diff --git a/openpgp.d.ts b/openpgp.d.ts index e674c017..049c0d53 100644 --- a/openpgp.d.ts +++ b/openpgp.d.ts @@ -329,7 +329,7 @@ interface Config { allowInsecureVerificationWithReformattedKeys: boolean; constantTimePKCS1Decryption: boolean; constantTimePKCS1DecryptionSupportedSymmetricAlgorithms: Set; - v5Keys: boolean; + v6Keys: boolean; preferredAEADAlgorithm: enums.aead; aeadChunkSizeByte: number; s2kType: enums.s2k.iterated | enums.s2k.argon2; diff --git a/src/config/config.js b/src/config/config.js index 1e6bd3ef..e7f68435 100644 --- a/src/config/config.js +++ b/src/config/config.js @@ -68,13 +68,13 @@ export default { */ aeadChunkSizeByte: 12, /** - * Use V5 keys. + * Use v6 keys. * Note: not all OpenPGP implementations are compatible with this option. * **FUTURE OPENPGP.JS VERSIONS MAY BREAK COMPATIBILITY WHEN USING THIS OPTION** * @memberof module:config - * @property {Boolean} v5Keys + * @property {Boolean} v6Keys */ - v5Keys: false, + v6Keys: false, /** * S2K (String to Key) type, used for key derivation in the context of secret key encryption * and password-encrypted data. Weaker s2k options are not allowed. diff --git a/src/key/factory.js b/src/key/factory.js index 44d7462f..7a150aaf 100644 --- a/src/key/factory.js +++ b/src/key/factory.js @@ -232,9 +232,6 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options, conf if (config.aeadProtect) { signatureProperties.features[0] |= enums.features.aead; } - if (config.v5Keys) { - signatureProperties.features[0] |= enums.features.v5Keys; - } if (options.keyExpirationTime > 0) { signatureProperties.keyExpirationTime = options.keyExpirationTime; signatureProperties.keyNeverExpires = false; diff --git a/src/packet/public_key.js b/src/packet/public_key.js index d9d038f2..af81f3a9 100644 --- a/src/packet/public_key.js +++ b/src/packet/public_key.js @@ -47,7 +47,7 @@ class PublicKeyPacket { * Packet version * @type {Integer} */ - this.version = config.v5Keys ? 5 : 4; + this.version = config.v6Keys ? 6 : 4; /** * Key creation date. * @type {Date} diff --git a/test/general/config.js b/test/general/config.js index 038e72f5..73363792 100644 --- a/test/general/config.js +++ b/test/general/config.js @@ -116,10 +116,10 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI }); it('openpgp.generateKey', async function() { - const v5KeysVal = openpgp.config.v5Keys; + const v6KeysVal = openpgp.config.v6Keys; const preferredHashAlgorithmVal = openpgp.config.preferredHashAlgorithm; const showCommentVal = openpgp.config.showComment; - openpgp.config.v5Keys = false; + openpgp.config.v6Keys = false; openpgp.config.preferredHashAlgorithm = openpgp.enums.hash.sha256; openpgp.config.showComment = false; @@ -134,7 +134,7 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI expect(key.users[0].selfCertifications[0].preferredHashAlgorithms[0]).to.equal(openpgp.config.preferredHashAlgorithm); const config = { - v5Keys: true, + v6Keys: true, showComment: true, preferredHashAlgorithm: openpgp.enums.hash.sha512 }; @@ -144,11 +144,11 @@ n9/quqtmyOtYOA6gXNCw0Fal3iANKBmsPmYI }; const { privateKey: privateKeyArmored2 } = await openpgp.generateKey(opt2); const key2 = await openpgp.readKey({ armoredKey: privateKeyArmored2 }); - expect(key2.keyPacket.version).to.equal(5); + expect(key2.keyPacket.version).to.equal(6); expect(privateKeyArmored2.indexOf(openpgp.config.commentString) > 0).to.be.true; expect(key2.users[0].selfCertifications[0].preferredHashAlgorithms[0]).to.equal(config.preferredHashAlgorithm); } finally { - openpgp.config.v5Keys = v5KeysVal; + openpgp.config.v6Keys = v6KeysVal; openpgp.config.preferredHashAlgorithm = preferredHashAlgorithmVal; openpgp.config.showComment = showCommentVal; } diff --git a/test/general/key.js b/test/general/key.js index 661f1904..04a99541 100644 --- a/test/general/key.js +++ b/test/general/key.js @@ -2258,7 +2258,7 @@ function versionSpecificTests() { expect(key.users[0].selfCertifications[0].preferredCompressionAlgorithms).to.eql([compr.uncompressed, compr.zlib, compr.zip]); let expectedFeatures; - if (openpgp.config.v5Keys) { + if (openpgp.config.v6Keys) { expectedFeatures = [7]; // v5 + aead + mdc } else if (openpgp.config.aeadProtect) { expectedFeatures = [3]; // aead + mdc @@ -2303,7 +2303,7 @@ function versionSpecificTests() { expect(key.users[0].selfCertifications[0].preferredCompressionAlgorithms).to.eql([compr.zip, compr.zlib, compr.uncompressed]); let expectedFeatures; - if (openpgp.config.v5Keys) { + if (openpgp.config.v6Keys) { expectedFeatures = [7]; // v5 + aead + mdc } else if (openpgp.config.aeadProtect) { expectedFeatures = [3]; // aead + mdc @@ -2894,30 +2894,30 @@ function versionSpecificTests() { } export default () => describe('Key', function() { - let v5KeysVal; + let v6KeysVal; let aeadProtectVal; tryTests('V4', versionSpecificTests, { if: !openpgp.config.ci, beforeEach: function() { - v5KeysVal = openpgp.config.v5Keys; - openpgp.config.v5Keys = false; + v6KeysVal = openpgp.config.v6Keys; + openpgp.config.v6Keys = false; }, afterEach: function() { - openpgp.config.v5Keys = v5KeysVal; + openpgp.config.v6Keys = v6KeysVal; } }); - tryTests('V5', versionSpecificTests, { + tryTests('V6', versionSpecificTests, { if: !openpgp.config.ci, beforeEach: function() { - v5KeysVal = openpgp.config.v5Keys; + v6KeysVal = openpgp.config.v6Keys; aeadProtectVal = openpgp.config.aeadProtect; - openpgp.config.v5Keys = true; + openpgp.config.v6Keys = true; openpgp.config.aeadProtect = true; }, afterEach: function() { - openpgp.config.v5Keys = v5KeysVal; + openpgp.config.v6Keys = v6KeysVal; openpgp.config.aeadProtect = aeadProtectVal; } }); diff --git a/test/general/openpgp.js b/test/general/openpgp.js index 06326518..20a8e1ac 100644 --- a/test/general/openpgp.js +++ b/test/general/openpgp.js @@ -2231,7 +2231,7 @@ XfA3pqV4mTzF let aeadProtectVal; let preferredAEADAlgorithmVal; let aeadChunkSizeByteVal; - let v5KeysVal; + let v6KeysVal; let minRSABitsVal; beforeEach(async function() { @@ -2248,7 +2248,7 @@ XfA3pqV4mTzF aeadProtectVal = openpgp.config.aeadProtect; preferredAEADAlgorithmVal = openpgp.config.preferredAEADAlgorithm; aeadChunkSizeByteVal = openpgp.config.aeadChunkSizeByte; - v5KeysVal = openpgp.config.v5Keys; + v6KeysVal = openpgp.config.v6Keys; minRSABitsVal = openpgp.config.minRSABits; openpgp.config.minRSABits = 512; @@ -2258,7 +2258,7 @@ XfA3pqV4mTzF openpgp.config.aeadProtect = aeadProtectVal; openpgp.config.preferredAEADAlgorithm = preferredAEADAlgorithmVal; openpgp.config.aeadChunkSizeByte = aeadChunkSizeByteVal; - openpgp.config.v5Keys = v5KeysVal; + openpgp.config.v6Keys = v6KeysVal; openpgp.config.minRSABits = minRSABitsVal; }); @@ -2293,12 +2293,12 @@ XfA3pqV4mTzF } }); - tryTests('GCM mode (V5 keys)', tests, { + tryTests('GCM mode (V6 keys)', tests, { if: true, beforeEach: function() { openpgp.config.aeadProtect = true; openpgp.config.preferredAEADAlgorithm = openpgp.enums.aead.experimentalGCM; - openpgp.config.v5Keys = true; + openpgp.config.v6Keys = true; // Monkey-patch AEAD feature flag publicKey.users[0].selfCertifications[0].features = [7]; diff --git a/test/general/packet.js b/test/general/packet.js index ced7121c..dca36ead 100644 --- a/test/general/packet.js +++ b/test/general/packet.js @@ -854,8 +854,36 @@ V+HOQJQxXJkVRYa3QrFUehiMzTeqqMdgC6ZqJy7+ }); it('Writing of unencrypted v5 secret key packet', async function() { - const originalV5KeysSetting = openpgp.config.v5Keys; - openpgp.config.v5Keys = true; + const packet = new openpgp.SecretKeyPacket(); + packet.version = 5; + packet.privateParams = { key: new Uint8Array([1, 2, 3]) }; + packet.publicParams = { pubKey: new Uint8Array([4, 5, 6]) }; + packet.algorithm = openpgp.enums.publicKey.rsaSign; + packet.isEncrypted = false; + packet.s2kUsage = 0; + + const written = packet.write(); + expect(written.length).to.equal(28); + + /* The serialized length of private data */ + expect(written[17]).to.equal(0); + expect(written[18]).to.equal(0); + expect(written[19]).to.equal(0); + expect(written[20]).to.equal(5); + + /** + * The private data + * + * The 2 bytes missing here are the length prefix of the MPI + */ + expect(written[23]).to.equal(1); + expect(written[24]).to.equal(2); + expect(written[25]).to.equal(3); + }); + + it('Writing of unencrypted v6 secret key packet', async function() { + const originalv6KeysSetting = openpgp.config.v6Keys; + openpgp.config.v6Keys = true; try { const packet = new openpgp.SecretKeyPacket(); @@ -867,24 +895,18 @@ V+HOQJQxXJkVRYa3QrFUehiMzTeqqMdgC6ZqJy7+ packet.s2kUsage = 0; const written = packet.write(); - expect(written.length).to.equal(28); - - /* The serialized length of private data */ - expect(written[17]).to.equal(0); - expect(written[18]).to.equal(0); - expect(written[19]).to.equal(0); - expect(written[20]).to.equal(5); + expect(written.length).to.equal(21); /** * The private data * * The 2 bytes missing here are the length prefix of the MPI */ - expect(written[23]).to.equal(1); - expect(written[24]).to.equal(2); - expect(written[25]).to.equal(3); + expect(written[18]).to.equal(1); + expect(written[19]).to.equal(2); + expect(written[20]).to.equal(3); } finally { - openpgp.config.v5Keys = originalV5KeysSetting; + openpgp.config.v6Keys = originalv6KeysSetting; } }); diff --git a/test/typescript/definitions.ts b/test/typescript/definitions.ts index c3513ef4..94983043 100644 --- a/test/typescript/definitions.ts +++ b/test/typescript/definitions.ts @@ -21,7 +21,7 @@ import { (async () => { // Generate keys - const keyOptions = { userIDs: [{ email: 'user@corp.co' }], config: { v5Keys: true } }; + const keyOptions = { userIDs: [{ email: 'user@corp.co' }], config: { v6Keys: true } }; const { privateKey: privateKeyArmored, publicKey: publicKeyArmored } = await generateKey(keyOptions); const { privateKey: privateKeyBinary } = await generateKey({ ...keyOptions, format: 'binary' }); const { privateKey, publicKey, revocationCertificate } = await generateKey({ ...keyOptions, format: 'object' });