@protontech/openpgp 4.10.8 → 5.3.1

package/src/packet/sym_encrypted_aead_protected.js

@@ -1,189 +0,0 @@
-// OpenPGP.js - An OpenPGP implementation in javascript
-// Copyright (C) 2016 Tankred Hase
-//
-// This library is free software; you can redistribute it and/or
-// modify it under the terms of the GNU Lesser General Public
-// License as published by the Free Software Foundation; either
-// version 3.0 of the License, or (at your option) any later version.
-//
-// This library is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-// Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public
-// License along with this library; if not, write to the Free Software
-// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-
-/**
- * @requires web-stream-tools
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- */
-
-import stream from 'web-stream-tools';
-import config from '../config';
-import crypto from '../crypto';
-import enums from '../enums';
-import util from '../util';
-
-const VERSION = 1; // A one-octet version number of the data packet.
-
-/**
- * Implementation of the Symmetrically Encrypted Authenticated Encryption with
- * Additional Data (AEAD) Protected Data Packet
- *
- * {@link https://tools.ietf.org/html/draft-ford-openpgp-format-00#section-2.1}:
- * AEAD Protected Data Packet
- * @memberof module:packet
- * @constructor
- */
-function SymEncryptedAEADProtected() {
-  this.tag = enums.packet.symEncryptedAEADProtected;
-  this.version = VERSION;
-  this.cipherAlgo = null;
-  this.aeadAlgorithm = 'eax';
-  this.aeadAlgo = null;
-  this.chunkSizeByte = null;
-  this.iv = null;
-  this.encrypted = null;
-  this.packets = null;
-}
-
-export default SymEncryptedAEADProtected;
-
-/**
- * Parse an encrypted payload of bytes in the order: version, IV, ciphertext (see specification)
- * @param {Uint8Array | ReadableStream<Uint8Array>} bytes
- */
-SymEncryptedAEADProtected.prototype.read = async function (bytes) {
-  await stream.parse(bytes, async reader => {
-    if (await reader.readByte() !== VERSION) { // The only currently defined value is 1.
-      throw new Error('Invalid packet version.');
-    }
-    this.cipherAlgo = await reader.readByte();
-    this.aeadAlgo = await reader.readByte();
-    this.chunkSizeByte = await reader.readByte();
-    const mode = crypto[enums.read(enums.aead, this.aeadAlgo)];
-    this.iv = await reader.readBytes(mode.ivLength);
-    this.encrypted = reader.remainder();
-  });
-};
-
-/**
- * Write the encrypted payload of bytes in the order: version, IV, ciphertext (see specification)
- * @returns {Uint8Array | ReadableStream<Uint8Array>} The encrypted payload
- */
-SymEncryptedAEADProtected.prototype.write = function () {
-  return util.concat([new Uint8Array([this.version, this.cipherAlgo, this.aeadAlgo, this.chunkSizeByte]), this.iv, this.encrypted]);
-};
-
-/**
- * Decrypt the encrypted payload.
- * @param  {String} sessionKeyAlgorithm   The session key's cipher algorithm e.g. 'aes128'
- * @param  {Uint8Array} key               The session key used to encrypt the payload
- * @param  {Boolean} streaming            Whether the top-level function will return a stream
- * @returns {Boolean}
- * @async
- */
-SymEncryptedAEADProtected.prototype.decrypt = async function (sessionKeyAlgorithm, key, streaming) {
-  await this.packets.read(await this.crypt('decrypt', key, stream.clone(this.encrypted), streaming), streaming);
-  return true;
-};
-
-/**
- * Encrypt the packet list payload.
- * @param  {String} sessionKeyAlgorithm   The session key's cipher algorithm e.g. 'aes128'
- * @param  {Uint8Array} key               The session key used to encrypt the payload
- * @param  {Boolean} streaming            Whether the top-level function will return a stream
- * @async
- */
-SymEncryptedAEADProtected.prototype.encrypt = async function (sessionKeyAlgorithm, key, streaming) {
-  this.cipherAlgo = enums.write(enums.symmetric, sessionKeyAlgorithm);
-  this.aeadAlgo = enums.write(enums.aead, this.aeadAlgorithm);
-  const mode = crypto[enums.read(enums.aead, this.aeadAlgo)];
-  this.iv = await crypto.random.getRandomBytes(mode.ivLength); // generate new random IV
-  this.chunkSizeByte = config.aead_chunk_size_byte;
-  const data = this.packets.write();
-  this.encrypted = await this.crypt('encrypt', key, data, streaming);
-};
-
-/**
- * En/decrypt the payload.
- * @param  {encrypt|decrypt} fn      Whether to encrypt or decrypt
- * @param  {Uint8Array} key          The session key used to en/decrypt the payload
- * @param  {Uint8Array | ReadableStream<Uint8Array>} data         The data to en/decrypt
- * @param  {Boolean} streaming        Whether the top-level function will return a stream
- * @returns {Uint8Array | ReadableStream<Uint8Array>}
- * @async
- */
-SymEncryptedAEADProtected.prototype.crypt = async function (fn, key, data, streaming) {
-  const cipher = enums.read(enums.symmetric, this.cipherAlgo);
-  const mode = crypto[enums.read(enums.aead, this.aeadAlgo)];
-  const modeInstance = await mode(cipher, key);
-  const tagLengthIfDecrypting = fn === 'decrypt' ? mode.tagLength : 0;
-  const tagLengthIfEncrypting = fn === 'encrypt' ? mode.tagLength : 0;
-  const chunkSize = 2 ** (this.chunkSizeByte + 6) + tagLengthIfDecrypting; // ((uint64_t)1 << (c + 6))
-  const adataBuffer = new ArrayBuffer(21);
-  const adataArray = new Uint8Array(adataBuffer, 0, 13);
-  const adataTagArray = new Uint8Array(adataBuffer);
-  const adataView = new DataView(adataBuffer);
-  const chunkIndexArray = new Uint8Array(adataBuffer, 5, 8);
-  adataArray.set([0xC0 | this.tag, this.version, this.cipherAlgo, this.aeadAlgo, this.chunkSizeByte], 0);
-  let chunkIndex = 0;
-  let latestPromise = Promise.resolve();
-  let cryptedBytes = 0;
-  let queuedBytes = 0;
-  const iv = this.iv;
-  return stream.transformPair(data, async (readable, writable) => {
-    const reader = stream.getReader(readable);
-    const buffer = new TransformStream({}, {
-      highWaterMark: streaming ? util.getHardwareConcurrency() * 2 ** (this.chunkSizeByte + 6) : Infinity,
-      size: array => array.length
-    });
-    stream.pipe(buffer.readable, writable);
-    const writer = stream.getWriter(buffer.writable);
-    try {
-      while (true) {
-        let chunk = await reader.readBytes(chunkSize + tagLengthIfDecrypting) || new Uint8Array();
-        const finalChunk = chunk.subarray(chunk.length - tagLengthIfDecrypting);
-        chunk = chunk.subarray(0, chunk.length - tagLengthIfDecrypting);
-        let cryptedPromise;
-        let done;
-        if (!chunkIndex || chunk.length) {
-          reader.unshift(finalChunk);
-          cryptedPromise = modeInstance[fn](chunk, mode.getNonce(iv, chunkIndexArray), adataArray);
-          queuedBytes += chunk.length - tagLengthIfDecrypting + tagLengthIfEncrypting;
-        } else {
-          // After the last chunk, we either encrypt a final, empty
-          // data chunk to get the final authentication tag or
-          // validate that final authentication tag.
-          adataView.setInt32(13 + 4, cryptedBytes); // Should be setInt64(13, ...)
-          cryptedPromise = modeInstance[fn](finalChunk, mode.getNonce(iv, chunkIndexArray), adataTagArray);
-          queuedBytes += tagLengthIfEncrypting;
-          done = true;
-        }
-        cryptedBytes += chunk.length - tagLengthIfDecrypting;
-        // eslint-disable-next-line no-loop-func
-        latestPromise = latestPromise.then(() => cryptedPromise).then(async crypted => {
-          await writer.ready;
-          await writer.write(crypted);
-          queuedBytes -= crypted.length;
-        }).catch(err => writer.abort(err));
-        if (done || queuedBytes > writer.desiredSize) {
-          await latestPromise; // Respect backpressure
-        }
-        if (!done) {
-          adataView.setInt32(5 + 4, ++chunkIndex); // Should be setInt64(5, ...)
-        } else {
-          await writer.close();
-          break;
-        }
-      }
-    } catch (e) {
-      await writer.abort(e);
-    }
-  });
-};

package/src/packet/sym_encrypted_integrity_protected.js

@@ -1,139 +0,0 @@
-// GPG4Browsers - An OpenPGP implementation in javascript
-// Copyright (C) 2011 Recurity Labs GmbH
-//
-// This library is free software; you can redistribute it and/or
-// modify it under the terms of the GNU Lesser General Public
-// License as published by the Free Software Foundation; either
-// version 3.0 of the License, or (at your option) any later version.
-//
-// This library is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-// Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public
-// License along with this library; if not, write to the Free Software
-// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-
-/**
- * @requires asmcrypto.js
- * @requires web-stream-tools
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- */
-
-import stream from 'web-stream-tools';
-import config from '../config';
-import crypto from '../crypto';
-import enums from '../enums';
-import util from '../util';
-
-const VERSION = 1; // A one-octet version number of the data packet.
-
-/**
- * Implementation of the Sym. Encrypted Integrity Protected Data Packet (Tag 18)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.13|RFC4880 5.13}:
- * The Symmetrically Encrypted Integrity Protected Data packet is
- * a variant of the Symmetrically Encrypted Data packet. It is a new feature
- * created for OpenPGP that addresses the problem of detecting a modification to
- * encrypted data. It is used in combination with a Modification Detection Code
- * packet.
- * @memberof module:packet
- * @constructor
- */
-function SymEncryptedIntegrityProtected() {
-  this.tag = enums.packet.symEncryptedIntegrityProtected;
-  this.version = VERSION;
-  /** The encrypted payload. */
-  this.encrypted = null; // string
-  /**
-   * If after decrypting the packet this is set to true,
-   * a modification has been detected and thus the contents
-   * should be discarded.
-   * @type {Boolean}
-   */
-  this.modification = false;
-  this.packets = null;
-}
-
-SymEncryptedIntegrityProtected.prototype.read = async function (bytes) {
-  await stream.parse(bytes, async reader => {
-
-    // - A one-octet version number. The only currently defined value is 1.
-    if (await reader.readByte() !== VERSION) {
-      throw new Error('Invalid packet version.');
-    }
-
-    // - Encrypted data, the output of the selected symmetric-key cipher
-    //   operating in Cipher Feedback mode with shift amount equal to the
-    //   block size of the cipher (CFB-n where n is the block size).
-    this.encrypted = reader.remainder();
-  });
-};
-
-SymEncryptedIntegrityProtected.prototype.write = function () {
-  return util.concat([new Uint8Array([VERSION]), this.encrypted]);
-};
-
-/**
- * Encrypt the payload in the packet.
- * @param  {String} sessionKeyAlgorithm   The selected symmetric encryption algorithm to be used e.g. 'aes128'
- * @param  {Uint8Array} key               The key of cipher blocksize length to be used
- * @param  {Boolean} streaming            Whether to set this.encrypted to a stream
- * @returns {Promise<Boolean>}
- * @async
- */
-SymEncryptedIntegrityProtected.prototype.encrypt = async function (sessionKeyAlgorithm, key, streaming) {
-  let bytes = this.packets.write();
-  if (!streaming) bytes = await stream.readToEnd(bytes);
-  const prefix = await crypto.getPrefixRandom(sessionKeyAlgorithm);
-  const mdc = new Uint8Array([0xD3, 0x14]); // modification detection code packet
-
-  const tohash = util.concat([prefix, bytes, mdc]);
-  const hash = await crypto.hash.sha1(stream.passiveClone(tohash));
-  const plaintext = util.concat([tohash, hash]);
-
-  this.encrypted = await crypto.cfb.encrypt(sessionKeyAlgorithm, key, plaintext, new Uint8Array(crypto.cipher[sessionKeyAlgorithm].blockSize));
-  return true;
-};
-
-/**
- * Decrypts the encrypted data contained in the packet.
- * @param  {String} sessionKeyAlgorithm   The selected symmetric encryption algorithm to be used e.g. 'aes128'
- * @param  {Uint8Array} key               The key of cipher blocksize length to be used
- * @param  {Boolean} streaming            Whether to read this.encrypted as a stream
- * @returns {Promise<Boolean>}
- * @async
- */
-SymEncryptedIntegrityProtected.prototype.decrypt = async function (sessionKeyAlgorithm, key, streaming) {
-  let encrypted = stream.clone(this.encrypted);
-  if (!streaming) encrypted = await stream.readToEnd(encrypted);
-  const decrypted = await crypto.cfb.decrypt(sessionKeyAlgorithm, key, encrypted, new Uint8Array(crypto.cipher[sessionKeyAlgorithm].blockSize));
-
-  // there must be a modification detection code packet as the
-  // last packet and everything gets hashed except the hash itself
-  const realHash = stream.slice(stream.passiveClone(decrypted), -20);
-  const tohash = stream.slice(decrypted, 0, -20);
-  const verifyHash = Promise.all([
-    stream.readToEnd(await crypto.hash.sha1(stream.passiveClone(tohash))),
-    stream.readToEnd(realHash)
-  ]).then(([hash, mdc]) => {
-    if (!util.equalsUint8Array(hash, mdc)) {
-      throw new Error('Modification detected.');
-    }
-    return new Uint8Array();
-  });
-  const bytes = stream.slice(tohash, crypto.cipher[sessionKeyAlgorithm].blockSize + 2); // Remove random prefix
-  let packetbytes = stream.slice(bytes, 0, -2); // Remove MDC packet
-  packetbytes = stream.concat([packetbytes, stream.fromAsync(() => verifyHash)]);
-  if (!util.isStream(encrypted) || !config.allow_unauthenticated_stream) {
-    packetbytes = await stream.readToEnd(packetbytes);
-  }
-  await this.packets.read(packetbytes, streaming);
-  return true;
-};
-
-export default SymEncryptedIntegrityProtected;

package/src/packet/sym_encrypted_session_key.js

@@ -1,204 +0,0 @@
-// GPG4Browsers - An OpenPGP implementation in javascript
-// Copyright (C) 2011 Recurity Labs GmbH
-//
-// This library is free software; you can redistribute it and/or
-// modify it under the terms of the GNU Lesser General Public
-// License as published by the Free Software Foundation; either
-// version 3.0 of the License, or (at your option) any later version.
-//
-// This library is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-// Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public
-// License along with this library; if not, write to the Free Software
-// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-
-/**
- * @requires type/s2k
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- */
-
-import type_s2k from '../type/s2k';
-import config from '../config';
-import crypto from '../crypto';
-import enums from '../enums';
-import util from '../util';
-
-/**
- * Public-Key Encrypted Session Key Packets (Tag 1)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.1|RFC4880 5.1}:
- * A Public-Key Encrypted Session Key packet holds the session key
- * used to encrypt a message. Zero or more Public-Key Encrypted Session Key
- * packets and/or Symmetric-Key Encrypted Session Key packets may precede a
- * Symmetrically Encrypted Data Packet, which holds an encrypted message. The
- * message is encrypted with the session key, and the session key is itself
- * encrypted and stored in the Encrypted Session Key packet(s). The
- * Symmetrically Encrypted Data Packet is preceded by one Public-Key Encrypted
- * Session Key packet for each OpenPGP key to which the message is encrypted.
- * The recipient of the message finds a session key that is encrypted to their
- * public key, decrypts the session key, and then uses the session key to
- * decrypt the message.
- * @memberof module:packet
- * @constructor
- */
-function SymEncryptedSessionKey() {
-  this.tag = enums.packet.symEncryptedSessionKey;
-  this.version = config.aead_protect ? 5 : 4;
-  this.sessionKey = null;
-  this.sessionKeyEncryptionAlgorithm = null;
-  this.sessionKeyAlgorithm = 'aes256';
-  this.aeadAlgorithm = enums.read(enums.aead, config.aead_mode);
-  this.encrypted = null;
-  this.s2k = null;
-  this.iv = null;
-}
-
-/**
- * Parsing function for a symmetric encrypted session key packet (tag 3).
- *
- * @param {Uint8Array} input Payload of a tag 1 packet
- * @param {Integer} position Position to start reading from the input string
- * @param {Integer} len
- *            Length of the packet or the remaining length of
- *            input at position
- * @returns {module:packet.SymEncryptedSessionKey} Object representation
- */
-SymEncryptedSessionKey.prototype.read = function(bytes) {
-  let offset = 0;
-
-  // A one-octet version number. The only currently defined version is 4.
-  this.version = bytes[offset++];
-
-  // A one-octet number describing the symmetric algorithm used.
-  const algo = enums.read(enums.symmetric, bytes[offset++]);
-
-  if (this.version === 5) {
-    // A one-octet AEAD algorithm.
-    this.aeadAlgorithm = enums.read(enums.aead, bytes[offset++]);
-  }
-
-  // A string-to-key (S2K) specifier, length as defined above.
-  this.s2k = new type_s2k();
-  offset += this.s2k.read(bytes.subarray(offset, bytes.length));
-
-  if (this.version === 5) {
-    const mode = crypto[this.aeadAlgorithm];
-
-    // A starting initialization vector of size specified by the AEAD
-    // algorithm.
-    this.iv = bytes.subarray(offset, offset += mode.ivLength);
-  }
-
-  // The encrypted session key itself, which is decrypted with the
-  // string-to-key object. This is optional in version 4.
-  if (this.version === 5 || offset < bytes.length) {
-    this.encrypted = bytes.subarray(offset, bytes.length);
-    this.sessionKeyEncryptionAlgorithm = algo;
-  } else {
-    this.sessionKeyAlgorithm = algo;
-  }
-};
-
-SymEncryptedSessionKey.prototype.write = function() {
-  const algo = this.encrypted === null ?
-    this.sessionKeyAlgorithm :
-    this.sessionKeyEncryptionAlgorithm;
-
-  let bytes;
-
-  if (this.version === 5) {
-    bytes = util.concatUint8Array([new Uint8Array([this.version, enums.write(enums.symmetric, algo), enums.write(enums.aead, this.aeadAlgorithm)]), this.s2k.write(), this.iv, this.encrypted]);
-  } else {
-    bytes = util.concatUint8Array([new Uint8Array([this.version, enums.write(enums.symmetric, algo)]), this.s2k.write()]);
-
-    if (this.encrypted !== null) {
-      bytes = util.concatUint8Array([bytes, this.encrypted]);
-    }
-  }
-
-  return bytes;
-};
-
-/**
- * Decrypts the session key
- * @param {String} passphrase The passphrase in string form
- * @returns {Promise<Boolean>}
- * @async
- */
-SymEncryptedSessionKey.prototype.decrypt = async function(passphrase) {
-  const algo = this.sessionKeyEncryptionAlgorithm !== null ?
-    this.sessionKeyEncryptionAlgorithm :
-    this.sessionKeyAlgorithm;
-
-  const length = crypto.cipher[algo].keySize;
-  const key = await this.s2k.produce_key(passphrase, length);
-
-  if (this.version === 5) {
-    const mode = crypto[this.aeadAlgorithm];
-    const adata = new Uint8Array([0xC0 | this.tag, this.version, enums.write(enums.symmetric, this.sessionKeyEncryptionAlgorithm), enums.write(enums.aead, this.aeadAlgorithm)]);
-    const modeInstance = await mode(algo, key);
-    this.sessionKey = await modeInstance.decrypt(this.encrypted, this.iv, adata);
-  } else if (this.encrypted !== null) {
-    const decrypted = await crypto.cfb.decrypt(algo, key, this.encrypted, new Uint8Array(crypto.cipher[algo].blockSize));
-
-    this.sessionKeyAlgorithm = enums.read(enums.symmetric, decrypted[0]);
-    this.sessionKey = decrypted.subarray(1, decrypted.length);
-  } else {
-    this.sessionKey = key;
-  }
-
-  return true;
-};
-
-/**
- * Encrypts the session key
- * @param {String} passphrase The passphrase in string form
- * @returns {Promise<Boolean>}
- * @async
- */
-SymEncryptedSessionKey.prototype.encrypt = async function(passphrase) {
-  const algo = this.sessionKeyEncryptionAlgorithm !== null ?
-    this.sessionKeyEncryptionAlgorithm :
-    this.sessionKeyAlgorithm;
-
-  this.sessionKeyEncryptionAlgorithm = algo;
-
-  this.s2k = new type_s2k();
-  this.s2k.salt = await crypto.random.getRandomBytes(8);
-
-  const length = crypto.cipher[algo].keySize;
-  const key = await this.s2k.produce_key(passphrase, length);
-
-  if (this.sessionKey === null) {
-    this.sessionKey = await crypto.generateSessionKey(this.sessionKeyAlgorithm);
-  }
-
-  if (this.version === 5) {
-    const mode = crypto[this.aeadAlgorithm];
-    this.iv = await crypto.random.getRandomBytes(mode.ivLength); // generate new random IV
-    const adata = new Uint8Array([0xC0 | this.tag, this.version, enums.write(enums.symmetric, this.sessionKeyEncryptionAlgorithm), enums.write(enums.aead, this.aeadAlgorithm)]);
-    const modeInstance = await mode(algo, key);
-    this.encrypted = await modeInstance.encrypt(this.sessionKey, this.iv, adata);
-  } else {
-    const algo_enum = new Uint8Array([enums.write(enums.symmetric, this.sessionKeyAlgorithm)]);
-    const private_key = util.concatUint8Array([algo_enum, this.sessionKey]);
-    this.encrypted = await crypto.cfb.encrypt(algo, key, private_key, new Uint8Array(crypto.cipher[algo].blockSize));
-  }
-
-  return true;
-};
-
-/**
- * Fix custom types after cloning
- */
-SymEncryptedSessionKey.prototype.postCloneTypeFix = function() {
-  this.s2k = type_s2k.fromClone(this.s2k);
-};
-
-export default SymEncryptedSessionKey;

package/src/packet/symmetrically_encrypted.js

@@ -1,118 +0,0 @@
-// GPG4Browsers - An OpenPGP implementation in javascript
-// Copyright (C) 2011 Recurity Labs GmbH
-//
-// This library is free software; you can redistribute it and/or
-// modify it under the terms of the GNU Lesser General Public
-// License as published by the Free Software Foundation; either
-// version 3.0 of the License, or (at your option) any later version.
-//
-// This library is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-// Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public
-// License along with this library; if not, write to the Free Software
-// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-
-/**
- * @requires web-stream-tools
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- */
-
-import stream from 'web-stream-tools';
-import config from '../config';
-import crypto from '../crypto';
-import enums from '../enums';
-import util from '../util';
-
-/**
- * Implementation of the Symmetrically Encrypted Data Packet (Tag 9)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.7|RFC4880 5.7}:
- * The Symmetrically Encrypted Data packet contains data encrypted with a
- * symmetric-key algorithm. When it has been decrypted, it contains other
- * packets (usually a literal data packet or compressed data packet, but in
- * theory other Symmetrically Encrypted Data packets or sequences of packets
- * that form whole OpenPGP messages).
- * @memberof module:packet
- * @constructor
- */
-function SymmetricallyEncrypted() {
-  /**
-   * Packet type
-   * @type {module:enums.packet}
-   */
-  this.tag = enums.packet.symmetricallyEncrypted;
-  /**
-   * Encrypted secret-key data
-   */
-  this.encrypted = null;
-  /**
-   * Decrypted packets contained within.
-   * @type {module:packet.List}
-   */
-  this.packets = null;
-  /**
-   * When true, decrypt fails if message is not integrity protected
-   * @see module:config.ignore_mdc_error
-   */
-  this.ignore_mdc_error = config.ignore_mdc_error;
-}
-
-SymmetricallyEncrypted.prototype.read = function (bytes) {
-  this.encrypted = bytes;
-};
-
-SymmetricallyEncrypted.prototype.write = function () {
-  return this.encrypted;
-};
-
-/**
- * Decrypt the symmetrically-encrypted packet data
- * See {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC 4880 9.2} for algorithms.
- * @param {module:enums.symmetric} sessionKeyAlgorithm Symmetric key algorithm to use
- * @param {Uint8Array} key    The key of cipher blocksize length to be used
- * @returns {Promise<Boolean>}
- * @async
- */
-SymmetricallyEncrypted.prototype.decrypt = async function (sessionKeyAlgorithm, key) {
-  // If MDC errors are not being ignored, all missing MDC packets in symmetrically encrypted data should throw an error
-  if (!this.ignore_mdc_error) {
-    throw new Error('Decryption failed due to missing MDC.');
-  }
-
-  this.encrypted = await stream.readToEnd(this.encrypted);
-  const decrypted = await crypto.cfb.decrypt(sessionKeyAlgorithm, key,
-    this.encrypted.subarray(crypto.cipher[sessionKeyAlgorithm].blockSize + 2),
-    this.encrypted.subarray(2, crypto.cipher[sessionKeyAlgorithm].blockSize + 2)
-  );
-
-  await this.packets.read(decrypted);
-
-  return true;
-};
-
-/**
- * Encrypt the symmetrically-encrypted packet data
- * See {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC 4880 9.2} for algorithms.
- * @param {module:enums.symmetric} sessionKeyAlgorithm Symmetric key algorithm to use
- * @param {Uint8Array} key    The key of cipher blocksize length to be used
- * @returns {Promise<Boolean>}
- * @async
- */
-SymmetricallyEncrypted.prototype.encrypt = async function (algo, key) {
-  const data = this.packets.write();
-
-  const prefix = await crypto.getPrefixRandom(algo);
-  const FRE = await crypto.cfb.encrypt(algo, key, prefix, new Uint8Array(crypto.cipher[algo].blockSize));
-  const ciphertext = await crypto.cfb.encrypt(algo, key, data, FRE.subarray(2));
-  this.encrypted = util.concat([FRE, ciphertext]);
-
-  return true;
-};
-
-export default SymmetricallyEncrypted;

package/src/packet/trust.js

@@ -1,35 +0,0 @@
-/**
- * @requires enums
- */
-
-import enums from '../enums';
-
-/**
- * Implementation of the Trust Packet (Tag 12)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.10|RFC4880 5.10}:
- * The Trust packet is used only within keyrings and is not normally
- * exported.  Trust packets contain data that record the user's
- * specifications of which key holders are trustworthy introducers,
- * along with other information that implementing software uses for
- * trust information.  The format of Trust packets is defined by a given
- * implementation.
- *
- * Trust packets SHOULD NOT be emitted to output streams that are
- * transferred to other users, and they SHOULD be ignored on any input
- * other than local keyring files.
- * @memberof module:packet
- * @constructor
- */
-function Trust() {
-  this.tag = enums.packet.trust;
-}
-
-/**
- * Parsing function for a trust packet (tag 12).
- * Currently not implemented as we ignore trust packets
- * @param {String} byptes payload of a tag 12 packet
- */
-Trust.prototype.read = function () {}; // TODO
-
-export default Trust;