@protontech/openpgp 4.10.8 → 5.3.1

package/src/config/config.js

@@ -1,232 +0,0 @@
-// GPG4Browsers - An OpenPGP implementation in javascript
-// Copyright (C) 2011 Recurity Labs GmbH
-//
-// This library is free software; you can redistribute it and/or
-// modify it under the terms of the GNU Lesser General Public
-// License as published by the Free Software Foundation; either
-// version 3.0 of the License, or (at your option) any later version.
-//
-// This library is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-// Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public
-// License along with this library; if not, write to the Free Software
-// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-
-/**
- * Global configuration values.
- * @requires enums
- */
-
-import enums from '../enums';
-
-export default {
-  /**
-   * @memberof module:config
-   * @property {Integer} prefer_hash_algorithm Default hash algorithm {@link module:enums.hash}
-   */
-  prefer_hash_algorithm: enums.hash.sha256,
-  /**
-   * @memberof module:config
-   * @property {Integer} encryption_cipher Default encryption cipher {@link module:enums.symmetric}
-   */
-  encryption_cipher: enums.symmetric.aes256,
-  /**
-   * @memberof module:config
-   * @property {Integer} compression Default compression algorithm {@link module:enums.compression}
-   */
-  compression: enums.compression.uncompressed,
-  /**
-   * @memberof module:config
-   * @property {Integer} deflate_level Default zip/zlib compression level, between 1 and 9
-   */
-  deflate_level: 6,
-
-  /**
-   * Use Authenticated Encryption with Additional Data (AEAD) protection for symmetric encryption.
-   * **NOT INTEROPERABLE WITH OTHER OPENPGP IMPLEMENTATIONS**
-   * **FUTURE OPENPGP.JS VERSIONS MAY BREAK COMPATIBILITY WHEN USING THIS OPTION**
-   * @see {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-07|RFC4880bis-07}
-   * @memberof module:config
-   * @property {Boolean} aead_protect
-   */
-  aead_protect:             false,
-  /**
-   * Default Authenticated Encryption with Additional Data (AEAD) encryption mode
-   * Only has an effect when aead_protect is set to true.
-   * @memberof module:config
-   * @property {Integer} aead_mode Default AEAD mode {@link module:enums.aead}
-   */
-  aead_mode: enums.aead.eax,
-  /**
-   * Chunk Size Byte for Authenticated Encryption with Additional Data (AEAD) mode
-   * Only has an effect when aead_protect is set to true.
-   * Must be an integer value from 0 to 56.
-   * @memberof module:config
-   * @property {Integer} aead_chunk_size_byte
-   */
-  aead_chunk_size_byte:     12,
-  /**
-   * Use V5 keys.
-   * **NOT INTEROPERABLE WITH OTHER OPENPGP IMPLEMENTATIONS**
-   * **FUTURE OPENPGP.JS VERSIONS MAY BREAK COMPATIBILITY WHEN USING THIS OPTION**
-   * @memberof module:config
-   * @property {Boolean} v5_keys
-   */
-  v5_keys:                  false,
-  /**
-   * {@link https://tools.ietf.org/html/rfc4880#section-3.7.1.3|RFC4880 3.7.1.3}:
-   * Iteration Count Byte for S2K (String to Key)
-   * @memberof module:config
-   * @property {Integer} s2k_iteration_count_byte
-   */
-  s2k_iteration_count_byte: 224,
-  /** Use integrity protection for symmetric encryption
-   * @memberof module:config
-   * @property {Boolean} integrity_protect
-   */
-  integrity_protect:        true,
-  /**
-   * @memberof module:config
-   * @property {Boolean} ignore_mdc_error Fail on decrypt if message is not integrity protected
-   */
-  ignore_mdc_error:         false,
-  /**
-   * @memberof module:config
-   * @property {Boolean} allow_unauthenticated_stream Stream unauthenticated data before integrity has been checked
-   */
-  allow_unauthenticated_stream: false,
-  /**
-   * @memberof module:config
-   * @property {Boolean} checksum_required Do not throw error when armor is missing a checksum
-   */
-  checksum_required:        false,
-  /**
-   * @memberof module:config
-   * @property {Boolean} rsa_blinding
-   */
-  rsa_blinding:             true,
-  /**
-   * Work-around for rare GPG decryption bug when encrypting with multiple passwords.
-   * **Slower and slightly less secure**
-   * @memberof module:config
-   * @property {Boolean} password_collision_check
-   */
-  password_collision_check: false,
-  /**
-   * @memberof module:config
-   * @property {Boolean} revocations_expire If true, expired revocation signatures are ignored
-   */
-  revocations_expire:       false,
-  /**
-   * Allow decryption using RSA keys without `encrypt` flag.
-   * This setting is potentially insecure, but it is needed to get around an old openpgpjs bug
-   * where key flags were ignored when selecting a key for encryption.
-   * @memberof module:config
-   * @property {Boolean} allow_insecure_decryption_with_signing_keys
-   */
-  allow_insecure_decryption_with_signing_keys: false,
-
-  /**
-   * @memberof module:config
-   * @property {Boolean} use_native Use native Node.js crypto/zlib and WebCrypto APIs when available
-   */
-  use_native:               true,
-  /**
-   * @memberof module:config
-   * @property {Integer} min_bytes_for_web_crypto The minimum amount of bytes for which to use native WebCrypto APIs when available
-   */
-  min_bytes_for_web_crypto: 1000,
-  /**
-   * @memberof module:config
-   * @property {Boolean} Use transferable objects between the Web Worker and main thread
-   */
-  zero_copy:                false,
-  /**
-   * @memberof module:config
-   * @property {Boolean} debug If enabled, debug messages will be printed
-   */
-  debug:                    false,
-  /**
-   * @memberof module:config
-   * @property {Boolean} tolerant Ignore unsupported/unrecognizable packets instead of throwing an error
-   */
-  tolerant:                 true,
-
-  /**
-   * @memberof module:config
-   * @property {Boolean} show_version Whether to include {@link module:config/config.versionstring} in armored messages
-   */
-  show_version: true,
-  /**
-   * @memberof module:config
-   * @property {Boolean} show_comment Whether to include {@link module:config/config.commentstring} in armored messages
-   */
-  show_comment: true,
-  /**
-   * @memberof module:config
-   * @property {String} versionstring A version string to be included in armored messages
-   */
-  versionstring: "OpenPGP.js VERSION",
-  /**
-   * @memberof module:config
-   * @property {String} commentstring A comment string to be included in armored messages
-   */
-  commentstring: "https://openpgpjs.org",
-
-  /**
-   * @memberof module:config
-   * @property {String} keyserver
-   */
-  keyserver:     "https://keyserver.ubuntu.com",
-  /**
-   * @memberof module:config
-   * @property {String} node_store
-   */
-  node_store:    "./openpgp.store",
-  /**
-   * Max userid string length (used for parsing)
-   * @memberof module:config
-   * @property {Integer} max_userid_length
-   */
-  max_userid_length: 1024 * 5,
-  /**
-   * Contains notatations that are considered "known". Known notations do not trigger
-   * validation error when the notation is marked as critical.
-   * @memberof module:config
-   * @property {Array} known_notations
-   */
-  known_notations: ["preferred-email-encoding@pgp.com", "pka-address@gnupg.org"],
-  /**
-   * @memberof module:config
-   * @property {Boolean} use_indutny_elliptic Whether to use the indutny/elliptic library. When false, certain curves will not be supported.
-   */
-  use_indutny_elliptic: true,
-  /**
-   * @memberof module:config
-   * @property {Boolean} external_indutny_elliptic Whether to lazily load the indutny/elliptic library from an external path on demand.
-   */
-  external_indutny_elliptic: false,
-  /**
-   * @memberof module:config
-   * @property {String} indutny_elliptic_path The path to load the indutny/elliptic library from. Only has an effect if `config.external_indutny_elliptic` is true.
-   */
-  indutny_elliptic_path: './elliptic.min.js',
-  /**
-   * @memberof module:config
-   * @property {Object} indutny_elliptic_fetch_options Options object to pass to `fetch` when loading the indutny/elliptic library. Only has an effect if `config.external_indutny_elliptic` is true.
-   */
-  indutny_elliptic_fetch_options: {},
-  /**
-   * @memberof module:config
-   * @property {Set<Integer>} reject_hash_algorithms Reject insecure hash algorithms {@link module:enums.hash}
-   */
-  reject_hash_algorithms: new global.Set([enums.hash.md5, enums.hash.ripemd]),
-  /**
-   * @memberof module:config
-   * @property {Set<Integer>} reject_message_hash_algorithms Reject insecure message hash algorithms {@link module:enums.hash}
-   */
-  reject_message_hash_algorithms: new global.Set([enums.hash.md5, enums.hash.ripemd, enums.hash.sha1])
-};

package/src/config/index.js

@@ -1,7 +0,0 @@
-/**
- * @fileoverview This object contains global configuration values.
- * @see module:config/config
- * @module config
- */
-
-export { default } from './config.js';

package/src/config/localStorage.js

@@ -1,35 +0,0 @@
-/**
- * @fileoverview Provides functions for storing and retrieving configuration from HTML5 local storage.
- * @module config/localStorage
- */
-
-/**
- * This object is used for storing and retrieving configuration from HTML5 local storage.
- * @constructor
- */
-function LocalStorage() {}
-
-/**
- * Reads the config out of the HTML5 local storage
- * and initializes the object config.
- * if config is null the default config will be used
- */
-LocalStorage.prototype.read = function () {
-  const raw = global.localStorage.getItem("config");
-  const cf = (raw === null ? null : JSON.parse(raw));
-  if (cf === null) {
-    this.config = this.default_config;
-    this.write();
-  } else {
-    this.config = cf;
-  }
-};
-
-/**
- * Writes the config to HTML5 local storage
- */
-LocalStorage.prototype.write = function () {
-  global.localStorage.setItem("config", JSON.stringify(this.config));
-};
-
-export default LocalStorage;

package/src/crypto/aes_kw.js

@@ -1,153 +0,0 @@
-// OpenPGP.js - An OpenPGP implementation in javascript
-// Copyright (C) 2015-2016 Decentral
-//
-// This library is free software; you can redistribute it and/or
-// modify it under the terms of the GNU Lesser General Public
-// License as published by the Free Software Foundation; either
-// version 3.0 of the License, or (at your option) any later version.
-//
-// This library is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-// Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public
-// License along with this library; if not, write to the Free Software
-// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-
-/**
- * @fileoverview Implementation of RFC 3394 AES Key Wrap & Key Unwrap funcions
- * @see module:crypto/public_key/elliptic/ecdh
- * @requires crypto/cipher
- * @requires util
- * @module crypto/aes_kw
- */
-
-import cipher from './cipher';
-import util from '../util';
-
-function wrap(key, data) {
-  const aes = new cipher["aes" + (key.length * 8)](key);
-  const IV = new Uint32Array([0xA6A6A6A6, 0xA6A6A6A6]);
-  const P = unpack(data);
-  let A = IV;
-  const R = P;
-  const n = P.length / 2;
-  const t = new Uint32Array([0, 0]);
-  let B = new Uint32Array(4);
-  for (let j = 0; j <= 5; ++j) {
-    for (let i = 0; i < n; ++i) {
-      t[1] = n * j + (1 + i);
-      // B = A
-      B[0] = A[0];
-      B[1] = A[1];
-      // B = A || R[i]
-      B[2] = R[2 * i];
-      B[3] = R[2 * i + 1];
-      // B = AES(K, B)
-      B = unpack(aes.encrypt(pack(B)));
-      // A = MSB(64, B) ^ t
-      A = B.subarray(0, 2);
-      A[0] ^= t[0];
-      A[1] ^= t[1];
-      // R[i] = LSB(64, B)
-      R[2 * i] = B[2];
-      R[2 * i + 1] = B[3];
-    }
-  }
-  return pack(A, R);
-}
-
-function unwrap(key, data) {
-  const aes = new cipher["aes" + (key.length * 8)](key);
-  const IV = new Uint32Array([0xA6A6A6A6, 0xA6A6A6A6]);
-  const C = unpack(data);
-  let A = C.subarray(0, 2);
-  const R = C.subarray(2);
-  const n = C.length / 2 - 1;
-  const t = new Uint32Array([0, 0]);
-  let B = new Uint32Array(4);
-  for (let j = 5; j >= 0; --j) {
-    for (let i = n - 1; i >= 0; --i) {
-      t[1] = n * j + (i + 1);
-      // B = A ^ t
-      B[0] = A[0] ^ t[0];
-      B[1] = A[1] ^ t[1];
-      // B = (A ^ t) || R[i]
-      B[2] = R[2 * i];
-      B[3] = R[2 * i + 1];
-      // B = AES-1(B)
-      B = unpack(aes.decrypt(pack(B)));
-      // A = MSB(64, B)
-      A = B.subarray(0, 2);
-      // R[i] = LSB(64, B)
-      R[2 * i] = B[2];
-      R[2 * i + 1] = B[3];
-    }
-  }
-  if (A[0] === IV[0] && A[1] === IV[1]) {
-    return pack(R);
-  }
-  throw new Error("Key Data Integrity failed");
-}
-
-function createArrayBuffer(data) {
-  if (util.isString(data)) {
-    const { length } = data;
-    const buffer = new ArrayBuffer(length);
-    const view = new Uint8Array(buffer);
-    for (let j = 0; j < length; ++j) {
-      view[j] = data.charCodeAt(j);
-    }
-    return buffer;
-  }
-  return new Uint8Array(data).buffer;
-}
-
-function unpack(data) {
-  const { length } = data;
-  const buffer = createArrayBuffer(data);
-  const view = new DataView(buffer);
-  const arr = new Uint32Array(length / 4);
-  for (let i = 0; i < length / 4; ++i) {
-    arr[i] = view.getUint32(4 * i);
-  }
-  return arr;
-}
-
-function pack() {
-  let length = 0;
-  for (let k = 0; k < arguments.length; ++k) {
-    length += 4 * arguments[k].length;
-  }
-  const buffer = new ArrayBuffer(length);
-  const view = new DataView(buffer);
-  let offset = 0;
-  for (let i = 0; i < arguments.length; ++i) {
-    for (let j = 0; j < arguments[i].length; ++j) {
-      view.setUint32(offset + 4 * j, arguments[i][j]);
-    }
-    offset += 4 * arguments[i].length;
-  }
-  return new Uint8Array(buffer);
-}
-
-export default {
-  /**
-   * AES key wrap
-   * @function
-   * @param {String} key
-   * @param {String} data
-   * @returns {Uint8Array}
-   */
-  wrap,
-  /**
-   * AES key unwrap
-   * @function
-   * @param {String} key
-   * @param {String} data
-   * @returns {Uint8Array}
-   * @throws {Error}
-   */
-  unwrap
-};

package/src/crypto/cfb.js

@@ -1,169 +0,0 @@
-// Modified by ProtonTech AG
-
-// Modified by Recurity Labs GmbH
-
-// modified version of https://www.hanewin.net/encrypt/PGdecode.js:
-
-/* OpenPGP encryption using RSA/AES
- * Copyright 2005-2006 Herbert Hanewinkel, www.haneWIN.de
- * version 2.0, check www.haneWIN.de for the latest version
-
- * This software is provided as-is, without express or implied warranty.
- * Permission to use, copy, modify, distribute or sell this software, with or
- * without fee, for any purpose and by any individual or organization, is hereby
- * granted, provided that the above copyright notice and this paragraph appear
- * in all copies. Distribution as a part of an application or binary must
- * include the above copyright notice in the documentation and/or other
- * materials provided with the application or distribution.
- */
-
-/**
- * @requires web-stream-tools
- * @requires crypto/cipher
- * @requires util
- * @module crypto/cfb
- */
-
-import { AES_CFB } from 'asmcrypto.js/dist_es5/aes/cfb';
-
-import stream from 'web-stream-tools';
-import cipher from './cipher';
-import config from '../config';
-import util from '../util';
-
-const webCrypto = util.getWebCrypto();
-const nodeCrypto = util.getNodeCrypto();
-const Buffer = util.getNodeBuffer();
-
-const knownAlgos = nodeCrypto ? nodeCrypto.getCiphers() : [];
-const nodeAlgos = {
-  idea: knownAlgos.includes('idea-cfb') ? 'idea-cfb' : undefined, /* Unused, not implemented */
-  '3des': knownAlgos.includes('des-ede3-cfb') ? 'des-ede3-cfb' : undefined,
-  tripledes: knownAlgos.includes('des-ede3-cfb') ? 'des-ede3-cfb' : undefined,
-  cast5: knownAlgos.includes('cast5-cfb') ? 'cast5-cfb' : undefined,
-  blowfish: knownAlgos.includes('bf-cfb') ? 'bf-cfb' : undefined,
-  aes128: knownAlgos.includes('aes-128-cfb') ? 'aes-128-cfb' : undefined,
-  aes192: knownAlgos.includes('aes-192-cfb') ? 'aes-192-cfb' : undefined,
-  aes256: knownAlgos.includes('aes-256-cfb') ? 'aes-256-cfb' : undefined
-  /* twofish is not implemented in OpenSSL */
-};
-
-export default {
-  encrypt: function(algo, key, plaintext, iv) {
-    if (util.getNodeCrypto() && nodeAlgos[algo]) { // Node crypto library.
-      return nodeEncrypt(algo, key, plaintext, iv);
-    }
-    if (algo.substr(0, 3) === 'aes') {
-      return aesEncrypt(algo, key, plaintext, iv);
-    }
-
-    const cipherfn = new cipher[algo](key);
-    const block_size = cipherfn.blockSize;
-
-    const blockc = iv.slice();
-    let pt = new Uint8Array();
-    const process = chunk => {
-      if (chunk) {
-        pt = util.concatUint8Array([pt, chunk]);
-      }
-      const ciphertext = new Uint8Array(pt.length);
-      let i;
-      let j = 0;
-      while (chunk ? pt.length >= block_size : pt.length) {
-        const encblock = cipherfn.encrypt(blockc);
-        for (i = 0; i < block_size; i++) {
-          blockc[i] = pt[i] ^ encblock[i];
-          ciphertext[j++] = blockc[i];
-        }
-        pt = pt.subarray(block_size);
-      }
-      return ciphertext.subarray(0, j);
-    };
-    return stream.transform(plaintext, process, process);
-  },
-
-  decrypt: async function(algo, key, ciphertext, iv) {
-    if (util.getNodeCrypto() && nodeAlgos[algo]) { // Node crypto library.
-      return nodeDecrypt(algo, key, ciphertext, iv);
-    }
-    if (algo.substr(0, 3) === 'aes') {
-      return aesDecrypt(algo, key, ciphertext, iv);
-    }
-
-    const cipherfn = new cipher[algo](key);
-    const block_size = cipherfn.blockSize;
-
-    let blockp = iv;
-    let ct = new Uint8Array();
-    const process = chunk => {
-      if (chunk) {
-        ct = util.concatUint8Array([ct, chunk]);
-      }
-      const plaintext = new Uint8Array(ct.length);
-      let i;
-      let j = 0;
-      while (chunk ? ct.length >= block_size : ct.length) {
-        const decblock = cipherfn.encrypt(blockp);
-        blockp = ct;
-        for (i = 0; i < block_size; i++) {
-          plaintext[j++] = blockp[i] ^ decblock[i];
-        }
-        ct = ct.subarray(block_size);
-      }
-      return plaintext.subarray(0, j);
-    };
-    return stream.transform(ciphertext, process, process);
-  }
-};
-
-function aesEncrypt(algo, key, pt, iv) {
-  if (
-    util.getWebCrypto() &&
-    key.length !== 24 && // Chrome doesn't support 192 bit keys, see https://www.chromium.org/blink/webcrypto#TOC-AES-support
-    !util.isStream(pt) &&
-    pt.length >= 3000 * config.min_bytes_for_web_crypto // Default to a 3MB minimum. Chrome is pretty slow for small messages, see: https://bugs.chromium.org/p/chromium/issues/detail?id=701188#c2
-  ) { // Web Crypto
-    return webEncrypt(algo, key, pt, iv);
-  }
-  // asm.js fallback
-  const cfb = new AES_CFB(key, iv);
-  return stream.transform(pt, value => cfb.AES_Encrypt_process(value), () => cfb.AES_Encrypt_finish());
-}
-
-function aesDecrypt(algo, key, ct, iv) {
-  if (util.isStream(ct)) {
-    const cfb = new AES_CFB(key, iv);
-    return stream.transform(ct, value => cfb.AES_Decrypt_process(value), () => cfb.AES_Decrypt_finish());
-  }
-  return AES_CFB.decrypt(ct, key, iv);
-}
-
-function xorMut(a, b) {
-  for (let i = 0; i < a.length; i++) {
-    a[i] = a[i] ^ b[i];
-  }
-}
-
-async function webEncrypt(algo, key, pt, iv) {
-  const ALGO = 'AES-CBC';
-  const _key = await webCrypto.importKey('raw', key, { name: ALGO }, false, ['encrypt']);
-  const { blockSize } = cipher[algo];
-  const cbc_pt = util.concatUint8Array([new Uint8Array(blockSize), pt]);
-  const ct = new Uint8Array(await webCrypto.encrypt({ name: ALGO, iv }, _key, cbc_pt)).subarray(0, pt.length);
-  xorMut(ct, pt);
-  return ct;
-}
-
-function nodeEncrypt(algo, key, pt, iv) {
-  key = Buffer.from(key);
-  iv = Buffer.from(iv);
-  const cipherObj = new nodeCrypto.createCipheriv(nodeAlgos[algo], key, iv);
-  return stream.transform(pt, value => new Uint8Array(cipherObj.update(Buffer.from(value))));
-}
-
-function nodeDecrypt(algo, key, ct, iv) {
-  key = Buffer.from(key);
-  iv = Buffer.from(iv);
-  const decipherObj = new nodeCrypto.createDecipheriv(nodeAlgos[algo], key, iv);
-  return stream.transform(ct, value => new Uint8Array(decipherObj.update(Buffer.from(value))));
-}

package/src/crypto/cipher/aes.js

@@ -1,27 +0,0 @@
-/**
- * @requires asmcrypto.js
- */
-
-import { AES_ECB } from 'asmcrypto.js/dist_es5/aes/ecb';
-
-// TODO use webCrypto or nodeCrypto when possible.
-function aes(length) {
-  const C = function(key) {
-    const aes_ecb = new AES_ECB(key);
-
-    this.encrypt = function(block) {
-      return aes_ecb.encrypt(block);
-    };
-
-    this.decrypt = function(block) {
-      return aes_ecb.decrypt(block);
-    };
-  };
-
-  C.blockSize = C.prototype.blockSize = 16;
-  C.keySize = C.prototype.keySize = length / 8;
-
-  return C;
-}
-
-export default aes;