Daniel Huigens
0e33e641af
Switch build system to rollup
...
Also, default to minimized builds.
2021-02-09 19:25:20 +01:00
Ilya Chesnokov
6e648b1cbc
Rename enums to use camelCase ( #1093 )
2021-02-09 19:25:20 +01:00
Ilya Chesnokov
e16807505f
Switch util function names to camelCase ( #1091 )
2021-02-09 19:25:20 +01:00
Ilya Chesnokov
d415bc2546
Rename config option names to camelCase ( #1088 )
2021-02-09 19:25:20 +01:00
Daniel Huigens
63b6d215e3
Allow key.validate() to pass if it has a GNU dummy primary key
...
A valid signing subkey is required, in this case.
2021-02-09 19:25:20 +01:00
larabr
8823603396
Remove worker ( #1072 )
2021-02-09 19:25:20 +01:00
larabr
85d0358d45
Remove 3DES and CAST5 from default preferred symmetric algorithms ( #1068 )
2021-02-09 19:25:20 +01:00
larabr
20950e5df5
Remove SHA-1 from default preferred hash algorithms ( #1067 )
...
Also, remove SHA-1 from the (unused) KDF params constructor defaults.
2021-02-09 19:25:20 +01:00
larabr
5ad19c8da8
Generate ECC keys by default ( #1065 )
...
Also, remove the deprecated numBits options of generateKey in favor of rsaBits.
2021-02-09 19:25:20 +01:00
larabr
4c93abb9f9
Use V5 keys by default ( #1063 )
2021-02-09 19:25:20 +01:00
larabr
a7640bce52
Use AEAD protection by default ( #1062 )
2021-02-09 19:25:20 +01:00
Daniel Huigens
2bc24f354b
Return only one key in key.read[Armored], add readAll[Armored]
2021-02-09 19:25:20 +01:00
Daniel Huigens
9394fec1f4
Throw in openpgp.initWorker if worker failed to load
2021-02-09 19:25:20 +01:00
Daniel Huigens
ef7c38860b
Don't unnecessarily return objects in top-level functions
...
openpgp.encrypt, sign, encryptSessionKey, encryptKey and decryptKey now
return their result directly without wrapping it in a "result" object.
Also, remove the `detached` and `returnSessionKey` options of
openpgp.encrypt.
2021-02-09 19:25:20 +01:00
Daniel Huigens
7225251af8
Return Uint8Array(Stream) instead of object when armor = false
2021-02-09 19:25:20 +01:00
larabr
08fc7b32ca
Fix and test dummy key conversion ( #1172 )
...
Keys converted using makeDummy() were not serialised correctly as they were
treated as unencrypted keys.
2020-11-10 17:32:44 +01:00
larabr
2eab8a1ebc
Add config option to allow insecure decryption with RSA signing keys ( #1148 )
2020-08-28 16:09:56 +02:00
larabr
25bf080871
Add SecretKey.prototype.makeDummy ( #1131 )
2020-08-03 15:52:50 +02:00
larabr
8783caa828
Fix key validation tests
2020-07-16 22:56:06 +02:00
larabr
00c5f38689
Cipher-specific key validation ( #1116 )
...
Also, check binding signatures for decryption keys.
Also, do not always fallback on Web Crypto ECC errors.
2020-07-13 19:57:33 +02:00
Daniel Huigens
60822d87d9
Fix generating keys with a date in the future
...
This was broken in 8c3bcd1
2020-02-27 16:04:07 +01:00
Daniel Huigens
8c3bcd1f21
Reject signatures using insecure hash algorithms
...
Also, switch from returning false to throwing errors in most verify*()
functions, as well as in `await signatures[*].verified`, in order to be
able to show more informative error messages.
2020-02-25 15:06:15 +01:00
Daniel Huigens
382c05df6f
Remove accidental .only in test suite
2020-01-24 17:59:35 +01:00
Daniel Huigens
523432334f
Implement Key.prototype.clearPrivateParams
2020-01-24 17:57:39 +01:00
Daniel Huigens
8f355a75da
Implement key.validate() ( #1028 )
...
This function checks whether the private and public key parameters
of the primary key match.
This check is necessary when using your own private key to encrypt
data if the private key was stored on an untrusted medium, and
trust is derived from being able to decrypt the private key.
2020-01-07 18:16:45 +01:00
Daniel Huigens
3d75efc1dc
Only throw on authorized revocation key when verifying self-signatures ( #1017 )
...
This also has the effect that we only throw on them when trying to use
the key, instead of when parsing it, and that we don't throw when the
authorized revocation key is specified in a separate direct-key
signature instead of a User ID self-signature (the spec only specifies
including it in a direct-key signature, so that means that we
effectively don't reject them anymore. This is because users that
wanted to use the key, could remove this separate signature, anyway.)
2019-12-20 17:21:35 +01:00
Tom J
e1b9156e72
Explicitly include 'uncompressed' in preferred compression algos ( #1020 )
2019-12-20 17:20:18 +01:00
Daniel Huigens
c91fcd684d
Fix key preferences test when using Worker and use_native=false
2019-10-15 14:21:05 +02:00
Ilya Chesnokov
1e37b27673
Use rsaBits=2048 in addSubkey tests when using Web Crypto ( #971 )
...
Fix tests failing in old browsers due to too low rsaBits.
Also, always throw in addSubkey when rsaBits is too low.
2019-09-24 13:53:12 +02:00
Daniel Huigens
fbbeaa3cd9
Rename numBits and bits to rsaBits ( #970 )
...
Keep supporting the old names as well though in `openpgp.generateKey`
and `getAlgorithmInfo`, but not in `openpgp.key.generate` (as it is
recommended that developers use `openpgp.generateKey` instead, and
it now throws when using `numBits` instead of `rsaBits`, so there's
no risk of silent key security downgrade).
The old names are now deprecated, and might be removed in v5.
2019-09-18 13:40:44 +02:00
Ilya Chesnokov
7f40ab0940
Implement Key.prototype.addSubkey ( #963 )
2019-09-16 15:53:19 +02:00
Daniel Huigens
9b5124d5cd
Switch from Sauce Labs to Browserstack ( #965 )
...
* Switch from Sauce Labs to Browserstack
* Don't run all tests on CI
2019-09-16 14:59:06 +02:00
Daniel Huigens
18474bdfb6
Fix decrypting newly generated key object when using the Worker
2019-09-11 18:11:16 +02:00
Daniel Huigens
a731a607ce
Fix writing newly generated embedded primary key binding signatures
2019-09-11 18:11:15 +02:00
Daniel Huigens
a7cc71e35e
Throw when trying to encrypt a key that's already encrypted ( #950 )
2019-08-19 13:27:52 +02:00
Daniel Huigens
a184ef6ec4
Remove support for the previous draft00 AEAD
2019-08-12 17:46:37 +02:00
Daniel Huigens
80c535eeb7
Separate config option to use V5 keys from AEAD config option
2019-08-12 17:46:37 +02:00
Daniel Huigens
8312399f9d
Update V5 key hashing for signatures to rfc4880bis-07
2019-08-12 17:46:37 +02:00
Daniel Huigens
43441bfe0d
openpgp.reformatKey: Fix key preferences for signing subkeys
2019-05-23 17:37:20 +02:00
Si Feng
d2c38693f5
Put comment before email when generating UIDs ( #892 )
2019-05-01 13:12:52 +02:00
Thomas Oberndörfer
038d8466fe
Add date parameter to user.verifyAllCertifications and user.verify methods ( #871 )
...
Also, in user.verifyCertificate, fix certificate.isExpired check for keys with future creation date.
2019-03-08 17:33:36 +01:00
Thomas Oberndörfer
b1be7d1202
Fix merging multiple subkey binding signatures ( #868 )
2019-02-28 10:34:46 -08:00
Sanjana Rajan
529973f2a2
Merge branch 'master' into fix/non-primary-non-revoked-sub-user
2018-12-23 17:52:01 +01:00
Sanjana Rajan
1bee091f2a
Merge pull request #815 from twiss/userIds
...
Make fromUserIds/toUserIds params plural, and accept arrays of User IDs
2018-12-23 17:50:46 +01:00
Daniel Huigens
9691dc9c99
Fix getExpirationTime with capabilities and an expired signing subkey
...
When the latest subkey with the requested capabilities is expired,
and the primary key has the requested capabilities, return the
primary key expiry instead.
Also, change isExpired/isDataExpired to still return false at the
date returned by getExpirationTime, so that the latter returns the
last date that the key can still be used.
2018-12-21 12:49:22 -05:00
Daniel Huigens
f0f9a5c2a4
Fix key generation tests on Node
...
The Node tests set the key bit size to 512, which is not big enough
to sign a SHA384 hash + header.
2018-12-17 13:32:27 -05:00
Daniel Huigens
804e91140a
Add config values to preferred algorithms
2018-12-17 12:52:30 -05:00
Daniel Huigens
926047f0b3
Default to RFC4880bis-mandated symmetric algos
2018-12-17 12:27:09 -05:00
Daniel Huigens
65772d86b3
Make fromUserIds/toUserIds params plural, and accept arrays of User IDs
...
Each User ID object is used for the key object at the corresponding index
in the privateKeys/publicKeys arrays.
2018-12-14 16:54:44 +01:00
Kay Lukas
2dbb8582d7
Add testcases
2018-12-10 20:21:55 +01:00
