mirror of
https://github.com/openpgpjs/openpgpjs.git
synced 2026-03-11 03:04:44 +00:00
Add config parameter to top-level functions (#1241)
Refactor functions to take the configuration as a parameter.
This allows setting a config option for a single function call, whereas
setting `openpgp.config` could lead to concurrency-related issues when
multiple async function calls are made at the same time.
`openpgp.config` is used as default for unset config values in top-level
functions.
`openpgp.config` is used as default config object in low-level functions
(i.e., when calling a low-level function, it may be required to pass
`{ ...openpgp.config, modifiedConfig: modifiedValue }`).
Also,
- remove `config.rsaBlinding`: blinding is now always applied to RSA decryption
- remove `config.debug`: debugging mode can be enabled by setting
`process.env.NODE_ENV = 'development'`
- remove `config.useNative`: native crypto is always used when available
This commit is contained in:
larabr
@@ -28,7 +28,6 @@ import { AES_CFB } from 'asmcrypto.js/dist_es8/aes/cfb';
|
||||
|
||||
import stream from 'web-stream-tools';
|
||||
import * as cipher from './cipher';
|
||||
import config from '../config';
|
||||
import util from '../util';
|
||||
|
||||
const webCrypto = util.getWebCrypto();
|
||||
@@ -47,12 +46,12 @@ const nodeAlgos = {
|
||||
/* twofish is not implemented in OpenSSL */
|
||||
};
|
||||
|
||||
export async function encrypt(algo, key, plaintext, iv) {
|
||||
export async function encrypt(algo, key, plaintext, iv, config) {
|
||||
if (util.getNodeCrypto() && nodeAlgos[algo]) { // Node crypto library.
|
||||
return nodeEncrypt(algo, key, plaintext, iv);
|
||||
}
|
||||
if (algo.substr(0, 3) === 'aes') {
|
||||
return aesEncrypt(algo, key, plaintext, iv);
|
||||
return aesEncrypt(algo, key, plaintext, iv, config);
|
||||
}
|
||||
|
||||
const cipherfn = new cipher[algo](key);
|
||||
@@ -113,7 +112,7 @@ export async function decrypt(algo, key, ciphertext, iv) {
|
||||
return stream.transform(ciphertext, process, process);
|
||||
}
|
||||
|
||||
function aesEncrypt(algo, key, pt, iv) {
|
||||
function aesEncrypt(algo, key, pt, iv, config) {
|
||||
if (
|
||||
util.getWebCrypto() &&
|
||||
key.length !== 24 && // Chrome doesn't support 192 bit keys, see https://www.chromium.org/blink/webcrypto#TOC-AES-support
|
||||
|
||||
@@ -6,7 +6,6 @@
|
||||
* @requires hash.js
|
||||
* @requires web-stream-tools
|
||||
* @requires crypto/hash/md5
|
||||
* @requires config
|
||||
* @requires util
|
||||
* @module crypto/hash
|
||||
*/
|
||||
@@ -19,8 +18,8 @@ import sha512 from 'hash.js/lib/hash/sha/512';
|
||||
import { ripemd160 } from 'hash.js/lib/hash/ripemd';
|
||||
import stream from 'web-stream-tools';
|
||||
import md5 from './md5';
|
||||
import config from '../../config';
|
||||
import util from '../../util';
|
||||
import defaultConfig from '../../config';
|
||||
|
||||
const webCrypto = util.getWebCrypto();
|
||||
const nodeCrypto = util.getNodeCrypto();
|
||||
@@ -36,7 +35,7 @@ function node_hash(type) {
|
||||
}
|
||||
|
||||
function hashjs_hash(hash, webCryptoHash) {
|
||||
return async function(data) {
|
||||
return async function(data, config = defaultConfig) {
|
||||
if (!util.isStream(data) && webCrypto && webCryptoHash && data.length >= config.minBytesForWebCrypto) {
|
||||
return new Uint8Array(await webCrypto.digest(webCryptoHash, data));
|
||||
}
|
||||
@@ -48,7 +47,7 @@ function hashjs_hash(hash, webCryptoHash) {
|
||||
}
|
||||
|
||||
function asmcrypto_hash(hash, webCryptoHash) {
|
||||
return async function(data) {
|
||||
return async function(data, config = defaultConfig) {
|
||||
if (util.isStream(data)) {
|
||||
const hashInstance = new hash();
|
||||
return stream.transform(data, value => {
|
||||
|
||||
@@ -26,7 +26,6 @@
|
||||
|
||||
import { randomProbablePrime } from './prime';
|
||||
import { getRandomBigInteger } from '../random';
|
||||
import config from '../../config';
|
||||
import util from '../../util';
|
||||
import { uint8ArrayToB64, b64ToUint8Array } from '../../encoding/base64';
|
||||
import { emsaEncode, emeEncode, emeDecode } from '../pkcs1';
|
||||
@@ -528,13 +527,10 @@ async function bnDecrypt(data, n, e, d, p, q, u) {
|
||||
const dq = d.mod(q.dec()); // d mod (q-1)
|
||||
const dp = d.mod(p.dec()); // d mod (p-1)
|
||||
|
||||
let blinder;
|
||||
let unblinder;
|
||||
if (config.rsaBlinding) {
|
||||
unblinder = (await getRandomBigInteger(new BigInteger(2), n)).mod(n);
|
||||
blinder = unblinder.modInv(n).modExp(e, n);
|
||||
data = data.mul(blinder).mod(n);
|
||||
}
|
||||
const unblinder = (await getRandomBigInteger(new BigInteger(2), n)).mod(n);
|
||||
const blinder = unblinder.modInv(n).modExp(e, n);
|
||||
data = data.mul(blinder).mod(n);
|
||||
|
||||
|
||||
const mp = data.modExp(dp, p); // data**{d mod (q-1)} mod p
|
||||
const mq = data.modExp(dq, q); // data**{d mod (p-1)} mod q
|
||||
@@ -542,9 +538,8 @@ async function bnDecrypt(data, n, e, d, p, q, u) {
|
||||
|
||||
let result = h.mul(p).add(mp); // result < n due to relations above
|
||||
|
||||
if (config.rsaBlinding) {
|
||||
result = result.mul(unblinder).mod(n);
|
||||
}
|
||||
result = result.mul(unblinder).mod(n);
|
||||
|
||||
|
||||
return emeDecode(result.toUint8Array('be', n.byteLength()));
|
||||
}
|
||||
|
||||
@@ -24,8 +24,7 @@
|
||||
*/
|
||||
import util from '../util';
|
||||
|
||||
// Do not use util.getNodeCrypto because we need this regardless of useNative setting
|
||||
const nodeCrypto = util.detectNode() && require('crypto');
|
||||
const nodeCrypto = util.getNodeCrypto();
|
||||
|
||||
/**
|
||||
* Buffer for secure random numbers
|
||||
|
||||
Reference in New Issue
Block a user