suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,034 Commits 1 Branch 0 Tags 39 MiB
fe2949f16d
Commit Graph

173 Commits

Author SHA1 Message Date
Wiktor Kwapisiewicz
fe2949f16d Allow parsing keys without User IDs (#1146) 2021-02-09 19:25:20 +01:00
larabr
8d67af729a Use higher level functions in key validation tests (#1128) 
Use `key.keyPacket.validate` instead of `crypto.publicKey.validateParams`, see
https://github.com/openpgpjs/openpgpjs/pull/1116#discussion_r447781386.

Also, `key.decrypt` now only throws on error, no other value is returned.

Also, fix typo (rebase error) that caused tests to fail in Safari for p521.
 2021-02-09 19:25:20 +01:00
Dan Ristea
10aa1aa5cb JSdoc types & ESLint fixes (#1132) 2021-02-09 19:25:20 +01:00
larabr
f6ee6e959e Finish merging key validation 2021-02-09 19:25:20 +01:00
Daniel Huigens
aea7aa953a Use ES6 classes 2021-02-09 19:25:20 +01:00
Daniel Huigens
fb3d23427d Allow dead code elimination 2021-02-09 19:25:20 +01:00
Daniel Huigens
0e33e641af Switch build system to rollup 
Also, default to minimized builds.
 2021-02-09 19:25:20 +01:00
Ilya Chesnokov
6e648b1cbc Rename enums to use camelCase (#1093) 2021-02-09 19:25:20 +01:00
Ilya Chesnokov
e16807505f Switch util function names to camelCase (#1091) 2021-02-09 19:25:20 +01:00
Ilya Chesnokov
d415bc2546 Rename config option names to camelCase (#1088) 2021-02-09 19:25:20 +01:00
Daniel Huigens
63b6d215e3 Allow key.validate() to pass if it has a GNU dummy primary key 
A valid signing subkey is required, in this case.
 2021-02-09 19:25:20 +01:00
larabr
8823603396 Remove worker (#1072) 2021-02-09 19:25:20 +01:00
larabr
85d0358d45 Remove 3DES and CAST5 from default preferred symmetric algorithms (#1068) 2021-02-09 19:25:20 +01:00
larabr
20950e5df5 Remove SHA-1 from default preferred hash algorithms (#1067) 
Also, remove SHA-1 from the (unused) KDF params constructor defaults.
 2021-02-09 19:25:20 +01:00
larabr
5ad19c8da8 Generate ECC keys by default (#1065) 
Also, remove the deprecated numBits options of generateKey in favor of rsaBits.
 2021-02-09 19:25:20 +01:00
larabr
4c93abb9f9 Use V5 keys by default (#1063) 2021-02-09 19:25:20 +01:00
larabr
a7640bce52 Use AEAD protection by default (#1062) 2021-02-09 19:25:20 +01:00
Daniel Huigens
2bc24f354b Return only one key in key.read[Armored], add readAll[Armored] 2021-02-09 19:25:20 +01:00
Daniel Huigens
9394fec1f4 Throw in openpgp.initWorker if worker failed to load 2021-02-09 19:25:20 +01:00
Daniel Huigens
ef7c38860b Don't unnecessarily return objects in top-level functions 
openpgp.encrypt, sign, encryptSessionKey, encryptKey and decryptKey now
return their result directly without wrapping it in a "result" object.

Also, remove the `detached` and `returnSessionKey` options of
openpgp.encrypt.
 2021-02-09 19:25:20 +01:00
Daniel Huigens
7225251af8 Return Uint8Array(Stream) instead of object when armor = false 2021-02-09 19:25:20 +01:00
larabr
08fc7b32ca
Fix and test dummy key conversion (#1172) 
Keys converted using makeDummy() were not serialised correctly as they were
treated as unencrypted keys.
 2020-11-10 17:32:44 +01:00
larabr
2eab8a1ebc
Add config option to allow insecure decryption with RSA signing keys (#1148) 2020-08-28 16:09:56 +02:00
larabr
25bf080871
Add SecretKey.prototype.makeDummy (#1131) 2020-08-03 15:52:50 +02:00
larabr
8783caa828 Fix key validation tests 2020-07-16 22:56:06 +02:00
larabr
00c5f38689
Cipher-specific key validation (#1116) 
Also, check binding signatures for decryption keys.

Also, do not always fallback on Web Crypto ECC errors.
 2020-07-13 19:57:33 +02:00
Daniel Huigens
60822d87d9 Fix generating keys with a date in the future 
This was broken in 8c3bcd1.

(Before then, the revocation certificate was already broken when
generating a key with a date in the future.)
 2020-02-27 16:04:07 +01:00
Daniel Huigens
8c3bcd1f21 Reject signatures using insecure hash algorithms 
Also, switch from returning false to throwing errors in most verify*()
functions, as well as in `await signatures[*].verified`, in order to be
able to show more informative error messages.
 2020-02-25 15:06:15 +01:00
Daniel Huigens
382c05df6f Remove accidental .only in test suite 2020-01-24 17:59:35 +01:00
Daniel Huigens
523432334f Implement Key.prototype.clearPrivateParams 2020-01-24 17:57:39 +01:00
Daniel Huigens
8f355a75da
Implement key.validate() (#1028) 
This function checks whether the private and public key parameters
of the primary key match.

This check is necessary when using your own private key to encrypt
data if the private key was stored on an untrusted medium, and
trust is derived from being able to decrypt the private key.
 2020-01-07 18:16:45 +01:00
Daniel Huigens
3d75efc1dc
Only throw on authorized revocation key when verifying self-signatures (#1017) 
This also has the effect that we only throw on them when trying to use
the key, instead of when parsing it, and that we don't throw when the
authorized revocation key is specified in a separate direct-key
signature instead of a User ID self-signature (the spec only specifies
including it in a direct-key signature, so that means that we
effectively don't reject them anymore. This is because users that
wanted to use the key, could remove this separate signature, anyway.)
 2019-12-20 17:21:35 +01:00
Tom J
e1b9156e72 Explicitly include 'uncompressed' in preferred compression algos (#1020) 2019-12-20 17:20:18 +01:00
Daniel Huigens
c91fcd684d Fix key preferences test when using Worker and use_native=false 2019-10-15 14:21:05 +02:00
Ilya Chesnokov
1e37b27673 Use rsaBits=2048 in addSubkey tests when using Web Crypto (#971) 
Fix tests failing in old browsers due to too low rsaBits.

Also, always throw in addSubkey when rsaBits is too low.
 2019-09-24 13:53:12 +02:00
Daniel Huigens
fbbeaa3cd9
Rename numBits and bits to rsaBits (#970) 
Keep supporting the old names as well though in `openpgp.generateKey`
and `getAlgorithmInfo`, but not in `openpgp.key.generate` (as it is
recommended that developers use `openpgp.generateKey` instead, and
it now throws when using `numBits` instead of `rsaBits`, so there's
no risk of silent key security downgrade).

The old names are now deprecated, and might be removed in v5.
 2019-09-18 13:40:44 +02:00
Ilya Chesnokov
7f40ab0940 Implement Key.prototype.addSubkey (#963) 2019-09-16 15:53:19 +02:00
Daniel Huigens
9b5124d5cd
Switch from Sauce Labs to Browserstack (#965) 
* Switch from Sauce Labs to Browserstack

* Don't run all tests on CI
 2019-09-16 14:59:06 +02:00
Daniel Huigens
18474bdfb6 Fix decrypting newly generated key object when using the Worker 2019-09-11 18:11:16 +02:00
Daniel Huigens
a731a607ce Fix writing newly generated embedded primary key binding signatures 2019-09-11 18:11:15 +02:00
Daniel Huigens
a7cc71e35e
Throw when trying to encrypt a key that's already encrypted (#950) 2019-08-19 13:27:52 +02:00
Daniel Huigens
a184ef6ec4 Remove support for the previous draft00 AEAD 2019-08-12 17:46:37 +02:00
Daniel Huigens
80c535eeb7 Separate config option to use V5 keys from AEAD config option 2019-08-12 17:46:37 +02:00
Daniel Huigens
8312399f9d Update V5 key hashing for signatures to rfc4880bis-07 2019-08-12 17:46:37 +02:00
Daniel Huigens
43441bfe0d openpgp.reformatKey: Fix key preferences for signing subkeys 2019-05-23 17:37:20 +02:00
Si Feng
d2c38693f5 Put comment before email when generating UIDs (#892) 2019-05-01 13:12:52 +02:00
Thomas Oberndörfer
038d8466fe Add date parameter to user.verifyAllCertifications and user.verify methods (#871) 
Also, in user.verifyCertificate, fix certificate.isExpired check for keys with future creation date.
 2019-03-08 17:33:36 +01:00
Thomas Oberndörfer
b1be7d1202 Fix merging multiple subkey binding signatures (#868) 2019-02-28 10:34:46 -08:00
Sanjana Rajan
529973f2a2
Merge branch 'master' into fix/non-primary-non-revoked-sub-user 2018-12-23 17:52:01 +01:00
Sanjana Rajan
1bee091f2a
Merge pull request #815 from twiss/userIds 
Make fromUserIds/toUserIds params plural, and accept arrays of User IDs
 2018-12-23 17:50:46 +01:00