larabr a57bffc84a

Fix key and signature parsing of EdDSALegacy entities with unsupported curves (e.g. Curve448Legacy) (#1798) ...

Signature parsing would fail in case of unexpected payload sizes, causing key parsing to always throw
when processing e.g. an (unsupported) Curve448Legacy subkey instead of ignoring it.

To address this, we now throw on signature verification instead of parsing (as done for ECDSA).

NB: the bug and this fix are not relevant for the new Ed25519/Ed448 entities as standardized by the crypto-refresh.

2024-10-14 12:15:33 +02:00

..

benchmarks

Drop support for native Node Readable stream: require passing Node Web Streams (#1716)

2024-01-26 17:52:29 +01:00

crypto

Throw on (unexpected) low order points in ECDH over Curve25519/448

2024-09-12 13:32:14 +02:00

general

Fix key and signature parsing of EdDSALegacy entities with unsupported curves (e.g. Curve448Legacy) (#1798)

2024-10-14 12:15:33 +02:00

security

Randomise v4 and v5 signatures via custom notation, add config.nonDeterministicSignaturesViaNotation to disable feature (#1737)

2024-04-02 17:37:57 +02:00

typescript

Drop support for native Node Readable stream: require passing Node Web Streams (#1716)

2024-01-26 17:52:29 +01:00

worker

Update to Mocha v10 in tests, declare lib as module and add exports to package.json

2023-10-25 12:53:10 +02:00

initOpenpgp.js

Tests: explicitly share openpgp instance used in tests

2023-10-25 12:53:10 +02:00

karma.conf.cjs

CI: update Browserstack legacy targets (drop Safari 13)

2024-05-16 13:59:11 +02:00

unittests.html

CI: Switch to karma for browser tests (#1233)

2021-02-12 13:29:04 +01:00

unittests.js

Tests: fix stream polyfilling in legacy browsers

2024-07-04 14:51:59 +02:00