2245df6023 Don't return streams in openpgp.revokeKey() 2018-11-05 11:15:39 +01:00
Daniel Huigens
c3419e5cd0 Don't return streams in openpgp.reformatKey() 2018-10-25 19:41:59 +02:00
Daniel Huigens
baaa0716b4 Fix performance issue with handling large messages 2018-10-19 15:09:33 +02:00
Daniel Huigens
bbcdacef8d Small documentation fixes 2018-09-22 23:03:10 +02:00
Daniel Huigens
5cf61daa19 Check validity of signatures before using them 2018-09-22 23:03:10 +02:00
Daniel Huigens
e055d86062 Update documentation 2018-08-14 17:50:26 +02:00
Daniel Huigens
052fa444be Support Node streams 2018-08-14 17:19:54 +02:00
Daniel Huigens
0ddff3ae7d Rename asStream to streaming 
Also, break up `postProcess`.
 2018-08-14 17:19:51 +02:00
Daniel Huigens
52c4fa9639 Move streams library to a separate package 2018-08-14 16:35:40 +02:00
Daniel Huigens
ca537e439d Comments & code style 2018-08-14 16:35:38 +02:00
Daniel Huigens
1101a05b10 Don't return streams inside unarmored generated keys and signatures 
When not requested, we convert the streams to Uint8Arrays.

This makes the generated key safe to pass to a Worker more than once.

Partially reverts 735aa1da.
 2018-08-14 16:35:36 +02:00
Daniel Huigens
2b30ab9c8f Replace data with message parameter in encrypt() and sign() 
When encrypting/signing a stream, this allows you to indicate whether it's a
stream of Strings or Uint8Arrays (using message.fromText or message.fromBinary,
respectively.)

When signing text, this allows you to control whether to create a cleartext
message or a regular armored text message.

When creating a detached signature, it allows you to control whether it's "meant
for" (verifying against) a cleartext message. A cleartext message has trailing
whitespace trimmed before signing. This fixes the case of passing a detached
signature from sign() to encrypt(). Since encrypt() doesn't create a cleartext
message, the signature would be invalid if the text contained lines with
trailing whitespace.
 2018-08-10 14:46:29 +02:00
Daniel Huigens
9f0f00e087 Make signature.verified a Promise instead of result.signatures 
Also, fix verifying detached signatures
 2018-08-10 14:46:28 +02:00
Daniel Huigens
0db32bea39 Backpressure and cancellation in sign/verify 2018-08-10 14:46:28 +02:00
Daniel Huigens
3113976dd2 Don't throw in result.signatures 
- The caller might not await them, in which case you get an "unhandled rejection"
- The caller might await them but only after reading the data, in which case you
  get an unhandled rejection if there's an error before the end of the data
 2018-08-10 14:46:27 +02:00
Daniel Huigens
b6e988b6a6 Convert result.signatures to a Promise 
Also, throw armor checksum errors inside the data stream
 2018-08-10 14:46:27 +02:00
Daniel Huigens
0cabf72682 Add TextDecoder polyfill 2018-08-10 14:46:27 +02:00
Daniel Huigens
4d82d25559 Pass more tests 
We now use streams internally in more places.
 2018-08-10 14:46:26 +02:00
Daniel Huigens
eb72d4dd63 Don't use asmcrypto's streaming API when not necessary 
Optimization for Firefox
 2018-08-10 14:46:26 +02:00
Daniel Huigens
ddda6a0b16 Implement cancellation by manually linking together input and output streams 2018-08-10 14:46:24 +02:00
Daniel Huigens
de2971d84a Use TransformStreams 2018-08-10 14:46:24 +02:00
Daniel Huigens
1effe19c1d Allow simultaneously reading data and waiting for signature verification 
This makes openpgp.{decrypt,verify}().signatures a Promise when passing a
stream or when asStream=true
 2018-08-10 14:46:22 +02:00
Daniel Huigens
56ec5b3a8d Don't keep extra copies of streams in memory 2018-08-10 14:46:22 +02:00
Daniel Huigens
ade2627bca Streaming verify one-pass signatures 2018-08-10 14:44:01 +02:00
Daniel Huigens
802e1b8d94 Transfer Streams to Workers 
Also, add a "asStream" parameter to high-level functions to control
whether the return value is a Stream; defaulting to whether the
parameter passed was a Stream.
 2018-08-10 14:44:01 +02:00
Daniel Huigens
37014ecf30 Pass more tests 
- Allow leading spaces in headers (since we were already accepting
leading spaces everywhere else in the armored text).
- Read ReadableStreams before passing them to a Worker
 2018-08-10 14:44:01 +02:00
Daniel Huigens
db39e616ca Replace stream.tee() with stream.clone() 
Also some other fixes to pass more tests.
 2018-08-10 14:44:01 +02:00
Daniel Huigens
16ba26c298 Streaming AEAD 2018-08-10 14:44:01 +02:00
Daniel Huigens
4ada3fa590 Don't mutate prototypes of Uint8Array, ReadableStream and ReadableStreamDefaultWriter 2018-08-10 14:44:01 +02:00
Daniel Huigens
403bdc5346 Streaming decryption (Web) 2018-08-10 14:44:01 +02:00
Daniel Huigens
9853d3d830 Streaming encryption (Web) 2018-08-10 14:44:01 +02:00
Daniel Huigens
3fd0fa8f68 Various key revocation fixes 2018-07-13 17:45:09 +02:00
Daniel Huigens
1ed7943bf9 Create openpgp.revokeKey 2018-07-11 17:57:31 +02:00
Daniel Huigens
fe3c1b4f31 Add fromUserId / toUserId parameters to openpgp.encrypt and sign 
To select the user whose algorithm preferences, expiration time etc to use.
 2018-05-01 13:39:23 +02:00
Daniel Huigens
6c2fec3450 Parse user IDs 
Also, support comments when creating user IDs
 2018-05-01 13:39:23 +02:00
Daniel Huigens
2627755b49 iOS Safari doesn't allow setting Error.message 2018-04-30 16:58:39 +02:00
Daniel Huigens
550b758d57 Fall back to asm for CTR and CBC in old Safari 2018-04-30 16:58:35 +02:00
Daniel Huigens
04651e359a Rename enums.aead.gcm to experimental_gcm 
So that (1) if the spec ever defines GCM differently than we do, we have a
clean upgrade path and (2) it makes it clear that it's experimental.
 2018-04-30 15:55:37 +02:00
Daniel Huigens
d7efead337 Update Web Worker selection logic for AEAD 2018-04-30 15:55:32 +02:00
Daniel Huigens
6f2abdc2cf Implement MIME message type (Literal Data Packet format 'm') 2018-04-27 14:06:19 +02:00
Daniel Huigens
5f97a8c937 Implement preferred AEAD algorithms 2018-04-27 14:06:16 +02:00
Daniel Huigens
5d43b44e50 Log swallowed errors in debug mode 2018-04-27 14:06:14 +02:00
KAYLukas
187cc6b05a Support compression in the WebWorker 2018-04-18 18:08:36 +02:00
Sanjana Rajan
2bd540026f add multiple passphrase options to key encrypt and decrypt 2018-04-16 12:52:17 -07:00
Sanjana Rajan
24119f4fb1 keygen update 2018-04-15 12:38:18 -07:00
Sanjana Rajan
a22c9e4770 WIP text signatures 2018-03-22 16:10:21 -07:00
Sanjana Rajan
6fe73033a4 docs 2018-03-19 19:11:20 -07:00
Sanjana Rajan
eb96d44298 add date parameter to generateKey function 2018-03-19 18:55:15 -07:00
Mahrud Sayrafi
944dece506
Adds Brainpool Curves + tests + docs 2018-03-18 10:12:29 -07:00
Mahrud Sayrafi
96c9cd0d73
Fixes dead links in the documentation 2018-03-13 00:13:04 -07:00
Mahrud Sayrafi
08da24de27
documentation fixes 2018-03-08 10:55:58 -08:00
Mahrud Sayrafi
73a240df6c Simplifies (Key|User|SubKey).isRevoked, API changes in key.js 
For User s/revocationCertifications/revocationSignatures/g
For Key/SubKey s/revocationSignature/revocationSignatures/g is now an array.
 2018-03-08 10:01:54 +01:00
Bart Butler
1cd9018346 some cleanup 2018-03-06 10:04:33 -08:00
Bart Butler
2bb5db2cf4 multiple web workers 2018-03-05 21:36:53 -08:00
Bart Butler
f57888fe55 change all calls of getRandomBytes and getRandomBN to be async 2018-03-05 16:31:56 -08:00
Mahrud Sayrafi
605021af3b
Various quickfixes and cleanups 2018-02-22 00:37:42 -08:00
KAYLukas
6b4d44dbb1 Fix browser tests 2018-02-19 22:12:24 +01:00
KAYLukas
071fc35f38 Check created time to be valid and discard milliseconds from date objects 2018-02-17 11:28:04 +01:00
KAYLukas
6ca8bc2180 Add timeparameter for verification and remove verify_expired_keys 2018-02-16 17:20:48 +01:00
KAYLukas
7e66ea20db Add timeparameter to signing and encryption 2018-02-16 17:20:48 +01:00
BafS
b672f1936a Use let and const ES6 features. 
Remove var, for let or const if possible, clean some syntax, enforce one var per declaration and semicolons
 2018-02-13 23:33:09 +01:00
BafS
de6ffc2f76 Remove 'user strict' 
'use strict' is unnecessary inside modules because module code is always strict mode code. Ref: https://www.ecma-international.org/ecma-262/6.0/#sec-strict-mode-code
 2018-02-13 23:33:09 +01:00
Bart Butler
8873ed0ff1
Update openpgp.js 
doc fix
 2018-02-13 11:01:09 -08:00
mmso
9f7466ef45
Add compression support for the encrypt function 2018-02-13 15:08:41 +01:00
Sanjana Rajan
62015c2c8d useWildcard -> wildcard 2018-02-12 19:31:47 +01:00