suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8a57246ec4
fork-openpgpjs/test/security
History
larabr 8a57246ec4
Add config.rejectPublicKeyAlgorithms (#1264) 
- Add `config.rejectPublicKeyAlgorithms` to disallow using the given algorithms
  to verify, sign or encrypt new messages or third-party certifications.

- Consider `config.minRsaBits` when signing, verifying and encrypting messages
  and third-party certifications, not just on key generation.

- When verifying a message, if the verification key is not found (i.e. not
  provided or too weak), the corresponding `signature` will have
  `signature.valid=false` (used to be `signature.valid=null`).
  `signature.error` will detail whether the key is missing/too weak/etc.

Generating and verifying key certification signatures is still permitted in all cases.
2021-03-25 15:08:49 +01:00
..
index.js Switch build system to rollup 2021-02-09 19:25:20 +01:00
message_signature_bypass.js Consolidate read* functions (#1236) 2021-02-17 20:36:33 +01:00
preferred_algo_mismatch.js Consolidate read* functions (#1236) 2021-02-17 20:36:33 +01:00
subkey_trust.js Add config.rejectPublicKeyAlgorithms (#1264) 2021-03-25 15:08:49 +01:00
unsigned_subpackets.js Consolidate read* functions (#1236) 2021-02-17 20:36:33 +01:00