Also, when generating RSA keys in JS, generate them with p < q, as per
the spec.
Also, when generating RSA keys using Web Crypto or Node crypto, swap the
generated p and q around, so that will satisfy p < q in most browsers
(but not old Microsoft Edge, 50% of the time) and so that we can use the
generated u coefficient (p^-1 mod q in OpenPGP, q^-1 mod p in RFC3447).
Then, when signing and verifying, swap p and q again, so that the key
hopefully satisfies Safari's requirement that p > q, and so that we can
keep using u again.
Backtracking regexes have pathological worst-case performance when
a long line contains a large amount of whitespace not followed by
a newline, since the regex engine will attempt to match the regex
at each whitespace character, read ahead to the non-whitespace non-
newline, declare no match, and try again at the next whitespace.
E.g. try running
util.removeTrailingSpaces(new Array(1e6).join(' ') + 'a').length
which would hang V8.
- Don't add an extraneous newline at the end of base64-encoded data
if it is a multiple of 60 characters long.
- Generate \r\n instead of \n in base64-encoded data.
- Generate one newline instead of two after END PGP PUBLIC KEY BLOCK
for consistency with the other footers.
Also, add a "asStream" parameter to high-level functions to control
whether the return value is a Stream; defaulting to whether the
parameter passed was a Stream.
- Allow leading spaces in headers (since we were already accepting
leading spaces everywhere else in the armored text).
- Read ReadableStreams before passing them to a Worker
* Various FIXME tags are removed
* In curve.js:
- webCrypto/nodeCrypto fallback bug is fixed
- Curve25519 has keyType ecdsa (won't be used for signing, but technically can be)
- webGenKeyPair is simplifed
* In base64.js:
- documentation added and arguments simplified
* In ecdsa.js and eddsa.js:
- hash_algo is now at least as strong as the default curve hash
- simplified the code by moving webSign/nodeSign and webVerify/nodeVerify to live in key.js (ht @ismaelbej)
* In message.js:
- in decryptSessionKey, loops break once a key packet is decrypted
* In key.js:
- getPreferredHashAlgorithm returns the best hash algorithm
- enums are used for curve selection
