Rename config.useIndutnyElliptic to .useEllipticFallback

To reflect change of underlying library
2025-03-30 15:08:32 +00:00 · 2023-10-06 17:23:55 +02:00 · 2023-10-06 17:23:55 +02:00 · 7295a2e7b3
commit 7295a2e7b3
parent 909d44f436
7 changed files with 21 additions and 17 deletions
--- a/openpgp.d.ts
+++ b/openpgp.d.ts
@ -336,7 +336,7 @@ interface Config {
  s2kArgon2Params: { passes: number, parallelism: number; memoryExponent: number; };
  maxUserIDLength: number;
  knownNotations: string[];
-  useIndutnyElliptic: boolean;
+  useEllipticFallback: boolean;
  rejectHashAlgorithms: Set<enums.hash>;
  rejectMessageHashAlgorithms: Set<enums.hash>;
  rejectPublicKeyAlgorithms: Set<enums.publicKey>;
--- a/src/config/config.js
+++ b/src/config/config.js
@ -246,13 +246,12 @@ export default {
   */
  knownNotations: [],
  /**
-   * Whether to use the indutny/elliptic library for curves (other than Curve25519) that are not supported by the available native crypto API.
+   * Whether to use the the noble-curves library for curves (other than Curve25519) that are not supported by the available native crypto API.
   * When false, certain standard curves will not be supported (depending on the platform).
-   * Note: the indutny/elliptic curve library is not designed to be constant time.
   * @memberof module:config
-   * @property {Boolean} useIndutnyElliptic
+   * @property {Boolean} useEllipticFallback
   */
-  useIndutnyElliptic: true,
+  useEllipticFallback: true,
  /**
   * Reject insecure hash algorithms
   * @memberof module:config
--- a/src/crypto/public_key/elliptic/oid_curves.js
+++ b/src/crypto/public_key/elliptic/oid_curves.js
@ -33,6 +33,7 @@ import util from '../../../util';
 import { uint8ArrayToB64, b64ToUint8Array } from '../../../encoding/base64';
 import OID from '../../../type/oid';
 import { UnsupportedError } from '../../../packet/packet';
+import defaultConfig from '../../../config';

 const webCrypto = util.getWebCrypto();
 const nodeCrypto = util.getNodeCrypto();
@ -65,6 +66,10 @@ const nobleCurvess = {
  [enums.curve.brainpoolP512r1]: brainpoolP512r1
 };
 export const getNobleCurve = curveName => {
+  if (!defaultConfig.useEllipticFallback) {
+    // TODO make import dynamic
+    throw new Error('This curve is only supported in the full build of OpenPGP.js');
+  }
  const curve = nobleCurvess[curveName];
  if (!curve) throw new Error('Unsupported curve');
  return curve;
--- a/test/crypto/ecdh.js
+++ b/test/crypto/ecdh.js
@ -72,7 +72,7 @@ export default () => describe('ECDH key exchange @lightweight', function () {
    )).to.be.rejectedWith(Error, /Unknown curve/).notify(done);
  });
  it('Invalid ephemeral key', function (done) {
-    if (!openpgp.config.useIndutnyElliptic && !util.getNodeCrypto()) {
+    if (!openpgp.config.useEllipticFallback && !util.getNodeCrypto()) {
      this.skip();
    }
    expect(decrypt_message(
@ -80,7 +80,7 @@ export default () => describe('ECDH key exchange @lightweight', function () {
    )).to.be.rejectedWith(Error, /Private key is not valid for specified curve|second arg must be public key/).notify(done);
  });
  it('Invalid elliptic public key', function (done) {
-    if (!openpgp.config.useIndutnyElliptic && !util.getNodeCrypto()) {
+    if (!openpgp.config.useEllipticFallback && !util.getNodeCrypto()) {
      this.skip();
    }
    expect(decrypt_message(
@ -88,7 +88,7 @@ export default () => describe('ECDH key exchange @lightweight', function () {
    )).to.be.rejectedWith(/Public key is not valid for specified curve|Failed to translate Buffer to a EC_POINT|bad point/).notify(done);
  });
  it('Invalid key data integrity', function (done) {
-    if (!openpgp.config.useIndutnyElliptic && !util.getNodeCrypto()) {
+    if (!openpgp.config.useEllipticFallback && !util.getNodeCrypto()) {
      this.skip();
    }
    expect(decrypt_message(
@ -136,7 +136,7 @@ export default () => describe('ECDH key exchange @lightweight', function () {
  const ecdh = elliptic_curves.ecdh;

  it('Invalid curve', async function () {
-    if (!openpgp.config.useIndutnyElliptic && !util.getNodeCrypto()) {
+    if (!openpgp.config.useEllipticFallback && !util.getNodeCrypto()) {
      this.skip();
    }
    const curve = new elliptic_curves.CurveWithOID('secp256k1');
--- a/test/crypto/elliptic.js
+++ b/test/crypto/elliptic.js
@ -68,10 +68,10 @@ export default () => describe('Elliptic Curve Cryptography @lightweight', functi
      done();
    });
    it('Creating KeyPair', function () {
-      if (!config.useIndutnyElliptic && !util.getNodeCrypto()) {
+      if (!config.useEllipticFallback && !util.getNodeCrypto()) {
        this.skip();
      }
-      const names = config.useIndutnyElliptic ? ['p256', 'p384', 'p521', 'secp256k1', 'curve25519Legacy', 'brainpoolP256r1', 'brainpoolP384r1', 'brainpoolP512r1'] :
+      const names = config.useEllipticFallback ? ['p256', 'p384', 'p521', 'secp256k1', 'curve25519Legacy', 'brainpoolP256r1', 'brainpoolP384r1', 'brainpoolP512r1'] :
        ['p256', 'p384', 'p521', 'curve25519Legacy'];
      return Promise.all(names.map(function (name) {
        const curve = new elliptic_curves.CurveWithOID(name);
@ -186,7 +186,7 @@ export default () => describe('Elliptic Curve Cryptography @lightweight', functi
      )).to.be.rejectedWith(Error, /Unknown curve/);
    });
    it('secp256k1 - Invalid public key', async function () {
-      if (!config.useIndutnyElliptic && !util.getNodeCrypto()) {
+      if (!config.useEllipticFallback && !util.getNodeCrypto()) {
        this.skip(); // webcrypto does not implement secp256k1: JS fallback tested instead
      }
      await expect(verify_signature(
@ -197,7 +197,7 @@ export default () => describe('Elliptic Curve Cryptography @lightweight', functi
      )).to.eventually.be.false;
    });
    it('secp256k1 - Invalid point', async function () {
-      if (!config.useIndutnyElliptic && !util.getNodeCrypto()) {
+      if (!config.useEllipticFallback && !util.getNodeCrypto()) {
        this.skip(); // webcrypto does not implement secp256k1: JS fallback tested instead
      }
      await expect(verify_signature(
@ -205,7 +205,7 @@ export default () => describe('Elliptic Curve Cryptography @lightweight', functi
      )).to.eventually.be.false;
    });
    it('secp256k1 - Invalid signature', function (done) {
-      if (!config.useIndutnyElliptic && !util.getNodeCrypto()) {
+      if (!config.useEllipticFallback && !util.getNodeCrypto()) {
        this.skip(); // webcrypto does not implement secp256k1: JS fallback tested instead
      }
      expect(verify_signature(
--- a/test/general/brainpool.js
+++ b/test/general/brainpool.js
@ -13,7 +13,7 @@ export default () => (openpgp.config.ci ? describe.skip : describe)('Brainpool C
  let rejectCurvesVal;
  before(function() {
    //only x25519 crypto is fully functional in lightbuild
-    if (!openpgp.config.useIndutnyElliptic && !util.getNodeCrypto()) {
+    if (!openpgp.config.useEllipticFallback && !util.getNodeCrypto()) {
      this.skip(); // eslint-disable-line no-invalid-this
    }
  });
@ -283,7 +283,7 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g=
  });

  tryTests('Brainpool Omnibus Tests @lightweight', omnibus, {
-    if: openpgp.config.useIndutnyElliptic || util.getNodeCrypto()
+    if: openpgp.config.useEllipticFallback || util.getNodeCrypto()
  });
 });

--- a/test/general/ecc_secp256k1.js
+++ b/test/general/ecc_secp256k1.js
@ -6,7 +6,7 @@ import openpgp from '../initOpenpgp.js';
 import util from '../../src/util.js';

 export default () => describe('Elliptic Curve Cryptography for secp256k1 curve @lightweight', function () {
-  if (!openpgp.config.useIndutnyElliptic && !util.getNodeCrypto()) {
+  if (!openpgp.config.useEllipticFallback && !util.getNodeCrypto()) {
    before(function() {
      this.skip(); // eslint-disable-line no-invalid-this
    });