suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,780 Commits 1 Branch 0 Tags 39 MiB
b9abf80d5a
Commit Graph

1037 Commits

Author SHA1 Message Date
Daniel Huigens
8720adcf65 Check signature public key algorithm against issuer key algorithm 2018-12-17 12:27:04 -05:00
Daniel Huigens
3b9676f2e9 Reject messages encrypted with a symmetric algo not in preferred algos 2018-12-17 12:27:03 -05:00
Daniel Huigens
19be0831b9 Add userIds parameter to signPrimaryUser and verifyPrimaryUser 2018-12-14 17:49:09 +01:00
Daniel Huigens
cb3f644708 Validate ECC public keys 2018-12-14 17:21:12 +01:00
Daniel Huigens
d74a2af4d3 Return primary key expiry based on userId param in getExpirationTime 2018-12-14 16:54:55 +01:00
Daniel Huigens
65772d86b3 Make fromUserIds/toUserIds params plural, and accept arrays of User IDs 
Each User ID object is used for the key object at the corresponding index
in the privateKeys/publicKeys arrays.
 2018-12-14 16:54:44 +01:00
Daniel Huigens
d4d94c6fb7 Remove non-AES CFB quick check 2018-12-11 14:05:26 +01:00
Kay Lukas
2dbb8582d7 Add testcases 2018-12-10 20:21:55 +01:00
Kay Lukas
3c0b22268d Prefer a non-revoked primary user 2018-12-10 17:50:21 +01:00
Daniel Huigens
c7339f6f78 Check whether signing key was non-expired at signature creation time 2018-12-10 16:34:44 +01:00
Daniel Huigens
787965981a Check whether message signatures are expired when verifying them 2018-12-10 15:20:24 +01:00
Daniel Huigens
92230d2055 Consider non-expired signatures from expired keys to still be valid 2018-12-10 15:20:11 +01:00
Daniel Huigens
ff86b00315 Fix undefined behavior when reading 3des algo 2018-12-10 14:21:52 +01:00
Kay Lukas
a49529d243 Handle end of stream in compression correctly 2018-12-07 11:47:52 +01:00
Thomas Oberndörfer
a7bae10fe8 Revise check on key revocation sub packet: throwing the exception should only be done on single keys and not discard the whole armored block with possibly multiple keys. Evaluate only self-signatures. 2018-11-30 11:45:31 +01:00
Kay Lukas
c952e833d3 Support 3des as a session key algorithm 2018-11-06 17:38:17 +01:00
Daniel Huigens
997f3e8e38 Compute signed data based on expected signature type 2018-11-05 17:13:40 +01:00
Daniel Huigens
1071cb9bca Fix cloning embedded signatures 2018-11-05 16:32:30 +01:00
Sanjana Rajan
67de70fa01
Merge pull request #798 from twiss/seek-bzip 
Remove bzip2 compression
 2018-11-05 12:58:50 +01:00
Daniel Huigens
08f48bfc2c Switch to seek-bzip 2018-11-05 12:49:53 +01:00
Daniel Huigens
9a7fe9cd45 Bump S2K iteration count parameter 2018-11-05 11:47:46 +01:00
Daniel Huigens
d314a20e0f Don't return keys with an authorized revocation key 2018-11-05 11:47:45 +01:00
Daniel Huigens
8fa3aadea2 Add and require primary key binding signatures on signing keys 
Also, fix keyFlags of signing subkeys.

Also, store Issuer Key ID and Embedded Signature in unhashed rather
than hashed subpackets.
 2018-11-05 11:47:45 +01:00
Daniel Huigens
8c97112449 Throw on critical unknown signature subpackets 2018-11-05 11:47:44 +01:00
Daniel Huigens
47138eed61 Don't trust unhashed signature subpackets 
Also, export packet.Signature.prototype.read_sub_packets.
 2018-11-05 11:47:43 +01:00
Daniel Huigens
327d3e5392 Only accept binary or text signatures when verifying messages 2018-11-05 11:47:39 +01:00
Sanjana Rajan
17f639bc8d
Merge pull request #795 from twiss/web-crypto-hashing 
Web Crypto hashing
 2018-11-05 11:38:41 +01:00
Daniel Huigens
2245df6023 Don't return streams in openpgp.revokeKey() 2018-11-05 11:15:39 +01:00
Daniel Huigens
4faa84daa0 Inline iterated S2K loop 2018-11-01 15:40:04 +01:00
Daniel Huigens
a250ee9f91 Clean up checksum calculation 2018-11-01 14:47:22 +01:00
Daniel Huigens
e8a2c45390 Only use Web Crypto for hashing beyond a treshold number of bytes 
Sending data to the Web Crypto API involves some latency.
 2018-11-01 14:47:22 +01:00
Daniel Huigens
7253df1632 Don't hash when comparing key fingerprints 2018-11-01 14:47:21 +01:00
Daniel Huigens
abce79b509 Use Web Crypto for hashing 2018-11-01 14:11:22 +01:00
Sanjana Rajan
3c45b6f18a
Merge pull request #793 from twiss/signature-errors 
Check that one-pass signatures match their corresponding signature
 2018-11-01 12:13:02 +01:00
Daniel Huigens
11fd2313a7 Fix unhandled promise rejection when decrypting non-MDC message 2018-11-01 11:46:43 +01:00
Daniel Huigens
13c29b1fc9 Fix decryption with multiple passwords 2018-11-01 11:46:27 +01:00
Daniel Huigens
d442b6bad7 Throw when signature packet does not correspond to one pass signature packet 2018-10-29 11:47:39 +01:00
Daniel Huigens
9c82bf491e Reject signatures[*].verified and signatures[*].signature on read errors 
However, don't throw "unhandled promise rejection" when not using these
properties at all, or when they reject before the user has a chance to
handle them.
 2018-10-29 11:47:36 +01:00
Daniel Huigens
c3419e5cd0 Don't return streams in openpgp.reformatKey() 2018-10-25 19:41:59 +02:00
Daniel Huigens
baaa0716b4 Fix performance issue with handling large messages 2018-10-19 15:09:33 +02:00
Daniel Huigens
6f9670cc65 Clarify comment explaining packetlist's usage of supportsStreaming 2018-10-10 18:21:02 +02:00
Daniel Huigens
bc6118980f Throw on parse errors in integrity protected encrypted packets 2018-10-05 12:40:05 +02:00
Daniel Huigens
3751731330 Don't hang when signature packet corresponding to one-pass sig is missing 2018-10-04 22:13:10 +02:00
Daniel Huigens
ac6b57781b Make isValid*KeyPacket inner functions 2018-09-22 23:03:10 +02:00
Daniel Huigens
bbcdacef8d Small documentation fixes 2018-09-22 23:03:10 +02:00
Daniel Huigens
b3af56b8a3 Ignore third-party revocation signatures 
This check was removed in ec22dab.
 2018-09-22 23:03:10 +02:00
Daniel Huigens
a1c47ecdea Indicate an error when parsing a key with an authorized revocation key 
Since we will ignore revocation signatures from authorized revocation keys,
it is dangerous to use these keys.
 2018-09-22 23:03:10 +02:00
Daniel Huigens
5cf61daa19 Check validity of signatures before using them 2018-09-22 23:03:10 +02:00
Daniel Huigens
d8840294cf Make newlines in armored objects consistent 
- Don't add an extraneous newline at the end of base64-encoded data
  if it is a multiple of 60 characters long.
- Generate \r\n instead of \n in base64-encoded data.
- Generate one newline instead of two after END PGP PUBLIC KEY BLOCK
  for consistency with the other footers.
 2018-09-13 14:32:35 +02:00
Sanjana Rajan
d43437473f bugfix - when a requested key capability is not present, return null expiration 2018-09-03 21:59:58 -07:00
Daniel Huigens
ca2f6d03b6 Slightly optimize base64 decoding 2018-09-03 18:23:38 +02:00
Daniel Huigens
dc722770d0 Don't process armored message data line per line 
This cuts down on the overhead of streaming by reducing the amount
of calls to reader.read() and writer.write().
 2018-09-03 18:23:38 +02:00
Daniel Huigens
e055d86062 Update documentation 2018-08-14 17:50:26 +02:00
Daniel Huigens
e5a3095894 Fix GCM and EAX in Edge 
Web Crypto AES-GCM in Edge seems to require non-empty ADATA and an
explicit tagLength.

AES-CTR doesn't seem to be supported at all, so this disables Web Crypto
for EAX in Edge.
 2018-08-14 17:24:41 +02:00
Daniel Huigens
4bdc5e92ab Add --compat option 
Without it, the generated build is for recent versions of
Chrome, Firefox, Safari and Edge.

With it, the generated build is for IE11+.
 2018-08-14 17:24:41 +02:00
Daniel Huigens
c705f475b7 Switch back to hash.js SHA512 
asmcrypto.js SHA512 is huge (75kB, 7kB gzipped).

This partially reverts fadcc4b5.
 2018-08-14 17:24:40 +02:00
Daniel Huigens
00a2c0c0c2 Support unicode surrogate code points 2018-08-14 17:24:40 +02:00
Daniel Huigens
a2f53b2ce2 Speed up initial builds 2018-08-14 17:24:40 +02:00
Daniel Huigens
8c7e4386af Fix stream-reading zero-length (partial) packets 2018-08-14 17:19:54 +02:00
Daniel Huigens
052fa444be Support Node streams 2018-08-14 17:19:54 +02:00
Daniel Huigens
0ddff3ae7d Rename asStream to streaming 
Also, break up `postProcess`.
 2018-08-14 17:19:51 +02:00
Daniel Huigens
b35b167e63 Add openpgp.cleartext.fromText 
For symmetry with message.fromText
 2018-08-14 16:35:41 +02:00
Daniel Huigens
52c4fa9639 Move streams library to a separate package 2018-08-14 16:35:40 +02:00
Daniel Huigens
252da44419 Don't depend on util in stream.js 2018-08-14 16:35:40 +02:00
Daniel Huigens
bb15ffc2a0 Fix streaming verify when using Worker and streams polyfill 2018-08-14 16:35:40 +02:00
Daniel Huigens
29271accef Enable Transferables in IE11 
Reverts 11ff845c.
 2018-08-14 16:35:40 +02:00
Daniel Huigens
c75e2323c0 Support IE11 for streaming 2018-08-14 16:35:39 +02:00
Daniel Huigens
721e522b17 Don't increase buffering in transformWithCancel 
Keep backpressure the same as in default TransformStream().
 2018-08-14 16:35:39 +02:00
Daniel Huigens
0b0112d1e6 En/decrypt all AEAD chunks in parallel when not returning a stream 2018-08-14 16:35:39 +02:00
Daniel Huigens
d844b8b06c Add minimum AEAD buffer size 
This enables parallelism for streaming AEAD chunked encryption.

The reason we can't do so at the very end of the pipe chain
(e.g., in `readToEnd`) is because requests for increased
buffering (i.e. `desiredSize > 1`) do not propagate backwards,
only requests for backpressure (i.e. `desiredSize <= 0`) do.
 2018-08-14 16:35:39 +02:00
Daniel Huigens
ca537e439d Comments & code style 2018-08-14 16:35:38 +02:00
Daniel Huigens
1101a05b10 Don't return streams inside unarmored generated keys and signatures 
When not requested, we convert the streams to Uint8Arrays.

This makes the generated key safe to pass to a Worker more than once.

Partially reverts 735aa1da.
 2018-08-14 16:35:36 +02:00
Daniel Huigens
d489f3369f Update to asmcrypto.js 2 2018-08-10 14:46:30 +02:00
Daniel Huigens
e66d44e42d Rename config.unsafe_stream to allow_unauthenticated_stream 2018-08-10 14:46:29 +02:00
Daniel Huigens
2b30ab9c8f Replace data with message parameter in encrypt() and sign() 
When encrypting/signing a stream, this allows you to indicate whether it's a
stream of Strings or Uint8Arrays (using message.fromText or message.fromBinary,
respectively.)

When signing text, this allows you to control whether to create a cleartext
message or a regular armored text message.

When creating a detached signature, it allows you to control whether it's "meant
for" (verifying against) a cleartext message. A cleartext message has trailing
whitespace trimmed before signing. This fixes the case of passing a detached
signature from sign() to encrypt(). Since encrypt() doesn't create a cleartext
message, the signature would be invalid if the text contained lines with
trailing whitespace.
 2018-08-10 14:46:29 +02:00
Daniel Huigens
95413cc6ed Fix signatures of messages with leading/trailing whitespace 2018-08-10 14:46:29 +02:00
Daniel Huigens
160b03451f Fix key generation in Firefox 
Previously broken by daa0188e.
 2018-08-10 14:46:29 +02:00
Daniel Huigens
9f0f00e087 Make signature.verified a Promise instead of result.signatures 
Also, fix verifying detached signatures
 2018-08-10 14:46:28 +02:00
Daniel Huigens
0db32bea39 Backpressure and cancellation in sign/verify 2018-08-10 14:46:28 +02:00
Daniel Huigens
d2ba6b3c6c Wait for data to be read before resolving signatures 2018-08-10 14:46:28 +02:00
Daniel Huigens
3113976dd2 Don't throw in result.signatures 
- The caller might not await them, in which case you get an "unhandled rejection"
- The caller might await them but only after reading the data, in which case you
  get an unhandled rejection if there's an error before the end of the data
 2018-08-10 14:46:27 +02:00
Daniel Huigens
b6e988b6a6 Convert result.signatures to a Promise 
Also, throw armor checksum errors inside the data stream
 2018-08-10 14:46:27 +02:00
Daniel Huigens
0cabf72682 Add TextDecoder polyfill 2018-08-10 14:46:27 +02:00
Daniel Huigens
ad92ac7c3a Fix signature type of one-pass signatures when passing a signature 
If the type of the signature passed to openpgp.encrypt() did not
match the "expected" type (text for literal text packets, etc)
the signature type would be set incorrectly.
 2018-08-10 14:46:26 +02:00
Daniel Huigens
4d82d25559 Pass more tests 
We now use streams internally in more places.
 2018-08-10 14:46:26 +02:00
Daniel Huigens
4e749965f2 Remove support for V3 keys and signatures 2018-08-10 14:46:26 +02:00
Daniel Huigens
eb72d4dd63 Don't use asmcrypto's streaming API when not necessary 
Optimization for Firefox
 2018-08-10 14:46:26 +02:00
Daniel Huigens
e1a8b17753 Fix literalPacket.getText() 
We now close streams after reading them, so we can no longer use
stream.locked for a proxy for "has been read". What we want is the
internal [[disturbed]] property, but we can't access it for native
streams.

Since we always read the stream when calling getText(), it's not
an issue.
 2018-08-10 14:46:25 +02:00
Daniel Huigens
411b626149 Work around timing difference between Chrome and polyfill 
When piping a stream to a writable stream and erroring that,
the input (readable) stream only gets cancelled after pipeTo()
returns in Chrome.
 2018-08-10 14:46:25 +02:00
Daniel Huigens
55fd292fba Fix armor errors 
Also, fix error handling in transformPair()
 2018-08-10 14:46:25 +02:00
Daniel Huigens
304cbf4783 Fix backpressure 2018-08-10 14:46:25 +02:00
Daniel Huigens
589b666ac7 Don't clone stream in packet.parse() 2018-08-10 14:46:24 +02:00
Daniel Huigens
ddda6a0b16 Implement cancellation by manually linking together input and output streams 2018-08-10 14:46:24 +02:00
Daniel Huigens
de2971d84a Use TransformStreams 2018-08-10 14:46:24 +02:00
Daniel Huigens
51c897b073 Cancelling 2018-08-10 14:46:23 +02:00
Daniel Huigens
a6a701df7f Streaming signing 2018-08-10 14:46:23 +02:00
Daniel Huigens
9c1c28bc59 Add option to read unauthenticated data from stream 2018-08-10 14:46:23 +02:00
Daniel Huigens
1effe19c1d Allow simultaneously reading data and waiting for signature verification 
This makes openpgp.{decrypt,verify}().signatures a Promise when passing a
stream or when asStream=true
 2018-08-10 14:46:22 +02:00
Daniel Huigens
4bbbdaee9f Rename stream.subarray() to stream.slice() 
Also, support ReadableStream[String] in stream.* and reader.* functions
 2018-08-10 14:46:22 +02:00
Daniel Huigens
56ec5b3a8d Don't keep extra copies of streams in memory 2018-08-10 14:46:22 +02:00