Mirroristas/openpgpjs
2
0
Fork 0
mirror of https://github.com/openpgpjs/openpgpjs.git synced 2025-11-26 15:35:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Disallow using Simple S2K with version 6 keys

Browse Source 
RFC9580 says that:

   [The Simple S2K method] is used only for reading in
   backwards compatibility mode.

Since V6 keys don't need backwards compatibility, disallow using
Simple S2K there.
This commit is contained in:
Daniel Huigens 2024-07-04 21:59:01 +02:00
parent dbeafcd6ca
commit 61ad406138
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/packet/secret_key.js
View File

@ -571,6 +571,9 @@ async function produceEncryptionKey(keyVersion, s2k, passphrase, cipherAlgo, aea
if (s2k.type === 'argon2' && !aeadMode) {
throw new Error('Using Argon2 S2K without AEAD is not allowed');
}
if (s2k.type === 'simple' && keyVersion === 6) {
throw new Error('Using Simple S2K with version 6 keys is not allowed');
}
const { keySize } = crypto.getCipherParams(cipherAlgo);
const derivedKey = await s2k.produceKey(passphrase, keySize);
if (!aeadMode || keyVersion === 5 || isLegacyAEAD) {