Mirroristas/openpgpjs
2
0
Fork 0
mirror of https://github.com/openpgpjs/openpgpjs.git synced 2025-10-14 00:59:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Release new version

Browse Source
This commit is contained in:
Daniel Huigens 2019-12-20 17:39:24 +01:00
parent 3d75efc1dc
commit ba944c8948
12 changed files with 56 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bower.json
View File

@ -1,6 +1,6 @@
{
"name": "openpgp",
"version": "4.7.1",
"version": "4.7.2",
"license": "LGPL-3.0+",
"homepage": "https://openpgpjs.org/",
"authors": [

55
dist/compat/openpgp.js vendored
View File

@ -31493,7 +31493,7 @@ exports.default = {
* @memberof module:config
* @property {String} versionstring A version string to be included in armored messages
*/
versionstring: "OpenPGP.js v4.7.1",
versionstring: "OpenPGP.js v4.7.2",
/**
* @memberof module:config
* @property {String} commentstring A comment string to be included in armored messages
@ -42764,7 +42764,7 @@ var wrapKeyObject = function () {
signaturePacket.preferredHashAlgorithms = createdPreferredAlgos([
// prefer fast asm.js implementations (SHA-256). SHA-1 will not be secure much longer...move to bottom of list
_enums2.default.hash.sha256, _enums2.default.hash.sha512, _enums2.default.hash.sha1], _config2.default.prefer_hash_algorithm);
signaturePacket.preferredCompressionAlgorithms = createdPreferredAlgos([_enums2.default.compression.zlib, _enums2.default.compression.zip], _config2.default.compression);
signaturePacket.preferredCompressionAlgorithms = createdPreferredAlgos([_enums2.default.compression.zlib, _enums2.default.compression.zip, _enums2.default.compression.uncompressed], _config2.default.compression);
if (index === 0) {
signaturePacket.isPrimaryUserID = true;
}
@ -43846,7 +43846,6 @@ var isAeadSupported = exports.isAeadSupported = function () {
exports.isDataExpired = isDataExpired;
exports.getExpirationTime = getExpirationTime;
exports.checkRevocationKey = checkRevocationKey;
exports.sanitizeKeyOptions = sanitizeKeyOptions;
exports.isValidSigningKeyPacket = isValidSigningKeyPacket;
exports.isValidEncryptionKeyPacket = isValidEncryptionKeyPacket;
@ -43889,18 +43888,6 @@ function isDataExpired(keyPacket, signature) {
expirationTime = keyPacket.created.getTime() + signature.keyExpirationTime * 1000;
}
return expirationTime ? new Date(expirationTime) : Infinity;
}
/**
* Check if signature has revocation key sub packet (not supported by OpenPGP.js)
* and throw error if found
* @param {module:packet.Signature} signature The certificate or signature to check
* @param {type/keyid} keyId Check only certificates or signatures from a certain issuer key ID
*/
function checkRevocationKey(signature, keyId) {
if (signature.revocationKeyClass !== null && signature.issuerKeyId.equals(keyId)) {
throw new Error('This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.');
}
}function sanitizeKeyOptions(options) {
var subkeyDefaults = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
@ -44133,7 +44120,6 @@ Key.prototype.packetlist2structure = function (packetlist) {
continue;
}
if (packetlist[i].issuerKeyId.equals(primaryKeyId)) {
helper.checkRevocationKey(packetlist[i], primaryKeyId);
user.selfCertifications.push(packetlist[i]);
} else {
user.otherCertifications.push(packetlist[i]);
@ -44147,7 +44133,6 @@ Key.prototype.packetlist2structure = function (packetlist) {
}
break;
case _enums2.default.signature.key:
helper.checkRevocationKey(packetlist[i], primaryKeyId);
this.directSignatures.push(packetlist[i]);
break;
case _enums2.default.signature.subkey_binding:
@ -44155,7 +44140,6 @@ Key.prototype.packetlist2structure = function (packetlist) {
_util2.default.print_debug('Dropping subkey binding signature without preceding subkey packet');
continue;
}
helper.checkRevocationKey(packetlist[i], primaryKeyId);
subKey.bindingSignatures.push(packetlist[i]);
break;
case _enums2.default.signature.key_revocation:
@ -55616,7 +55600,7 @@ Signature.prototype.verify = function () {
var _ref7 = (0, _asyncToGenerator3.default)( /*#__PURE__*/_regenerator2.default.mark(function _callee5(key, signatureType, data) {
var detached = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : false;
var streaming = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : false;
var publicKeyAlgorithm, hashAlgorithm, toHash, hash, mpicount, endian, mpi, i, j;
var publicKeyAlgorithm, hashAlgorithm, toHash, hash, verified, mpicount, endian, mpi, i, j;
return _regenerator2.default.wrap(function _callee5$(_context5) {
while (1) {
switch (_context5.prev = _context5.next) {
@ -55671,17 +55655,18 @@ Signature.prototype.verify = function () {
case 20:
hash = _context5.sent;
verified = void 0;
if (!(this.signedHashValue[0] !== hash[0] || this.signedHashValue[1] !== hash[1])) {
_context5.next = 25;
_context5.next = 26;
break;
}
this.verified = false;
_context5.next = 37;
verified = false;
_context5.next = 40;
break;
case 25:
case 26:
mpicount = 0;
// Algorithm-Specific Fields for RSA signatures:
// - multiprecision number (MPI) of RSA signature value m**d mod n.
@ -55701,26 +55686,34 @@ Signature.prototype.verify = function () {
endian = publicKeyAlgorithm === _enums2.default.publicKey.eddsa ? 'le' : 'be';
mpi = [];
i = 0;
_context5.next = 32;
_context5.next = 33;
return _webStreamTools2.default.readToEnd(this.signature);
case 32:
case 33:
this.signature = _context5.sent;
for (j = 0; j < mpicount; j++) {
mpi[j] = new _mpi2.default();
i += mpi[j].read(this.signature.subarray(i, this.signature.length), endian);
}
_context5.next = 36;
_context5.next = 37;
return _crypto2.default.signature.verify(publicKeyAlgorithm, hashAlgorithm, mpi, key.params, toHash, hash);
case 36:
this.verified = _context5.sent;
case 37:
return _context5.abrupt('return', this.verified);
verified = _context5.sent;
case 38:
if (!(verified && this.revocationKeyClass !== null)) {
_context5.next = 40;
break;
}
throw new Error('This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.');
case 40:
this.verified = verified;
return _context5.abrupt('return', verified);
case 42:
case 'end':
return _context5.stop();
}

4
dist/compat/openpgp.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
dist/compat/openpgp.worker.min.js vendored
View File

@ -1,2 +1,2 @@
/*! OpenPGP.js v4.7.1 - 2019-11-29 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
/*! OpenPGP.js v4.7.2 - 2019-12-20 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
!function(){return function e(n,t,r){function o(a,f){if(!t[a]){if(!n[a]){var s="function"==typeof require&&require;if(!f&&s)return s(a,!0);if(i)return i(a,!0);var u=new Error("Cannot find module '"+a+"'");throw u.code="MODULE_NOT_FOUND",u}var c=t[a]={exports:{}};n[a][0].call(c.exports,function(e){return o(n[a][1][e]||e)},c,c.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;function a(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}r.crypto.random.randomBuffer.init(i,function(){return o.length||self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data||{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array||(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var f=0;f<i.length;f++)i[f]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void a({id:e,event:"method-return",err:"Unknown Worker Event"});r.util.restoreStreams(t),t=r.packet.clone.parseClonedPackets(t,n),r[n](t).then(function(n){a({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),a({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options||{})}},postMessage({event:"loaded"})},{}]},{},[1]);

31
dist/lightweight/openpgp.js vendored
View File

@ -20665,7 +20665,7 @@ exports.default = {
* @memberof module:config
* @property {String} versionstring A version string to be included in armored messages
*/
versionstring: "OpenPGP.js v4.7.1",
versionstring: "OpenPGP.js v4.7.2",
/**
* @memberof module:config
* @property {String} commentstring A comment string to be included in armored messages
@ -28752,7 +28752,7 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
signaturePacket.preferredHashAlgorithms = createdPreferredAlgos([
// prefer fast asm.js implementations (SHA-256). SHA-1 will not be secure much longer...move to bottom of list
_enums2.default.hash.sha256, _enums2.default.hash.sha512, _enums2.default.hash.sha1], _config2.default.prefer_hash_algorithm);
signaturePacket.preferredCompressionAlgorithms = createdPreferredAlgos([_enums2.default.compression.zlib, _enums2.default.compression.zip], _config2.default.compression);
signaturePacket.preferredCompressionAlgorithms = createdPreferredAlgos([_enums2.default.compression.zlib, _enums2.default.compression.zip, _enums2.default.compression.uncompressed], _config2.default.compression);
if (index === 0) {
signaturePacket.isPrimaryUserID = true;
}
@ -28903,7 +28903,6 @@ exports.createSignaturePacket = createSignaturePacket;
exports.mergeSignatures = mergeSignatures;
exports.isDataRevoked = isDataRevoked;
exports.getExpirationTime = getExpirationTime;
exports.checkRevocationKey = checkRevocationKey;
exports.isAeadSupported = isAeadSupported;
exports.sanitizeKeyOptions = sanitizeKeyOptions;
exports.isValidSigningKeyPacket = isValidSigningKeyPacket;
@ -29184,18 +29183,6 @@ function getExpirationTime(keyPacket, signature) {
return expirationTime ? new Date(expirationTime) : Infinity;
}
/**
* Check if signature has revocation key sub packet (not supported by OpenPGP.js)
* and throw error if found
* @param {module:packet.Signature} signature The certificate or signature to check
* @param {type/keyid} keyId Check only certificates or signatures from a certain issuer key ID
*/
function checkRevocationKey(signature, keyId) {
if (signature.revocationKeyClass !== null && signature.issuerKeyId.equals(keyId)) {
throw new Error('This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.');
}
}
/**
* Returns whether aead is supported by all keys in the set
* @param {Array<module:key.Key>} keys Set of keys
@ -29432,7 +29419,6 @@ Key.prototype.packetlist2structure = function (packetlist) {
continue;
}
if (packetlist[i].issuerKeyId.equals(primaryKeyId)) {
helper.checkRevocationKey(packetlist[i], primaryKeyId);
user.selfCertifications.push(packetlist[i]);
} else {
user.otherCertifications.push(packetlist[i]);
@ -29446,7 +29432,6 @@ Key.prototype.packetlist2structure = function (packetlist) {
}
break;
case _enums2.default.signature.key:
helper.checkRevocationKey(packetlist[i], primaryKeyId);
this.directSignatures.push(packetlist[i]);
break;
case _enums2.default.signature.subkey_binding:
@ -29454,7 +29439,6 @@ Key.prototype.packetlist2structure = function (packetlist) {
_util2.default.print_debug('Dropping subkey binding signature without preceding subkey packet');
continue;
}
helper.checkRevocationKey(packetlist[i], primaryKeyId);
subKey.bindingSignatures.push(packetlist[i]);
break;
case _enums2.default.signature.key_revocation:
@ -36074,8 +36058,9 @@ Signature.prototype.verify = async function (key, signatureType, data, detached
hash = await this.hash(signatureType, data, toHash);
}
hash = await _webStreamTools2.default.readToEnd(hash);
let verified;
if (this.signedHashValue[0] !== hash[0] || this.signedHashValue[1] !== hash[1]) {
this.verified = false;
verified = false;
} else {
let mpicount = 0;
// Algorithm-Specific Fields for RSA signatures:
@ -36100,9 +36085,13 @@ Signature.prototype.verify = async function (key, signatureType, data, detached
mpi[j] = new _mpi2.default();
i += mpi[j].read(this.signature.subarray(i, this.signature.length), endian);
}
this.verified = await _crypto2.default.signature.verify(publicKeyAlgorithm, hashAlgorithm, mpi, key.params, toHash, hash);
verified = await _crypto2.default.signature.verify(publicKeyAlgorithm, hashAlgorithm, mpi, key.params, toHash, hash);
if (verified && this.revocationKeyClass !== null) {
throw new Error('This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.');
}
return this.verified;
}
this.verified = verified;
return verified;
};
/**

4
dist/lightweight/openpgp.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
dist/lightweight/openpgp.worker.min.js vendored
View File

@ -1,2 +1,2 @@
/*! OpenPGP.js v4.7.1 - 2019-11-29 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
/*! OpenPGP.js v4.7.2 - 2019-12-20 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
!function(){return function e(n,t,r){function o(a,f){if(!t[a]){if(!n[a]){var s="function"==typeof require&&require;if(!f&&s)return s(a,!0);if(i)return i(a,!0);var u=new Error("Cannot find module '"+a+"'");throw u.code="MODULE_NOT_FOUND",u}var c=t[a]={exports:{}};n[a][0].call(c.exports,function(e){return o(n[a][1][e]||e)},c,c.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;function a(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}r.crypto.random.randomBuffer.init(i,function(){return o.length||self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data||{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array||(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var f=0;f<i.length;f++)i[f]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void a({id:e,event:"method-return",err:"Unknown Worker Event"});r.util.restoreStreams(t),t=r.packet.clone.parseClonedPackets(t,n),r[n](t).then(function(n){a({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),a({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options||{})}},postMessage({event:"loaded"})},{}]},{},[1]);

31
dist/openpgp.js vendored
View File

@ -25052,7 +25052,7 @@ exports.default = {
* @memberof module:config
* @property {String} versionstring A version string to be included in armored messages
*/
versionstring: "OpenPGP.js v4.7.1",
versionstring: "OpenPGP.js v4.7.2",
/**
* @memberof module:config
* @property {String} commentstring A comment string to be included in armored messages
@ -33139,7 +33139,7 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
signaturePacket.preferredHashAlgorithms = createdPreferredAlgos([
// prefer fast asm.js implementations (SHA-256). SHA-1 will not be secure much longer...move to bottom of list
_enums2.default.hash.sha256, _enums2.default.hash.sha512, _enums2.default.hash.sha1], _config2.default.prefer_hash_algorithm);
signaturePacket.preferredCompressionAlgorithms = createdPreferredAlgos([_enums2.default.compression.zlib, _enums2.default.compression.zip], _config2.default.compression);
signaturePacket.preferredCompressionAlgorithms = createdPreferredAlgos([_enums2.default.compression.zlib, _enums2.default.compression.zip, _enums2.default.compression.uncompressed], _config2.default.compression);
if (index === 0) {
signaturePacket.isPrimaryUserID = true;
}
@ -33290,7 +33290,6 @@ exports.createSignaturePacket = createSignaturePacket;
exports.mergeSignatures = mergeSignatures;
exports.isDataRevoked = isDataRevoked;
exports.getExpirationTime = getExpirationTime;
exports.checkRevocationKey = checkRevocationKey;
exports.isAeadSupported = isAeadSupported;
exports.sanitizeKeyOptions = sanitizeKeyOptions;
exports.isValidSigningKeyPacket = isValidSigningKeyPacket;
@ -33571,18 +33570,6 @@ function getExpirationTime(keyPacket, signature) {
return expirationTime ? new Date(expirationTime) : Infinity;
}
/**
* Check if signature has revocation key sub packet (not supported by OpenPGP.js)
* and throw error if found
* @param {module:packet.Signature} signature The certificate or signature to check
* @param {type/keyid} keyId Check only certificates or signatures from a certain issuer key ID
*/
function checkRevocationKey(signature, keyId) {
if (signature.revocationKeyClass !== null && signature.issuerKeyId.equals(keyId)) {
throw new Error('This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.');
}
}
/**
* Returns whether aead is supported by all keys in the set
* @param {Array<module:key.Key>} keys Set of keys
@ -33819,7 +33806,6 @@ Key.prototype.packetlist2structure = function (packetlist) {
continue;
}
if (packetlist[i].issuerKeyId.equals(primaryKeyId)) {
helper.checkRevocationKey(packetlist[i], primaryKeyId);
user.selfCertifications.push(packetlist[i]);
} else {
user.otherCertifications.push(packetlist[i]);
@ -33833,7 +33819,6 @@ Key.prototype.packetlist2structure = function (packetlist) {
}
break;
case _enums2.default.signature.key:
helper.checkRevocationKey(packetlist[i], primaryKeyId);
this.directSignatures.push(packetlist[i]);
break;
case _enums2.default.signature.subkey_binding:
@ -33841,7 +33826,6 @@ Key.prototype.packetlist2structure = function (packetlist) {
_util2.default.print_debug('Dropping subkey binding signature without preceding subkey packet');
continue;
}
helper.checkRevocationKey(packetlist[i], primaryKeyId);
subKey.bindingSignatures.push(packetlist[i]);
break;
case _enums2.default.signature.key_revocation:
@ -40461,8 +40445,9 @@ Signature.prototype.verify = async function (key, signatureType, data, detached
hash = await this.hash(signatureType, data, toHash);
}
hash = await _webStreamTools2.default.readToEnd(hash);
let verified;
if (this.signedHashValue[0] !== hash[0] || this.signedHashValue[1] !== hash[1]) {
this.verified = false;
verified = false;
} else {
let mpicount = 0;
// Algorithm-Specific Fields for RSA signatures:
@ -40487,9 +40472,13 @@ Signature.prototype.verify = async function (key, signatureType, data, detached
mpi[j] = new _mpi2.default();
i += mpi[j].read(this.signature.subarray(i, this.signature.length), endian);
}
this.verified = await _crypto2.default.signature.verify(publicKeyAlgorithm, hashAlgorithm, mpi, key.params, toHash, hash);
verified = await _crypto2.default.signature.verify(publicKeyAlgorithm, hashAlgorithm, mpi, key.params, toHash, hash);
if (verified && this.revocationKeyClass !== null) {
throw new Error('This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.');
}
return this.verified;
}
this.verified = verified;
return verified;
};
/**

4
dist/openpgp.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
dist/openpgp.worker.min.js vendored
View File

@ -1,2 +1,2 @@
/*! OpenPGP.js v4.7.1 - 2019-11-29 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
/*! OpenPGP.js v4.7.2 - 2019-12-20 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
!function(){return function e(n,t,r){function o(a,f){if(!t[a]){if(!n[a]){var s="function"==typeof require&&require;if(!f&&s)return s(a,!0);if(i)return i(a,!0);var u=new Error("Cannot find module '"+a+"'");throw u.code="MODULE_NOT_FOUND",u}var c=t[a]={exports:{}};n[a][0].call(c.exports,function(e){return o(n[a][1][e]||e)},c,c.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;function a(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}r.crypto.random.randomBuffer.init(i,function(){return o.length||self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data||{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array||(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var f=0;f<i.length;f++)i[f]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void a({id:e,event:"method-return",err:"Unknown Worker Event"});r.util.restoreStreams(t),t=r.packet.clone.parseClonedPackets(t,n),r[n](t).then(function(n){a({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),a({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options||{})}},postMessage({event:"loaded"})},{}]},{},[1]);

2
npm-shrinkwrap.json generated
View File

@ -1,6 +1,6 @@
{
"name": "openpgp",
"version": "4.7.1",
"version": "4.7.2",
"lockfileVersion": 1,
"requires": true,
"dependencies": {

2
package.json
View File

@ -1,7 +1,7 @@
{
"name": "openpgp",
"description": "OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.",
"version": "4.7.1",
"version": "4.7.2",
"license": "LGPL-3.0+",
"homepage": "https://openpgpjs.org/",
"engines": {