Mirroristas/openpgpjs
2
0
Fork 0
mirror of https://github.com/openpgpjs/openpgpjs.git synced 2025-09-13 20:50:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,591 Commits 17 Branches 188 Tags 63 MiB
Commit Graph

2591 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
larabr
6b43e02a25
Merge pull request from GHSA-ch3c-v47x-4pgp 
Reject cleartext messages with extraneous data preceeding hash header
 2023-08-29 16:49:28 +02:00
larabr
11b59994cf Reject cleartext messages with extraneous data preceeding hash header 
Parsing of such messages will fail, as the data in the header is not verified,
and allowing it opens up the possibility of signature spoofing.
 2023-08-29 16:30:35 +02:00
larabr
4df86e53a7 5.10.0 v5.10.0 2023-08-29 14:59:17 +02:00
larabr
8d4dd349ae
Merge pull request #1620 
Add support for new Ed25519/X25519 keys, signatures and messages,
as per crypto-refresh document.
 2023-07-26 10:08:41 +02:00
larabr
5ae2846d97 CI: test on iOS Safari 14 instead of 15 to have access to SubtleCrypto 
SubtleCrypto not available in the latter due to stricter secure context checks
 2023-07-25 10:18:05 +02:00
larabr
b164190f6a Internal: rename Curves to CurvesWithOID 
Following the addition of the new format for Montgomery curves,
which do not rely on OIDs.
 2023-07-25 10:18:05 +02:00
larabr
ef953ce81e Add HKDF fallback for Node 14, where SubtleCrypto is not available 2023-07-25 10:18:00 +02:00
larabr
ee4ad89451 Enforce AES with PKESK v3 using x25519 (new format) 
Fail on PKESK parsing as well as session key generation and encryption
 2023-07-25 10:17:17 +02:00
larabr
1c07d268b8 crypto-refresh: add support for new X25519 key and PKESK format 
As specified in openpgp-crypto-refresh-09.

Instead of encoding the symmetric key algorithm in the PKESK ciphertext (requiring padding),
the symmetric key algorithm is left unencrypted.

Co-authored-by: Lukas Burkhalter <lukas.burkhalter@proton.ch>
 2023-07-25 10:17:09 +02:00
larabr
3f44082457 crypto-refresh: add support for new Ed25519 key and signature format 
This addition is backwards compatible. We offer no way to generate v4 keys in the new format.
 2023-07-13 11:58:40 +02:00
larabr
b6170aa40d
Merge pull request #1656 
Fix forward compatibility of keys, SKESKs, and detached/cleartext signatures and ECDH.

Relevant for forward compatibility when:
- verifying **detached** or cleartext signatures that include e.g. v4 and v6 packets.
  Non-detached signatures are not affected.
- parsing messages with sym. encrypted session keys (SKESK) that rely on unsupported S2K types (e.g. argon2)
- parsing keys that include ECDH subkeys with unknown KDF params version
  (e.g. end-to-end encrypted forwarding use-case)
 2023-07-10 19:38:39 +02:00
larabr
32caf41929 Fix parsing of ECDH with unknown KDFParam version 
Keys with such subkeys should still be usable, as long as they have
a supported primary key.
 2023-07-10 15:26:39 +02:00
larabr
f5b5b73f07 Fix parsing of messages with unsupported SKESK s2k type 
These messages should still be decrypt-able if they include at least one
supported ESK packet.
 2023-07-10 15:26:39 +02:00
larabr
9ed1135d74 Fix verification of cleartext signatures that include unknown signature packet versions 2023-07-10 15:26:39 +02:00
larabr
de2ffaf8e5 Fix verification of detached signatures that include unknown signature packet versions 
Relevant for forward compatibility when verifying detached signatures
that include e.g. v4 and v6 packets
 2023-07-10 15:26:39 +02:00
larabr
d72cece54a
Support parsing encrypted key with unknown s2k types or cipher algos (#1658) 
Such keys are still capable of encryption and signature verification.
This change is relevant for forward compatibility of v4 keys encrypted using e.g. argon2.
 2023-07-10 15:23:47 +02:00
larabr
400b163f84 5.9.0 v5.9.0 2023-05-15 16:47:20 +02:00
larabr
33c19542af
Allow email addresses with trailing numbers in domain (#1642) 
Domains such as .com09 are valid (see RFC1123)
 2023-05-15 16:21:51 +02:00
larabr
1eb0b42387
TS: add declaration for verify with CleartextMessage input (#1640) 
Also, make `VerifyMessageResult` generic. This change should be backwards
compatible since a default type is set.
 2023-05-15 16:21:05 +02:00
Mart G
29d2b701c9
Add support for verifying User Attributes in verifyAllUsers (#1637) 
Previously, `verifyAllUsers` would fail on keys with User Attributes.
Now, it returns a list of objects that have a either a non-null `userID`
property (in the case of User IDs) or a non-null `userAttribute`
property that contains the User Attribute packet.

Co-authored-by: Daniel Huigens <d.huigens@protonmail.com>
 2023-05-15 15:40:53 +02:00
haryu703
785d24d0d2
Add revoke to Subkey in type definition (#1639) 2023-05-02 16:59:14 +02:00
Daniel Huigens
726ee55de4 5.8.0 v5.8.0 2023-04-18 19:21:24 +02:00
Thomas Oberndörfer
ac223bb8a6
Fix shorthand check on user revoked status in getPrimaryUser method (#1623) 2023-04-04 14:57:34 +02:00
marinthiercelin
e63ab3db4f
CI: update SOP test suite docker image (#1628) 
This new release uses Node v18 instead of v12.
 2023-04-03 13:44:41 +02:00
Thomas Oberndörfer
0d025d8c3d
Add additionalAllowedPackets config option (#1618) 
This config option allows parsing additional packet types when parsing
a packet list or armored object, in contexts where they are normally
not expected to appear, by passing a list of packet classes
(e.g. `additionalAllowedPackets: [PublicKeyPacket]`).
 2023-03-30 15:52:11 +02:00
marinthiercelin
f72e34fefa
CI: add OpenPGP interoperability test suite (#1603) 2023-03-15 11:52:51 +01:00
Daniel Huigens
c60f2e3490 5.7.0 v5.7.0 2023-02-21 19:14:36 +01:00
larabr
bb0c1f8a08
Merge pull request #1602 from larabr/update-deps-feb23 2023-02-21 19:00:03 +01:00
larabr
8ffd7aa1d4 Remove import cycles 2023-02-21 18:27:59 +01:00
larabr
94868e606a ESLint: drop unnecessary rules 
Most rules are derived from the `airbnb` template.
Some "bad" rule exceptions remain, but they require too many changes to fix, so
we leave it to a future refactoring.
 2023-02-21 18:27:59 +01:00
larabr
705f238e1e Update ESlint 2023-02-21 18:27:56 +01:00
larabr
1b17132631 Update deps 2023-02-21 18:25:28 +01:00
larabr
080b49a4ce
Merge pull request #1549 from larabr/test-update-karma-browsers 2023-02-21 16:16:55 +01:00
Daniel Huigens
0ffcc4970f
Remove default known notations (#1600) 
Since we don't interpret these notations, it is up to the caller
to handle them, and thus also to decide whether they are "known".
If they are marked as critical, and aren't handled by the caller,
we should consider the signature unverified.
 2023-02-20 19:05:30 +01:00
larabr
66844826c6 Skip native Crypto tests if native lib is not available 2023-02-20 16:08:19 +01:00
larabr
dcd28fadc6 CI: test latest Safari 2023-02-20 16:08:19 +01:00
larabr
18333999a2 CI: test latest browsers without Browserstack, cache build step across jobs 2023-02-20 16:08:10 +01:00
larabr
b083e1d067 Update Karma 2023-02-20 15:34:39 +01:00
Roman
5b92b80f79
Add selfCertification property to PrimaryUser interface definition (#1594) 
Also, mark the `publicKeys` parameter of `Key.verifyAllUsers` as optional.
 2023-02-17 17:03:32 +01:00
LucienLeMagicien
3e6e8d03a4
Docs: mark global generateSessionKeys's encryptionKeys as optional (#1596) 2023-02-17 13:05:25 +01:00
Daniel Huigens
71fef439ed
Add support for creating critical signature subpackets (#1599) 
Assign most signature subpacket types a criticality based on whether
failing to interpret their meaning would negatively impact security.

For Notation Data subpackets, let the user indicate their criticality
using the `signatureNotations[*].critical` property.
 2023-02-17 12:21:03 +01:00
Daniel Huigens
0307111993 5.6.0 v5.6.0 2023-02-16 14:32:01 +01:00
Daniel Huigens
64ca5af879
Merge pull request #1598 from twiss/sig-notation-creation 
Add support for creating Notation Data subpackets when signing or encrypting messages
 2023-02-16 13:48:20 +01:00
Daniel Huigens
70778bc4c4 Test non-ASCII notation name 2023-02-16 11:47:38 +01:00
Daniel Huigens
911e0f5330 Use UTF-8 encoding for strings in signature subpackets 2023-02-16 11:46:37 +01:00
Daniel Huigens
fbd71f8dfe Update type definitions 2023-02-16 11:24:11 +01:00
Daniel Huigens
809deee3a6 Add signatureNotations option to sign and encrypt 
This allows adding Notation Data signature subpackets when signing or
encrypting a message.
 2023-02-15 19:42:45 +01:00
Daniel Huigens
375b03dcd4 Make signaturePacket.rawNotations[*].critical a boolean 2023-02-15 19:42:07 +01:00
Daniel Huigens
3a6e2d1661 Fix Notation Data signature subpacket creation 2023-02-15 19:42:07 +01:00
Fabien FORESTIER
2e4e05369c
TypeScript: add missing function definitions to Subkey class (#1588) 
Add types for `Subkey.getExpirationTime()`, `.isRevoked()`, `.update()`
 2023-02-09 23:15:18 +01:00