From 01df8ca889368894056f8ef20a75c0c4624eb418 Mon Sep 17 00:00:00 2001 From: larabr <7375870+larabr@users.noreply.github.com> Date: Fri, 20 Oct 2023 17:16:04 +0200 Subject: [PATCH] Rename values of `enums.curve.{curve, ed}25519Legacy` from `'{curve. ed}25519'` to `'{curve. ed}25519Legacy'` To reflect the crypto-refresh naming, after the standardisation of the new EdDSA key types. --- openpgp.d.ts | 10 +++---- src/crypto/public_key/elliptic/ecdh.js | 4 +-- .../public_key/elliptic/eddsa_legacy.js | 2 +- src/crypto/public_key/elliptic/oid_curves.js | 20 ++++++------- src/enums.js | 30 +++++++++---------- src/key/helper.js | 3 +- src/key/private_key.js | 2 +- src/openpgp.js | 8 ++--- test/crypto/ecdh.js | 6 ++-- test/crypto/elliptic.js | 4 +-- test/crypto/validate.js | 6 ++-- test/general/config.js | 6 ++-- test/general/key.js | 18 +++++------ test/general/openpgp.js | 24 +++++++++++++-- test/general/x25519.js | 14 ++++----- 15 files changed, 88 insertions(+), 69 deletions(-) diff --git a/openpgp.d.ts b/openpgp.d.ts index 529fdb61..3082030f 100644 --- a/openpgp.d.ts +++ b/openpgp.d.ts @@ -687,7 +687,7 @@ interface KeyPair { publicKey: PublicKey; } -export type EllipticCurveName = 'ed25519' | 'curve25519' | 'p256' | 'p384' | 'p521' | 'secp256k1' | 'brainpoolP256r1' | 'brainpoolP384r1' | 'brainpoolP512r1'; +export type EllipticCurveName = 'ed25519Legacy' | 'curve25519Legacy' | 'p256' | 'p384' | 'p521' | 'secp256k1' | 'brainpoolP256r1' | 'brainpoolP384r1' | 'brainpoolP512r1'; interface GenerateKeyOptions { userIDs: MaybeArray; @@ -839,11 +839,11 @@ export namespace enums { p384 = 'p384', p521 = 'p521', /** @deprecated use `ed25519Legacy` instead */ - ed25519 = 'ed25519', - ed25519Legacy = 'ed25519', + ed25519 = 'ed25519Legacy', + ed25519Legacy = 'ed25519Legacy', /** @deprecated use `curve25519Legacy` instead */ - curve25519 = 'curve25519', - curve25519Legacy = 'curve25519', + curve25519 = 'curve25519Legacy', + curve25519Legacy = 'curve25519Legacy', secp256k1 = 'secp256k1', brainpoolP256r1 = 'brainpoolP256r1', brainpoolP384r1 = 'brainpoolP384r1', diff --git a/src/crypto/public_key/elliptic/ecdh.js b/src/crypto/public_key/elliptic/ecdh.js index e37fb633..37001916 100644 --- a/src/crypto/public_key/elliptic/ecdh.js +++ b/src/crypto/public_key/elliptic/ecdh.js @@ -92,7 +92,7 @@ async function kdf(hashAlgo, X, length, param, stripLeading = false, stripTraili */ async function genPublicEphemeralKey(curve, Q) { switch (curve.type) { - case 'curve25519': { + case 'curve25519Legacy': { const d = getRandomBytes(32); const { secretKey, sharedKey } = await genPrivateEphemeralKey(curve, Q, null, d); let { publicKey } = nacl.box.keyPair.fromSecretKey(secretKey); @@ -154,7 +154,7 @@ async function genPrivateEphemeralKey(curve, V, Q, d) { d = privateKey; } switch (curve.type) { - case 'curve25519': { + case 'curve25519Legacy': { const secretKey = d.slice().reverse(); const sharedKey = nacl.scalarMult(secretKey, V.subarray(1)); return { secretKey, sharedKey }; // Note: sharedKey is little-endian here, unlike below diff --git a/src/crypto/public_key/elliptic/eddsa_legacy.js b/src/crypto/public_key/elliptic/eddsa_legacy.js index 3de09ba4..d90e0f9c 100644 --- a/src/crypto/public_key/elliptic/eddsa_legacy.js +++ b/src/crypto/public_key/elliptic/eddsa_legacy.js @@ -86,7 +86,7 @@ export async function verify(oid, hashAlgo, { r, s }, m, publicKey, hashed) { */ export async function validateParams(oid, Q, k) { // Check whether the given curve is supported - if (oid.getName() !== 'ed25519') { + if (oid.getName() !== enums.curve.ed25519Legacy) { return false; } diff --git a/src/crypto/public_key/elliptic/oid_curves.js b/src/crypto/public_key/elliptic/oid_curves.js index 129ab22c..4d40e25b 100644 --- a/src/crypto/public_key/elliptic/oid_curves.js +++ b/src/crypto/public_key/elliptic/oid_curves.js @@ -89,14 +89,14 @@ const curves = { node: nodeCurves.secp256k1, payloadSize: 32 }, - ed25519: { + ed25519Legacy: { oid: [0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01], keyType: enums.publicKey.eddsaLegacy, hash: enums.hash.sha512, node: false, // nodeCurves.ed25519 TODO payloadSize: 32 }, - curve25519: { + curve25519Legacy: { oid: [0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01], keyType: enums.publicKey.ecdh, hash: enums.hash.sha256, @@ -161,10 +161,10 @@ class CurveWithOID { this.type = 'web'; } else if (this.node && util.getNodeCrypto()) { this.type = 'node'; - } else if (this.name === 'curve25519') { - this.type = 'curve25519'; - } else if (this.name === 'ed25519') { - this.type = 'ed25519'; + } else if (this.name === enums.curve.curve25519Legacy) { + this.type = 'curve25519Legacy'; + } else if (this.name === enums.curve.ed25519Legacy) { + this.type = 'ed25519Legacy'; } } @@ -180,7 +180,7 @@ class CurveWithOID { } case 'node': return nodeGenKeyPair(this.name); - case 'curve25519': { + case 'curve25519Legacy': { const privateKey = getRandomBytes(32); privateKey[0] = (privateKey[0] & 127) | 64; privateKey[31] &= 248; @@ -189,7 +189,7 @@ class CurveWithOID { const publicKey = util.concatUint8Array([new Uint8Array([0x40]), keyPair.publicKey]); return { publicKey, privateKey }; } - case 'ed25519': { + case 'ed25519Legacy': { const privateKey = getRandomBytes(32); const keyPair = nacl.sign.keyPair.fromSeed(privateKey); const publicKey = util.concatUint8Array([new Uint8Array([0x40]), keyPair.publicKey]); @@ -243,7 +243,7 @@ async function validateStandardParams(algo, oid, Q, d) { p384: true, p521: true, secp256k1: true, - curve25519: algo === enums.publicKey.ecdh, + curve25519Legacy: algo === enums.publicKey.ecdh, brainpoolP256r1: true, brainpoolP384r1: true, brainpoolP512r1: true @@ -255,7 +255,7 @@ async function validateStandardParams(algo, oid, Q, d) { return false; } - if (curveName === 'curve25519') { + if (curveName === enums.curve.curve25519Legacy) { d = d.slice().reverse(); // Re-derive public point Q' const { publicKey } = nacl.box.keyPair.fromSecretKey(d); diff --git a/src/enums.js b/src/enums.js index 61fe1b37..8a417ec0 100644 --- a/src/enums.js +++ b/src/enums.js @@ -44,25 +44,25 @@ export default { '2B8104000A': 'secp256k1', /** Ed25519 - deprecated by crypto-refresh (replaced by standaone Ed25519 algo) */ - 'ed25519Legacy': 'ed25519', - 'ED25519': 'ed25519', + 'ed25519Legacy': 'ed25519Legacy', + 'ED25519': 'ed25519Legacy', /** @deprecated use `ed25519Legacy` instead */ - 'ed25519': 'ed25519', - 'Ed25519': 'ed25519', - '1.3.6.1.4.1.11591.15.1': 'ed25519', - '2b06010401da470f01': 'ed25519', - '2B06010401DA470F01': 'ed25519', + 'ed25519': 'ed25519Legacy', + 'Ed25519': 'ed25519Legacy', + '1.3.6.1.4.1.11591.15.1': 'ed25519Legacy', + '2b06010401da470f01': 'ed25519Legacy', + '2B06010401DA470F01': 'ed25519Legacy', /** Curve25519 - deprecated by crypto-refresh (replaced by standaone X25519 algo) */ - 'curve25519Legacy': 'curve25519', - 'X25519': 'curve25519', - 'cv25519': 'curve25519', + 'curve25519Legacy': 'curve25519Legacy', + 'X25519': 'curve25519Legacy', + 'cv25519': 'curve25519Legacy', /** @deprecated use `curve25519Legacy` instead */ - 'curve25519': 'curve25519', - 'Curve25519': 'curve25519', - '1.3.6.1.4.1.3029.1.5.1': 'curve25519', - '2b060104019755010501': 'curve25519', - '2B060104019755010501': 'curve25519', + 'curve25519': 'curve25519Legacy', + 'Curve25519': 'curve25519Legacy', + '1.3.6.1.4.1.3029.1.5.1': 'curve25519Legacy', + '2b060104019755010501': 'curve25519Legacy', + '2B060104019755010501': 'curve25519Legacy', /** BrainpoolP256r1 Curve */ 'brainpoolP256r1': 'brainpoolP256r1', diff --git a/src/key/helper.js b/src/key/helper.js index a23bbaae..babaf3e6 100644 --- a/src/key/helper.js +++ b/src/key/helper.js @@ -332,7 +332,8 @@ export function sanitizeKeyOptions(options, subkeyDefaults = {}) { } catch (e) { throw new Error('Unknown curve'); } - if (options.curve === enums.curve.ed25519Legacy || options.curve === enums.curve.curve25519Legacy) { + if (options.curve === enums.curve.ed25519Legacy || options.curve === enums.curve.curve25519Legacy || + options.curve === 'ed25519' || options.curve === 'curve25519') { // keep support for curve names without 'Legacy' addition, for now options.curve = options.sign ? enums.curve.ed25519Legacy : enums.curve.curve25519Legacy; } if (options.sign) { diff --git a/src/key/private_key.js b/src/key/private_key.js index b6533676..9fe89ca9 100644 --- a/src/key/private_key.js +++ b/src/key/private_key.js @@ -229,7 +229,7 @@ class PrivateKey extends PublicKey { const defaultOptions = secretKeyPacket.getAlgorithmInfo(); defaultOptions.type = getDefaultSubkeyType(defaultOptions.algorithm); defaultOptions.rsaBits = defaultOptions.bits || 4096; - defaultOptions.curve = defaultOptions.curve || 'curve25519'; + defaultOptions.curve = defaultOptions.curve || 'curve25519Legacy'; options = helper.sanitizeKeyOptions(options, defaultOptions); // Every subkey for a v4 primary key MUST be a v4 subkey. // Every subkey for a v6 primary key MUST be a v6 subkey. diff --git a/src/openpgp.js b/src/openpgp.js index 13c93d58..408eb3e2 100644 --- a/src/openpgp.js +++ b/src/openpgp.js @@ -41,8 +41,8 @@ import { checkKeyRequirements } from './key/helper'; * Note: Curve448 and Curve25519 (new format) are not widely supported yet. * @param {String} [options.passphrase=(not protected)] - The passphrase used to encrypt the generated private key. If omitted or empty, the key won't be encrypted. * @param {Number} [options.rsaBits=4096] - Number of bits for RSA keys - * @param {String} [options.curve='curve25519'] - Elliptic curve for ECC keys: - * curve25519 (default), p256, p384, p521, secp256k1, + * @param {String} [options.curve='curve25519Legacy'] - Elliptic curve for ECC keys: + * curve25519Legacy (default), p256, p384, p521, secp256k1, * brainpoolP256r1, brainpoolP384r1, or brainpoolP512r1 * @param {Date} [options.date=current date] - Override the creation date of the key and the key signatures * @param {Number} [options.keyExpirationTime=0 (never expires)] - Number of seconds from the key creation time after which the key expires @@ -59,10 +59,10 @@ export async function generateKey({ userIDs = [], passphrase, type, curve, rsaBi config = { ...defaultConfig, ...config }; checkConfig(config); if (!type && !curve) { type = config.v6Keys ? 'curve25519' : 'ecc'; // default to new curve25519 for v6 keys (legacy curve25519 cannot be used with them) - curve = 'curve25519'; // unused with type != 'ecc' + curve = 'curve25519Legacy'; // unused with type != 'ecc' } else { type = type || 'ecc'; - curve = curve || 'curve25519'; + curve = curve || 'curve25519Legacy'; } userIDs = toArray(userIDs); const unknownOptions = Object.keys(rest); if (unknownOptions.length > 0) throw new Error(`Unknown option: ${unknownOptions.join(', ')}`); diff --git a/test/crypto/ecdh.js b/test/crypto/ecdh.js index 4f211386..85eba9fa 100644 --- a/test/crypto/ecdh.js +++ b/test/crypto/ecdh.js @@ -149,7 +149,7 @@ export default () => describe('ECDH key exchange @lightweight', function () { }); it('Different keys', async function () { - const curve = new elliptic_curves.CurveWithOID('curve25519'); + const curve = new elliptic_curves.CurveWithOID(openpgp.enums.curve.curve25519Legacy); const oid = new OID(curve.oid); const kdfParams = new KDFParams({ hash: curve.hash, cipher: curve.cipher }); const data = util.stringToUint8Array('test'); @@ -160,7 +160,7 @@ export default () => describe('ECDH key exchange @lightweight', function () { }); it('Invalid fingerprint', async function () { - const curve = new elliptic_curves.CurveWithOID('curve25519'); + const curve = new elliptic_curves.CurveWithOID(openpgp.enums.curve.curve25519Legacy); const oid = new OID(curve.oid); const kdfParams = new KDFParams({ hash: curve.hash, cipher: curve.cipher }); const data = util.stringToUint8Array('test'); @@ -171,7 +171,7 @@ export default () => describe('ECDH key exchange @lightweight', function () { }); it('Successful exchange x25519 (legacy)', async function () { - const curve = new elliptic_curves.CurveWithOID('curve25519'); + const curve = new elliptic_curves.CurveWithOID(openpgp.enums.curve.curve25519Legacy); const oid = new OID(curve.oid); const kdfParams = new KDFParams({ hash: curve.hash, cipher: curve.cipher }); const data = util.stringToUint8Array('test'); diff --git a/test/crypto/elliptic.js b/test/crypto/elliptic.js index f34660e0..048413fd 100644 --- a/test/crypto/elliptic.js +++ b/test/crypto/elliptic.js @@ -71,8 +71,8 @@ export default () => describe('Elliptic Curve Cryptography @lightweight', functi if (!config.useIndutnyElliptic && !util.getNodeCrypto()) { this.skip(); } - const names = config.useIndutnyElliptic ? ['p256', 'p384', 'p521', 'secp256k1', 'curve25519', 'brainpoolP256r1', 'brainpoolP384r1', 'brainpoolP512r1'] : - ['p256', 'p384', 'p521', 'curve25519']; + const names = config.useIndutnyElliptic ? ['p256', 'p384', 'p521', 'secp256k1', 'curve25519Legacy', 'brainpoolP256r1', 'brainpoolP384r1', 'brainpoolP512r1'] : + ['p256', 'p384', 'p521', 'curve25519Legacy']; return Promise.all(names.map(function (name) { const curve = new elliptic_curves.CurveWithOID(name); return curve.genKeyPair().then(keyPair => { diff --git a/test/crypto/validate.js b/test/crypto/validate.js index 9b9b883e..ee4fa29e 100644 --- a/test/crypto/validate.js +++ b/test/crypto/validate.js @@ -91,7 +91,7 @@ export default () => { describe('EdDSA parameter validation (legacy format)', function() { let eddsaKey; before(async () => { - eddsaKey = await generatePrivateKeyObject({ curve: 'ed25519' }); + eddsaKey = await generatePrivateKeyObject({ curve: 'ed25519Legacy' }); }); it('EdDSA params should be valid', async function() { @@ -115,7 +115,7 @@ export default () => { let ecdhKey; let ecdsaKey; before(async () => { - eddsaKey = await generatePrivateKeyObject({ curve: 'ed25519' }); + eddsaKey = await generatePrivateKeyObject({ curve: 'ed25519Legacy' }); ecdhKey = eddsaKey.subkeys[0]; ecdsaKey = await generatePrivateKeyObject({ curve: 'p256' }); }); @@ -203,7 +203,7 @@ export default () => { ecdsaKey = await generatePrivateKeyObject({ curve }); ecdhKey = ecdsaKey.subkeys[0]; } else { - const eddsaKey = await generatePrivateKeyObject({ curve: 'ed25519' }); + const eddsaKey = await generatePrivateKeyObject({ curve: 'ed25519Legacy' }); ecdhKey = eddsaKey.subkeys[0]; } }); diff --git a/test/general/config.js b/test/general/config.js index 3da4c40a..55120a30 100644 --- a/test/general/config.js +++ b/test/general/config.js @@ -299,7 +299,7 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI await expect(openpgp.encrypt({ message, encryptionKeys: [key], config: { rejectCurves: new Set([openpgp.enums.curve.curve25519Legacy]) } - })).to.be.eventually.rejectedWith(/Support for ecdh keys using curve curve25519 is disabled/); + })).to.be.eventually.rejectedWith(/Support for ecdh keys using curve curve25519Legacy is disabled/); const echdEncrypted = await openpgp.encrypt({ message, encryptionKeys: [key], config: { rejectCurves: new Set([openpgp.enums.curve.ed25519Legacy]) } @@ -372,7 +372,7 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI })).to.be.eventually.rejectedWith(/eddsaLegacy keys are considered too weak/); await expect(openpgp.sign({ message, signingKeys: [key], config: { rejectCurves: new Set([openpgp.enums.curve.ed25519Legacy]) } - })).to.be.eventually.rejectedWith(/Support for eddsaLegacy keys using curve ed25519 is disabled/); + })).to.be.eventually.rejectedWith(/Support for eddsaLegacy keys using curve ed25519Legacy is disabled/); }); it('openpgp.verify', async function() { @@ -424,7 +424,7 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI config: { rejectCurves: new Set([openpgp.enums.curve.ed25519Legacy]) } }; const { signatures: [sig5] } = await openpgp.verify(opt5); - await expect(sig5.verified).to.be.eventually.rejectedWith(/Support for eddsaLegacy keys using curve ed25519 is disabled/); + await expect(sig5.verified).to.be.eventually.rejectedWith(/Support for eddsaLegacy keys using curve ed25519Legacy is disabled/); }); describe('detects unknown config property', async function() { diff --git a/test/general/key.js b/test/general/key.js index 4ee96133..f1ee51a1 100644 --- a/test/general/key.js +++ b/test/general/key.js @@ -3510,7 +3510,7 @@ PzIEeL7UH3trraFmi+Gq8u4kAA== }); it("validate() - don't throw if key parameters correspond", async function() { - const { privateKey: key } = await openpgp.generateKey({ userIDs: {}, curve: 'ed25519', format: 'object' }); + const { privateKey: key } = await openpgp.generateKey({ userIDs: {}, curve: 'ed25519Legacy', format: 'object' }); await expect(key.validate()).to.not.be.rejected; }); @@ -3536,7 +3536,7 @@ PzIEeL7UH3trraFmi+Gq8u4kAA== it('isDecrypted() - should reflect whether all (sub)keys are encrypted', async function() { const passphrase = '12345678'; - const { privateKey: key } = await openpgp.generateKey({ userIDs: {}, curve: 'ed25519', passphrase, format: 'object' }); + const { privateKey: key } = await openpgp.generateKey({ userIDs: {}, curve: 'ed25519Legacy', passphrase, format: 'object' }); expect(key.isDecrypted()).to.be.false; await key.subkeys[0].keyPacket.decrypt(passphrase); expect(key.isDecrypted()).to.be.true; @@ -4252,7 +4252,7 @@ VYGdb3eNlV8CfoEC expect(key.subkeys).to.have.length(0); const newKey = await key.addSubkey(); expect(newKey.subkeys[0].getAlgorithmInfo().algorithm).to.equal('ecdh'); - expect(newKey.subkeys[0].getAlgorithmInfo().curve).to.equal('curve25519'); + expect(newKey.subkeys[0].getAlgorithmInfo().curve).to.equal('curve25519Legacy'); }); it('Add a new default subkey to an Ed488 key', async function() { @@ -4330,7 +4330,7 @@ FM21J0hqWlEg+bdiojWnKfA5AQpWUWtnNwDEM0g12vYxoWM8Y81W+bHBw805 I8kWVkXU6vFOi+HWvv/ira7ofJu16NnoUkhclkUrk0mXubZvyl4GBg== -----END PGP PRIVATE KEY BLOCK-----` }); expect(v6Key.subkeys).to.have.length(1); - await expect(v6Key.addSubkey({ type: 'ecc' })).to.be.rejectedWith(/Cannot generate v6 keys of type 'ecc' with curve curve25519/); + await expect(v6Key.addSubkey({ type: 'ecc' })).to.be.rejectedWith(/Cannot generate v6 keys of type 'ecc' with curve curve25519Legacy/); expect(v6Key.subkeys).to.have.length(1); }); @@ -4369,10 +4369,10 @@ I8kWVkXU6vFOi+HWvv/ira7ofJu16NnoUkhclkUrk0mXubZvyl4GBg== it('create and add a new eddsa subkey to a eddsa key', async function() { const passphrase = '12345678'; const userID = { name: 'test', email: 'a@b.com' }; - const { privateKey } = await openpgp.generateKey({ curve: 'curve25519', userIDs: [userID], format: 'object', subkeys:[] }); + const { privateKey } = await openpgp.generateKey({ curve: 'curve25519Legacy', userIDs: [userID], format: 'object', subkeys:[] }); const total = privateKey.subkeys.length; - let newPrivateKey = await privateKey.addSubkey({ curve: 'curve25519', userIDs: [userID], sign: true }); + let newPrivateKey = await privateKey.addSubkey({ curve: 'curve25519Legacy', userIDs: [userID], sign: true }); const subkey1 = newPrivateKey.subkeys[total]; const encNewPrivateKey = await openpgp.encryptKey({ privateKey: newPrivateKey, passphrase }); newPrivateKey = await openpgp.decryptKey({ @@ -4393,14 +4393,14 @@ I8kWVkXU6vFOi+HWvv/ira7ofJu16NnoUkhclkUrk0mXubZvyl4GBg== it('create and add a new ecdsa subkey to a eddsa key', async function() { const userID = { name: 'test', email: 'a@b.com' }; - const { privateKey } = await openpgp.generateKey({ curve: 'ed25519', userIDs: [userID], format: 'object', subkeys:[] }); + const { privateKey } = await openpgp.generateKey({ curve: 'ed25519Legacy', userIDs: [userID], format: 'object', subkeys:[] }); const total = privateKey.subkeys.length; let newPrivateKey = await privateKey.addSubkey({ curve: 'p256', sign: true }); newPrivateKey = await openpgp.readKey({ armoredKey: newPrivateKey.armor() }); const subkey = newPrivateKey.subkeys[total]; expect(subkey).to.exist; expect(newPrivateKey.subkeys.length).to.be.equal(total + 1); - expect(newPrivateKey.getAlgorithmInfo().curve).to.be.equal('ed25519'); + expect(newPrivateKey.getAlgorithmInfo().curve).to.be.equal('ed25519Legacy'); expect(subkey.getAlgorithmInfo().curve).to.be.equal('p256'); expect(newPrivateKey.getAlgorithmInfo().algorithm).to.be.equal('eddsaLegacy'); expect(subkey.getAlgorithmInfo().algorithm).to.be.equal('ecdsa'); @@ -4428,7 +4428,7 @@ I8kWVkXU6vFOi+HWvv/ira7ofJu16NnoUkhclkUrk0mXubZvyl4GBg== it('create and add a new rsa subkey to a ecc key', async function() { const userID = { name: 'test', email: 'a@b.com' }; - const opt = { curve: 'ed25519', userIDs: [userID], format: 'object', subkeys:[] }; + const opt = { curve: 'ed25519Legacy', userIDs: [userID], format: 'object', subkeys:[] }; const { privateKey } = await openpgp.generateKey(opt); const total = privateKey.subkeys.length; let newPrivateKey = await privateKey.addSubkey({ type: 'rsa' }); diff --git a/test/general/openpgp.js b/test/general/openpgp.js index d59c4cd1..008cc713 100644 --- a/test/general/openpgp.js +++ b/test/general/openpgp.js @@ -1012,6 +1012,24 @@ export default () => describe('OpenPGP.js public api tests', function() { }); describe('generateKey - unit tests', function() { + it('should still support curve="curve25519" for ECC key type (v4 key)', function() { + const opt = { + userIDs: { name: 'Test User', email: 'text@example.com' }, + type: 'ecc', + curve: 'curve25519', + format: 'object' + }; + return openpgp.generateKey(opt).then(async function({ privateKey: key }) { + expect(key).to.exist; + expect(key.getAlgorithmInfo().rsaBits).to.equal(undefined); + expect(key.getAlgorithmInfo().algorithm).to.equal('eddsaLegacy'); + expect(key.getAlgorithmInfo().curve).to.equal('ed25519Legacy'); + expect(key.subkeys[0].getAlgorithmInfo().rsaBits).to.equal(undefined); + expect(key.subkeys[0].getAlgorithmInfo().algorithm).to.equal('ecdh'); + expect(key.subkeys[0].getAlgorithmInfo().curve).to.equal('curve25519Legacy'); + }); + }); + it('should have default params set (v4 key)', function() { const now = util.normalizeDate(new Date()); const opt = { @@ -1028,12 +1046,12 @@ export default () => describe('OpenPGP.js public api tests', function() { expect(key.users[0].userID.name).to.equal('Test User'); expect(key.users[0].userID.email).to.equal('text@example.com'); expect(key.getAlgorithmInfo().rsaBits).to.equal(undefined); - expect(key.getAlgorithmInfo().curve).to.equal('ed25519'); + expect(key.getAlgorithmInfo().curve).to.equal('ed25519Legacy'); expect(+key.getCreationTime()).to.equal(+now); expect(await key.getExpirationTime()).to.equal(Infinity); expect(key.subkeys.length).to.equal(1); expect(key.subkeys[0].getAlgorithmInfo().rsaBits).to.equal(undefined); - expect(key.subkeys[0].getAlgorithmInfo().curve).to.equal('curve25519'); + expect(key.subkeys[0].getAlgorithmInfo().curve).to.equal('curve25519Legacy'); expect(+key.subkeys[0].getCreationTime()).to.equal(+now); expect(await key.subkeys[0].getExpirationTime()).to.equal(Infinity); } @@ -4777,7 +4795,7 @@ sEj+v9LKoMTYZGMfp3qDVFLtkBE88eVmVjgJOoLhrsv7yh0PAA== }); describe('Sign and verify with each curve', function() { - const curves = ['secp256k1' , 'p256', 'p384', 'p521', 'curve25519', 'brainpoolP256r1', 'brainpoolP384r1', 'brainpoolP512r1']; + const curves = ['secp256k1' , 'p256', 'p384', 'p521', 'curve25519Legacy', 'brainpoolP256r1', 'brainpoolP384r1', 'brainpoolP512r1']; curves.forEach(curve => { it(`sign/verify with ${curve}`, async function() { const config = { rejectCurves: new Set() }; diff --git a/test/general/x25519.js b/test/general/x25519.js index f197c595..93bc8c26 100644 --- a/test/general/x25519.js +++ b/test/general/x25519.js @@ -219,7 +219,7 @@ export default () => (openpgp.config.ci ? describe.skip : describe)('X25519 Cryp describe('Ed25519 Test Vectors from RFC8032', function () { // https://tools.ietf.org/html/rfc8032#section-7.1 function testVector(vector) { - const curve = new elliptic.CurveWithOID('ed25519'); + const curve = new elliptic.CurveWithOID(openpgp.enums.curve.ed25519Legacy); const { publicKey } = nacl.sign.keyPair.fromSeed(util.hexToUint8Array(vector.SECRET_KEY)); expect(publicKey).to.deep.equal(util.hexToUint8Array(vector.PUBLIC_KEY)); const data = vector.MESSAGE; @@ -382,7 +382,7 @@ function omnibus() { it('Omnibus Ed25519/Curve25519 Test', function() { const options = { userIDs: { name: 'Hi', email: 'hi@hel.lo' }, - curve: 'ed25519', + curve: 'ed25519Legacy', format: 'object' }; return openpgp.generateKey(options).then(async function({ privateKey, publicKey }) { @@ -395,10 +395,10 @@ function omnibus() { const hi = privateKey; const primaryKey = hi.keyPacket; const subkey = hi.subkeys[0]; - expect(hi.getAlgorithmInfo().curve).to.equal('ed25519'); expect(hi.getAlgorithmInfo().algorithm).to.equal('eddsaLegacy'); - expect(subkey.getAlgorithmInfo().curve).to.equal('curve25519'); + expect(hi.getAlgorithmInfo().curve).to.equal('ed25519Legacy'); expect(subkey.getAlgorithmInfo().algorithm).to.equal('ecdh'); + expect(subkey.getAlgorithmInfo().curve).to.equal('curve25519Legacy'); // Verify that self Certificate is valid const user = hi.users[0]; @@ -410,15 +410,15 @@ function omnibus() { const options = { userIDs: { name: 'Bye', email: 'bye@good.bye' }, - curve: 'curve25519', + curve: 'curve25519Legacy', format: 'object' }; return openpgp.generateKey(options).then(async function({ privateKey: bye }) { - expect(bye.getAlgorithmInfo().curve).to.equal('ed25519'); expect(bye.getAlgorithmInfo().algorithm).to.equal('eddsaLegacy'); - expect(bye.subkeys[0].getAlgorithmInfo().curve).to.equal('curve25519'); + expect(bye.getAlgorithmInfo().curve).to.equal('ed25519Legacy'); expect(bye.subkeys[0].getAlgorithmInfo().algorithm).to.equal('ecdh'); + expect(bye.subkeys[0].getAlgorithmInfo().curve).to.equal('curve25519Legacy'); // Verify that self Certificate is valid const user = bye.users[0];