suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,153 Commits 1 Branch 0 Tags 39 MiB
ab22fe86da
Commit Graph

2153 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
cpupower
6988fdfee1
Fix stream-encrypting+signing a message using the Worker (#1112) 
- Include fromStream property when cloning a Message
- Restore fromStream property in packetlistCloneToMessage
 2020-06-25 12:53:27 +02:00
larabr
35b0012f2f
Pass around KDF params as object (#1104) 2020-06-03 14:16:54 +02:00
Matthew Shaylor
320efc2435
Fix keyId types in JSDoc comments (#1100) 2020-05-18 12:22:31 +02:00
Roman Zechmeister
1b91d428f0
Also create issuer fingerprint subpacket for v4 keys (#1097) 
Do not limit creation of signatures with issuer fingerprint subpacket to v5 keys.
 2020-05-11 21:45:04 +02:00
Daniel Huigens
2c6cbc4cb2 Release new version 2020-04-22 19:28:01 +02:00
Daniel Huigens
5d71ae8691 Fix normalizing \n after \r\n 
Broken in c4a7455.
 2020-04-22 19:09:50 +02:00
Daniel Huigens
35b4380909 Release new version 2020-04-21 16:05:49 +02:00
Ilya Chesnokov
674e0217fc
Support compressed data packets with algorithm=uncompressed (#1085) 2020-04-21 16:00:38 +02:00
Daniel Huigens
c4a7455cb5 Fix memory usage when non-streaming-en/decrypting large files 
Broken in #1071.
 2020-04-20 18:05:07 +02:00
larabr
e39216424f Drop support for \r as EOL (#1073) 2020-04-20 18:05:07 +02:00
Daniel Huigens
90ff60cbb1
Fix verification of EdDSA signatures with short MPIs (#1083) 
We would fail to verify EdDSA signatures with leading zeros, when
encoded according to the spec (without leading zeros, leading to
short MPIs). OpenPGP.js itself encodes them with leading zeros.
This is accepted by many implementations, but not valid according
to the spec. We will fix that in a future version.
 2020-04-16 17:03:49 +02:00
Daniel Huigens
b69d0d0228
Support PKCS5 padding longer than 8 bytes (#1081) 
This is allowed by the spec to hide the length of the session key:

    For example, assuming that an AES algorithm is
    used for the session key, the sender MAY use 21, 13, and 5 bytes of
    padding for AES-128, AES-192, and AES-256, respectively, to provide
    the same number of octets, 40 total, as an input to the key wrapping
    method.
 2020-04-15 19:33:04 +02:00
Daniel Huigens
04fb053fc8 Release new version 2020-04-15 11:34:10 +02:00
Daniel Huigens
9b51349ce3
Unpublish npm-shrinkwrap.json (#1079) 2020-04-15 11:25:27 +02:00
larabr
6119dbb08e
Support verification of text signatures on non-UTF-8 messages (#1071) 2020-03-30 12:51:07 +02:00
larabr
34f9f705e9
Update dependencies (#1061) 2020-03-26 18:05:07 +01:00
Ilya Chesnokov
69f14023f2
Update grunt; fix lodash vulnerability warning (#1060) 2020-03-17 13:39:30 +01:00
chenlhlinux
b76c67aba8
Fix signature verification examples in the README (#1058) 2020-03-12 20:13:22 +01:00
Makoto Sakaguchi
66d83db51b
Fix "TypeError: fetch is not a function" in Node.js environment (#1052) 2020-03-03 14:50:28 +01:00
Daniel Huigens
b6a6f52ad8 Release new version 2020-02-27 17:17:23 +01:00
Daniel Huigens
e986c47ed5 Remove no-op revocationCertificate option from reformatKey 2020-02-27 16:04:06 +01:00
Daniel Huigens
60822d87d9 Fix generating keys with a date in the future 
This was broken in 8c3bcd1.

(Before then, the revocation certificate was already broken when
generating a key with a date in the future.)
 2020-02-27 16:04:07 +01:00
Daniel Huigens
f6507c30e1 Release new version 2020-02-25 15:58:04 +01:00
Daniel Huigens
2131fb0978 Fix error message for legacy encrypted private keys 2020-02-25 15:07:43 +01:00
Daniel Huigens
c6ed05d2c3 Optimize crc24 calculation 2020-02-25 15:06:38 +01:00
Daniel Huigens
2ff4fbb0e8 Optimize base64 encoding and decoding 2020-02-25 15:06:38 +01:00
Daniel Huigens
15202d9d40 Don't use polyfilled Set in compat build 
All methods of sets we need are available in all browsers we support.
 2020-02-25 15:06:15 +01:00
Daniel Huigens
4bd22eb17a Unit tests: eval config query parameters instead of parsing as JSON 2020-02-25 15:06:15 +01:00
Daniel Huigens
8c3bcd1f21 Reject signatures using insecure hash algorithms 
Also, switch from returning false to throwing errors in most verify*()
functions, as well as in `await signatures[*].verified`, in order to be
able to show more informative error messages.
 2020-02-25 15:06:15 +01:00
Daniel Huigens
3af8e32bf0 Release new version 2020-02-17 14:40:22 +01:00
Daniel Huigens
92eda27e61 Binary signature on text message: sign and verify text as UTF-8 2020-02-17 12:49:20 +01:00
Daniel Huigens
de6ab1db49 Add inline sourceMap in minified files in grunt build --dev 2020-02-07 20:41:44 +01:00
Stig P
21c7d69f56
Fix typo in symmetric encryption example in README.md (#1042) 2020-02-03 15:10:19 +01:00
Daniel Huigens
93c5bed64b Release new version 2020-02-02 20:15:24 +01:00
Daniel Huigens
dc9660f2ae Add tests with old and new Blowfish encrypted messages 2020-02-02 16:51:56 +01:00
Daniel Huigens
84a1287e50 Fix Blowfish block size 2020-02-02 16:51:56 +01:00
Daniel Huigens
801b44f2e7 Don't use Node symmetric crypto when !config.use_native 2020-02-02 16:51:56 +01:00
Daniel Huigens
fc0052e35a Implement streaming non-AES encryption and decryption 2020-02-02 16:51:56 +01:00
Daniel Huigens
2ec8831abf Use native Node crypto for non-AES encryption and decryption 2020-02-02 16:51:56 +01:00
Daniel Huigens
e14a3c78b7 Add instructions to pipe unarmored encrypted data on Node.js 2020-02-02 16:51:01 +01:00
Daniel Huigens
b49e787ba9 Update setup instructions 2020-02-02 16:51:01 +01:00
Daniel Huigens
7000d9db4b Clean up README.md 2020-02-02 16:51:01 +01:00
Daniel Huigens
09e818763e Release new version 2020-01-24 20:05:16 +01:00
Daniel Huigens
786d909f79 Fix worker tests in compat browsers 2020-01-24 19:16:15 +01:00
Daniel Huigens
e8ee70b2a8 Fix UnhandledPromiseRejectionWarnings in Node.js 
These were introduced in 9bdeaa9 by `await`ing Promises later than
they're created.
 2020-01-24 18:05:50 +01:00
Daniel Huigens
382c05df6f Remove accidental .only in test suite 2020-01-24 17:59:35 +01:00
Daniel Huigens
9bdeaa927a Don't keep entire decrypted message in memory while streaming 
(When config.allow_unauthenticated_stream is set or the message is
AEAD-encrypted.)

The issue was that, when hashing the data for verification, we would
only start hashing at the very end (and keep the message in memory)
because nobody was "pulling" the stream containing the hash yet, so
backpressure was keeping the data from being hashed.

Note that, of the two patches in this commit, only the onePassSig.hashed
property actually mattered, for some reason. Also, the minimum
highWaterMark of 1 should have pulled the hashed stream anyway, I think.
I'm not sure why that didn't happen.
 2020-01-24 17:58:17 +01:00
Daniel Huigens
6e13604a64 Replace 'window' with 'global' 
In order to use Web Crypto in application workers, among other things.
 2020-01-24 17:58:04 +01:00
Daniel Huigens
81d6b45ba8 Test loading OpenPGP.js from a Worker in the application 2020-01-24 17:58:04 +01:00
Daniel Huigens
66acd979bf Clear worker key caches in openpgp.destroyWorker() 2020-01-24 17:57:39 +01:00