Mirroristas/openpgpjs
2
0
Fork 0
mirror of https://github.com/openpgpjs/openpgpjs.git synced 2025-06-22 14:12:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,578 Commits 6 Branches 185 Tags 57 MiB
Commit Graph

2578 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
b31bc89854
Tests: bump playwright from 1.52.0 to 1.53.0 (#1861) 
Bumps [playwright](https://github.com/microsoft/playwright) from 1.52.0 to 1.53.0.
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](https://github.com/microsoft/playwright/compare/v1.52.0...v1.53.0)

---
updated-dependencies:
- dependency-name: playwright
  dependency-version: 1.53.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-11 16:32:54 +02:00
Kevin Kredit
38c56f84c2
Improve type definition for the User class (#1857) 2025-05-28 20:55:16 +02:00
larabr
88cd1810a3 Implement OpenPGP message grammar validation (add config.enforceGrammar) 
It enforces a message structure as defined in
https://www.rfc-editor.org/rfc/rfc9580.html#section-10.3
(but slightly more permissive with Padding packets allowed in all cases).
Since we are unclear on whether this change might
impact handling of some messages in the wild, generated by
odd use-cases or non-conformant implementations, we
also add the option to disable the grammar check via
`config.enforceGrammar`.

GrammarErrors are only sensitive in the context of
unauthenticated decrypted streams.
 2025-05-20 14:17:13 +02:00
larabr
4c4ebe4a76 Internal: move config TS declaration to standalone file 
To access the types in internally
 2025-05-20 14:17:13 +02:00
larabr
87a72e0ab2 Internal: move enums TS declaration to standalone file 
To access the types in internally.

Also, include internal d.ts files in published npm bundle.
 2025-05-20 14:17:13 +02:00
Daniel Huigens
aba9bb1b69
Prefer subkeys with higher algorithm IDs (#1854) 
In case of equal creation timestamps, pick the signing/encryption subkey
with the highest algorithm ID, on the assumption that that's the most
modern/secure algorithm.
 2025-05-20 14:07:30 +02:00
larabr
45d825c64a
CI: fix "unknown cli/env config" warnings from npm v11 (#1851) 
npm v12 will drop support for unknown config options.
 2025-05-19 17:54:42 +02:00
Daniel Huigens
843a69d0ad
Don't mutate message during verification 2025-05-19 14:47:49 +02:00
dependabot[bot]
16c36f7135
Bump the noble group across 1 directory with 3 updates (#1845) 
* Bump the noble group across 1 directory with 3 updates

Bumps the noble group with 2 updates in the / directory: [@noble/ciphers](https://github.com/paulmillr/noble-ciphers) and [@noble/curves](https://github.com/paulmillr/noble-curves).


Updates `@noble/ciphers` from 1.2.1 to 1.3.0
- [Release notes](https://github.com/paulmillr/noble-ciphers/releases)
- [Commits](https://github.com/paulmillr/noble-ciphers/compare/1.2.1...1.3.0)

Updates `@noble/curves` from 1.8.2 to 1.9.0
- [Release notes](https://github.com/paulmillr/noble-curves/releases)
- [Commits](https://github.com/paulmillr/noble-curves/compare/1.8.2...1.9.0)

Updates `@noble/hashes` from 1.7.2 to 1.8.0
- [Release notes](https://github.com/paulmillr/noble-hashes/releases)
- [Commits](https://github.com/paulmillr/noble-hashes/compare/1.7.2...1.8.0)

---
updated-dependencies:
- dependency-name: "@noble/ciphers"
  dependency-version: 1.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: noble
- dependency-name: "@noble/curves"
  dependency-version: 1.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: noble
- dependency-name: "@noble/hashes"
  dependency-version: 1.8.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: noble
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump noble-hashes version in package.json

Not applied automatically due to superseded MR: https://github.com/openpgpjs/openpgpjs/pull/1844

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: larabr <7375870+larabr@users.noreply.github.com>
 2025-05-06 16:05:17 +02:00
larabr
4b1bbaff34 CI: increase max retries to 3 on Browserstack testsStartTimeout 
Follow up to #1822, that hardcoded a max retry value of 2.
 2025-05-06 15:47:11 +02:00
dependabot[bot]
5a763a11b5
Tests: bump playwright from 1.51.1 to 1.52.0 (#1843) 
Bumps [playwright](https://github.com/microsoft/playwright) from 1.51.1 to 1.52.0.
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](https://github.com/microsoft/playwright/compare/v1.51.1...v1.52.0)

---
updated-dependencies:
- dependency-name: playwright
  dependency-version: 1.52.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-05 18:48:15 +02:00
dependabot[bot]
65df27d15b
Bump the noble group with 2 updates (#1842) 
Bumps the noble group with 2 updates: [@noble/curves](https://github.com/paulmillr/noble-curves) and [@noble/hashes](https://github.com/paulmillr/noble-hashes).


Updates `@noble/curves` from 1.8.1 to 1.8.2
- [Release notes](https://github.com/paulmillr/noble-curves/releases)
- [Commits](https://github.com/paulmillr/noble-curves/compare/1.8.1...1.8.2)

Updates `@noble/hashes` from 1.7.1 to 1.7.2
- [Release notes](https://github.com/paulmillr/noble-hashes/releases)
- [Commits](https://github.com/paulmillr/noble-hashes/compare/1.7.1...1.7.2)

---
updated-dependencies:
- dependency-name: "@noble/curves"
  dependency-version: 1.8.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: noble
- dependency-name: "@noble/hashes"
  dependency-version: 1.7.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: noble
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-15 10:49:54 +02:00
dependabot[bot]
88310fe69d
Bump playwright from 1.51.0 to 1.51.1 (#1834) 
Bumps [playwright](https://github.com/microsoft/playwright) from 1.51.0 to 1.51.1.
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](https://github.com/microsoft/playwright/compare/v1.51.0...v1.51.1)

---
updated-dependencies:
- dependency-name: playwright
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-18 13:56:54 +01:00
dependabot[bot]
c2526c8a88
Tests: bump playwright from 1.50.1 to 1.51.0 (#1831) 
Bumps [playwright](https://github.com/microsoft/playwright) from 1.50.1 to 1.51.0.
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](https://github.com/microsoft/playwright/compare/v1.50.1...v1.51.0)

---
updated-dependencies:
- dependency-name: playwright
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-07 15:53:39 +01:00
larabr
1848f51a4c
Merge pull request #1829 
Re-enable using WebCrypto for X25519 when available.
 2025-03-05 11:51:40 +01:00
larabr
4762d2c762 CI: do not test Webkit on Linux 
The tests work correctly in Epiphany, but not in the WebKit build,
where the native X25519 implementation throws non-standard errors on
importKey (DataError) and generateKey (OperationError).
Patching this would be simply a matter of catching such errors and falling back
to the JS implementation, but since only the CI WebKit build seems to be
affected, we prefer not to relax fallback checks in the context of crypto
operations without issues reported in the wild.
 2025-02-26 13:00:14 +01:00
larabr
d5689894f6 Re-enable using WebCrypto for X25519 when available 
Reverting commit ccb040ae96acd127a29161ffaf3b82b5b18c062f .
Firefox has fixed support in v132 (https://bugzilla.mozilla.org/show_bug.cgi?id=1918354)
usage of v130 and 131, which have a broken implementation, is now below 1%.

Also, Chrome has released support in v133.
 2025-02-26 12:15:17 +01:00
Carlos Alexandro Becker
6d4a86295e
Make Issuer Key ID signature subpacket non-critical (#1828) 
RPM <=4.16 does not support it.

See also:
- https://github.com/ProtonMail/go-crypto/pull/175
- https://github.com/ProtonMail/go-crypto/issues/263
 2025-02-26 10:19:25 +01:00
dependabot[bot]
8a2062d342
Bump the noble group with 3 updates (#1825) 
Bumps the noble group with 3 updates: [@noble/ciphers](https://github.com/paulmillr/noble-ciphers), [@noble/curves](https://github.com/paulmillr/noble-curves) and [@noble/hashes](https://github.com/paulmillr/noble-hashes).

Also:
* Internal: OCB: do not reuse AES-CBC instance (Noble is now preventing instance reuse).
* Tests: update error message following noble-curve change


Updates `@noble/ciphers` from 1.0.0 to 1.2.1
- [Release notes](https://github.com/paulmillr/noble-ciphers/releases)
- [Commits](https://github.com/paulmillr/noble-ciphers/compare/1.0.0...1.2.1)

Updates `@noble/curves` from 1.6.0 to 1.8.1
- [Release notes](https://github.com/paulmillr/noble-curves/releases)
- [Commits](https://github.com/paulmillr/noble-curves/compare/1.6.0...1.8.1)

Updates `@noble/hashes` from 1.5.0 to 1.7.1
- [Release notes](https://github.com/paulmillr/noble-hashes/releases)
- [Commits](https://github.com/paulmillr/noble-hashes/compare/1.5.0...1.7.1)

---

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: larabr <7375870+larabr@users.noreply.github.com>
 2025-02-12 13:20:20 +01:00
dependabot[bot]
e9fe979649
Bump fflate from 0.7.4 to 0.8.2 (#1826) 
Bumps [fflate](https://github.com/101arrowz/fflate) from 0.7.4 to 0.8.2.
- [Release notes](https://github.com/101arrowz/fflate/releases)
- [Changelog](https://github.com/101arrowz/fflate/blob/master/CHANGELOG.md)
- [Commits](https://github.com/101arrowz/fflate/compare/v0.7.4...v0.8.2)

---
updated-dependencies:
- dependency-name: fflate
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-11 13:59:09 +01:00
dependabot[bot]
1ab6f27fc9
Bump playwright from 1.48.2 to 1.50.1 (#1824) 
Bumps [playwright](https://github.com/microsoft/playwright) from 1.48.2 to 1.50.1.
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](https://github.com/microsoft/playwright/compare/v1.48.2...v1.50.1)

---
updated-dependencies:
- dependency-name: playwright
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-11 13:27:41 +01:00
larabr
a7660cc43b CI: fix (again) Dependabot setup: add workaround to set different schedules for npm updates 2025-02-11 11:38:06 +01:00
larabr
b583bcad23
CI: fix Dependabot setup (#1823) 
Typo in filename resulting in bot not actually working.
 2025-02-10 19:20:03 +01:00
larabr
a3a9e06802
CI: add reconnection mechanism for Browserstack on testsStartTimeout (#1822) 
iOS tests sometimes fail to start due to some "server disconnect" issue on BS side.
This seems more prominent on certain devices (e.g. iPhone 16 with iOS 18).
So, we also change the 'iOS latest' target to a more stable one.
 2025-02-10 19:15:43 +01:00
Daniel Huigens
965e63b672
Only push new tags when running npm version (#1821) 2025-02-03 14:27:39 +01:00
Daniel Huigens
96b13a468b
6.1.0 v6.1.0 2025-01-30 14:15:35 +01:00
Daniel Huigens
432856ff0e
Fix signing using keys without preferred hash algorithms (#1820) 2025-01-29 16:45:32 +01:00
larabr
b2bd8a0fdd
Merge pull request #1812 
Improve internal tree-shaking and lazy load md5
 2024-11-25 11:13:15 +01:00
larabr
6db98f1e47 Internal: improve tree-shaking in armor module 2024-11-22 14:34:18 +01:00
larabr
8e5da78971 Internal: improve tree-shaking of web-stream-tools 
Import single functions instead of entire lib.
 2024-11-22 14:34:18 +01:00
larabr
a5d894f514 Internal: avoid importing enums in legacy_cipher chunk 
To avoid issues with the lightweight build:
for now it works fine, but it could mess up chunking in the future,
and it already results in a circular import.
 2024-11-22 14:34:18 +01:00
larabr
a16160fc66 Use noble-hashes for md5 
The existing md5 module brought in the util module,
which messed up the chunking structure in the lightweight build;
inlining those functions is an option, but the noble-hashes code
is also more modern and readable.
 2024-11-22 14:32:42 +01:00
larabr
abe750cf7c Lightweight build: lazy load md5 hashing module 
Used by old, legacy messages only
 2024-11-22 14:32:42 +01:00
larabr
2a8969b437 Internal: improve tree-shaking for crypto modules 
Every submodule under the 'crypto' directory was exported-imported
even if a handful of functions where actually needed.
We now only export entire modules behind default exports if it makes
sense for readability and if the different submodules would be
imported together anyway (e.g. `cipherMode` exports are all needed
by the SEIPD class).

We've also dropped exports that are not used outside of the crypto modules,
e.g. pkcs5 helpers.
 2024-11-22 14:32:39 +01:00
larabr
bf85deedb8
Merge pull request #1811 2024-11-22 14:30:41 +01:00
larabr
6c3b02872d Throw on encryption using non-standard experimentalGCM AEAD algo 
The `enums.aead.gcm` ID standardized by RFC9580 should be used instead.
 2024-11-22 14:29:14 +01:00
larabr
4d2d8740dc Fix decryption support for non-standard, legacy AEAD messages and keys that used experimentalGCM 
This adds back support for decrypting password-protected messages which
were encrypted in OpenPGP.js v5 with custom config settings
`config.aeadProtect = true` together with
`config.preferredAEADAlgorithm = openpgp.enums.aead.experimentalGCM`.

Public-key-encrypted messages are affected if they were encrypted using the same config, while also providing `encryptionKeys` that declared `experimentalGCM` in their AEAD prefs.
Such keys could be generated in OpenPGP.js v5 by setting the aforementioned config values.
 2024-11-22 10:15:20 +01:00
larabr
bbdaad0cba TS: add gcm to enums.aead, mark non-standard experimentalGCM as deprecated 
`experimentalGCM` should not be used anymore,
as a different a different algorithm ID was standardized
for GCM, and using the experimental value could give
interoperability issues with e.g. SEIPDv2 and AEAD-encrypted keys.
 2024-11-22 10:15:20 +01:00
larabr
daeaf6b1da CI: disable Browserstack concurrency to improve reliability 2024-11-21 18:11:10 +01:00
larabr
67faffafff 6.0.1 v6.0.1 2024-11-21 17:16:29 +01:00
larabr
f75447afaa Fix ES imports for webpack: declare exports.browser entrypoint as higher priority than import 
We could also drop the browser's directive `"./dist/node/openpgp.min.cjs": "./dist/openpgp.min.js"`,
since that build cannot be used with `require()`, and it's instead meant
to be the target of <script> tags.
But we keep it around for now to avoid potentially breaking changes, in case it's
used in some setups.
 2024-11-21 16:43:15 +01:00
larabr
121b478312 Tests: drop unused, unnecessary error assertion 
The `expect().to.not.throw` check as written is a no-op.
In fact, `throw` should have been called as a function.

We drop the relevant check altogether since if the wrapped
operation throws, the test will naturally fail due to the
unexpected error.
 2024-11-13 19:44:06 +01:00
larabr
088d5f3638
Merge pull request #1807 2024-11-11 20:46:51 +01:00
Daniel Huigens
ac1bfc0d60
Fix openpgp.verify/decrypt with expectSigned: true and format: 'binary' (#1805) 2024-11-11 15:42:33 +01:00
larabr
287104aafb TS: fix PrivateKey.getDecryptionKeys() return type 2024-11-11 14:20:18 +01:00
larabr
2d65d1d553 TS: generateKey: fix options.type definitions to accept 'curve25519' and 'curve448' 2024-11-11 13:28:05 +01:00
Daniel Huigens
3f060660c2
Update hash algorithm preferences order (#1804) 
Prefer SHA3_512 over SHA3_256 for consistency.
 2024-11-07 15:19:20 +01:00
larabr
01b62399af Revert "CI: temporarily enable for PRs to v6 branch" [skip ci] 2024-11-05 12:56:39 +01:00
larabr
dd01ee00cb 6.0.0 v6.0.0 2024-11-04 17:35:18 +01:00
Daniel Huigens
a5645e1d6c Spaces after "RFC" in README 2024-11-04 17:03:36 +01:00