Add config.rejectPublicKeyAlgorithms (#1264)

- Add `config.rejectPublicKeyAlgorithms` to disallow using the given algorithms to verify, sign or encrypt new messages or third-party certifications. - Consider `config.minRsaBits` when signing, verifying and encrypting messages and third-party certifications, not just on key generation. - When verifying a message, if the verification key is not found (i.e. not provided or too weak), the corresponding `signature` will have `signature.valid=false` (used to be `signature.valid=null`). `signature.error` will detail whether the key is missing/too weak/etc. Generating and verifying key certification signatures is still permitted in all cases.
2026-03-11 03:04:44 +00:00 · 2021-03-25 15:08:49 +01:00
parent 3e808c1578
commit 8a57246ec4
17 changed files with 759 additions and 518 deletions
--- a/src/util.js
+++ b/src/util.js
@@ -192,15 +192,28 @@ const util = {
   * @returns {Uint8Array} MPI-formatted Uint8Array.
   */
  uint8ArrayToMpi: function (bin) {
+    const bitSize = util.uint8ArrayBitLength(bin);
+    if (bitSize === 0) {
+      throw new Error('Zero MPI');
+    }
+    const stripped = bin.subarray(bin.length - Math.ceil(bitSize / 8));
+    const prefix = Uint8Array.from([(bitSize & 0xFF00) >> 8, bitSize & 0xFF]);
+    return util.concatUint8Array([prefix, stripped]);
+  },
+
+  /**
+   * Return bit length of the input data
+   * @param {Uint8Array} bin input data (big endian)
+   * @returns bit length
+   */
+  uint8ArrayBitLength: function (bin) {
    let i; // index of leading non-zero byte
    for (i = 0; i < bin.length; i++) if (bin[i] !== 0) break;
    if (i === bin.length) {
-      throw new Error('Zero MPI');
+      return 0;
    }
    const stripped = bin.subarray(i);
-    const size = (stripped.length - 1) * 8 + util.nbits(stripped[0]);
-    const prefix = Uint8Array.from([(size & 0xFF00) >> 8, size & 0xFF]);
-    return util.concatUint8Array([prefix, stripped]);
+    return (stripped.length - 1) * 8 + util.nbits(stripped[0]);
  },

  /**