@protontech/openpgp 5.4.0 → 5.5.0

package/dist/node/openpgp.mjs

@@ -1,4 +1,4 @@
-/*! OpenPGP.js v5.4.0 - 2022-08-08 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+/*! OpenPGP.js v5.5.0 - 2022-10-31 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
 const globalThis = typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
 
 import buffer from 'buffer';
@@ -1776,7 +1776,7 @@ const util = {
    */
   printDebug: function (str) {
     if (debugMode) {
-      console.log(str);
+      console.log('[OpenPGP.js debug]', str);
     }
   },
 
@@ -1787,7 +1787,7 @@ const util = {
    */
   printDebugError: function (error) {
     if (debugMode) {
-      console.error(error);
+      console.error('[OpenPGP.js debug]', error);
     }
   },
 
@@ -2890,7 +2890,7 @@ var defaultConfig = {
    * @memberof module:config
    * @property {String} versionString A version string to be included in armored messages
    */
-  versionString: 'OpenPGP.js 5.4.0',
+  versionString: 'OpenPGP.js 5.5.0',
   /**
    * @memberof module:config
    * @property {String} commentString A comment string to be included in armored messages
@@ -3107,15 +3107,17 @@ function createcrc24(input) {
 }
 
 /**
- * Verify armored headers. RFC4880, section 6.3: "OpenPGP should consider improperly formatted
- * Armor Headers to be corruption of the ASCII Armor."
+ * Verify armored headers. crypto-refresh-06, section 6.2:
+ * "An OpenPGP implementation may consider improperly formatted Armor
+ * Headers to be corruption of the ASCII Armor, but SHOULD make an
+ * effort to recover."
  * @private
  * @param {Array<String>} headers - Armor headers
  */
 function verifyHeaders(headers) {
   for (let i = 0; i < headers.length; i++) {
     if (!/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(headers[i])) {
-      throw new Error('Improperly formatted armor header: ' + headers[i]);
+      util.printDebugError(new Error('Improperly formatted armor header: ' + headers[i]));
     }
     if (!/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(headers[i])) {
       util.printDebugError(new Error('Unknown header: ' + headers[i]));
@@ -3309,7 +3311,7 @@ function armor(messageType, body, partIndex, partTotal, customComment, config =
       result.push('-----END PGP MESSAGE, PART ' + partIndex + '-----\n');
       break;
     case enums.armor.signed:
-      result.push('\n-----BEGIN PGP SIGNED MESSAGE-----\n');
+      result.push('-----BEGIN PGP SIGNED MESSAGE-----\n');
       result.push('Hash: ' + hash + '\n\n');
       result.push(text.replace(/^-/mg, '- -'));
       result.push('\n-----BEGIN PGP SIGNATURE-----\n');
@@ -23266,6 +23268,11 @@ class SignaturePacket {
     // Add hashed subpackets
     arr.push(this.writeHashedSubPackets());
 
+    // Remove unhashed subpackets, in case some allowed unhashed
+    // subpackets existed, in order not to duplicate them (in both
+    // the hashed and unhashed subpackets) when re-signing.
+    this.unhashedSubpackets = [];
+
     this.signatureData = util.concat(arr);
 
     const toHash = this.toHash(this.signatureType, data, detached);
@@ -23328,6 +23335,11 @@ class SignaturePacket {
       bytes = util.concat([bytes, this.revocationKeyFingerprint]);
       arr.push(writeSubPacket(sub.revocationKey, bytes));
     }
+    if (!this.issuerKeyID.isNull() && this.issuerKeyVersion !== 5) {
+      // If the version of [the] key is greater than 4, this subpacket
+      // MUST NOT be included in the signature.
+      arr.push(writeSubPacket(sub.issuer, this.issuerKeyID.write()));
+    }
     this.rawNotations.forEach(([{ name, value, humanReadable }]) => {
       bytes = [new Uint8Array([humanReadable ? 0x80 : 0, 0, 0, 0])];
       // 2 octets of name length
@@ -23381,6 +23393,14 @@ class SignaturePacket {
       bytes = util.concat(bytes);
       arr.push(writeSubPacket(sub.signatureTarget, bytes));
     }
+    if (this.embeddedSignature !== null) {
+      arr.push(writeSubPacket(sub.embeddedSignature, this.embeddedSignature.write()));
+    }
+    if (this.issuerFingerprint !== null) {
+      bytes = [new Uint8Array([this.issuerKeyVersion]), this.issuerFingerprint];
+      bytes = util.concat(bytes);
+      arr.push(writeSubPacket(sub.issuerFingerprint, bytes));
+    }
     if (this.preferredAEADAlgorithms !== null) {
       bytes = util.stringToUint8Array(util.uint8ArrayToString(this.preferredAEADAlgorithms));
       arr.push(writeSubPacket(sub.preferredAEADAlgorithms, bytes));
@@ -23393,26 +23413,11 @@ class SignaturePacket {
   }
 
   /**
-   * Creates Uint8Array of bytes of Issuer and Embedded Signature subpackets
+   * Creates an Uint8Array containing the unhashed subpackets
    * @returns {Uint8Array} Subpacket data.
    */
   writeUnhashedSubPackets() {
-    const sub = enums.signatureSubpacket;
     const arr = [];
-    let bytes;
-    if (!this.issuerKeyID.isNull() && this.issuerKeyVersion !== 5) {
-      // If the version of [the] key is greater than 4, this subpacket
-      // MUST NOT be included in the signature.
-      arr.push(writeSubPacket(sub.issuer, this.issuerKeyID.write()));
-    }
-    if (this.embeddedSignature !== null) {
-      arr.push(writeSubPacket(sub.embeddedSignature, this.embeddedSignature.write()));
-    }
-    if (this.issuerFingerprint !== null) {
-      bytes = [new Uint8Array([this.issuerKeyVersion]), this.issuerFingerprint];
-      bytes = util.concat(bytes);
-      arr.push(writeSubPacket(sub.issuerFingerprint, bytes));
-    }
     this.unhashedSubpackets.forEach(data => {
       arr.push(writeSimpleLength(data.length));
       arr.push(data);
@@ -23432,9 +23437,11 @@ class SignaturePacket {
     const critical = bytes[mypos] & 0x80;
     const type = bytes[mypos] & 0x7F;
 
-    if (!hashed && !allowedUnhashedSubpackets.has(type)) {
+    if (!hashed) {
       this.unhashedSubpackets.push(bytes.subarray(mypos, bytes.length));
-      return;
+      if (!allowedUnhashedSubpackets.has(type)) {
+        return;
+      }
     }
 
     mypos++;

package/dist/openpgp.js

@@ -1,4 +1,4 @@
-/*! OpenPGP.js v5.4.0 - 2022-08-08 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+/*! OpenPGP.js v5.5.0 - 2022-10-31 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
 var openpgp = (function (exports) {
   'use strict';
 
@@ -1773,7 +1773,7 @@ var openpgp = (function (exports) {
      */
     printDebug: function (str) {
       if (debugMode) {
-        console.log(str);
+        console.log('[OpenPGP.js debug]', str);
       }
     },
 
@@ -1784,7 +1784,7 @@ var openpgp = (function (exports) {
      */
     printDebugError: function (error) {
       if (debugMode) {
-        console.error(error);
+        console.error('[OpenPGP.js debug]', error);
       }
     },
 
@@ -2887,7 +2887,7 @@ var openpgp = (function (exports) {
      * @memberof module:config
      * @property {String} versionString A version string to be included in armored messages
      */
-    versionString: 'OpenPGP.js 5.4.0',
+    versionString: 'OpenPGP.js 5.5.0',
     /**
      * @memberof module:config
      * @property {String} commentString A comment string to be included in armored messages
@@ -3104,15 +3104,17 @@ var openpgp = (function (exports) {
   }
 
   /**
-   * Verify armored headers. RFC4880, section 6.3: "OpenPGP should consider improperly formatted
-   * Armor Headers to be corruption of the ASCII Armor."
+   * Verify armored headers. crypto-refresh-06, section 6.2:
+   * "An OpenPGP implementation may consider improperly formatted Armor
+   * Headers to be corruption of the ASCII Armor, but SHOULD make an
+   * effort to recover."
    * @private
    * @param {Array<String>} headers - Armor headers
    */
   function verifyHeaders(headers) {
     for (let i = 0; i < headers.length; i++) {
       if (!/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(headers[i])) {
-        throw new Error('Improperly formatted armor header: ' + headers[i]);
+        util.printDebugError(new Error('Improperly formatted armor header: ' + headers[i]));
       }
       if (!/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(headers[i])) {
         util.printDebugError(new Error('Unknown header: ' + headers[i]));
@@ -3306,7 +3308,7 @@ var openpgp = (function (exports) {
         result.push('-----END PGP MESSAGE, PART ' + partIndex + '-----\n');
         break;
       case enums.armor.signed:
-        result.push('\n-----BEGIN PGP SIGNED MESSAGE-----\n');
+        result.push('-----BEGIN PGP SIGNED MESSAGE-----\n');
         result.push('Hash: ' + hash + '\n\n');
         result.push(text.replace(/^-/mg, '- -'));
         result.push('\n-----BEGIN PGP SIGNATURE-----\n');
@@ -23257,6 +23259,11 @@ var openpgp = (function (exports) {
       // Add hashed subpackets
       arr.push(this.writeHashedSubPackets());
 
+      // Remove unhashed subpackets, in case some allowed unhashed
+      // subpackets existed, in order not to duplicate them (in both
+      // the hashed and unhashed subpackets) when re-signing.
+      this.unhashedSubpackets = [];
+
       this.signatureData = util.concat(arr);
 
       const toHash = this.toHash(this.signatureType, data, detached);
@@ -23319,6 +23326,11 @@ var openpgp = (function (exports) {
         bytes = util.concat([bytes, this.revocationKeyFingerprint]);
         arr.push(writeSubPacket(sub.revocationKey, bytes));
       }
+      if (!this.issuerKeyID.isNull() && this.issuerKeyVersion !== 5) {
+        // If the version of [the] key is greater than 4, this subpacket
+        // MUST NOT be included in the signature.
+        arr.push(writeSubPacket(sub.issuer, this.issuerKeyID.write()));
+      }
       this.rawNotations.forEach(([{ name, value, humanReadable }]) => {
         bytes = [new Uint8Array([humanReadable ? 0x80 : 0, 0, 0, 0])];
         // 2 octets of name length
@@ -23372,6 +23384,14 @@ var openpgp = (function (exports) {
         bytes = util.concat(bytes);
         arr.push(writeSubPacket(sub.signatureTarget, bytes));
       }
+      if (this.embeddedSignature !== null) {
+        arr.push(writeSubPacket(sub.embeddedSignature, this.embeddedSignature.write()));
+      }
+      if (this.issuerFingerprint !== null) {
+        bytes = [new Uint8Array([this.issuerKeyVersion]), this.issuerFingerprint];
+        bytes = util.concat(bytes);
+        arr.push(writeSubPacket(sub.issuerFingerprint, bytes));
+      }
       if (this.preferredAEADAlgorithms !== null) {
         bytes = util.stringToUint8Array(util.uint8ArrayToString(this.preferredAEADAlgorithms));
         arr.push(writeSubPacket(sub.preferredAEADAlgorithms, bytes));
@@ -23384,26 +23404,11 @@ var openpgp = (function (exports) {
     }
 
     /**
-     * Creates Uint8Array of bytes of Issuer and Embedded Signature subpackets
+     * Creates an Uint8Array containing the unhashed subpackets
      * @returns {Uint8Array} Subpacket data.
      */
     writeUnhashedSubPackets() {
-      const sub = enums.signatureSubpacket;
       const arr = [];
-      let bytes;
-      if (!this.issuerKeyID.isNull() && this.issuerKeyVersion !== 5) {
-        // If the version of [the] key is greater than 4, this subpacket
-        // MUST NOT be included in the signature.
-        arr.push(writeSubPacket(sub.issuer, this.issuerKeyID.write()));
-      }
-      if (this.embeddedSignature !== null) {
-        arr.push(writeSubPacket(sub.embeddedSignature, this.embeddedSignature.write()));
-      }
-      if (this.issuerFingerprint !== null) {
-        bytes = [new Uint8Array([this.issuerKeyVersion]), this.issuerFingerprint];
-        bytes = util.concat(bytes);
-        arr.push(writeSubPacket(sub.issuerFingerprint, bytes));
-      }
       this.unhashedSubpackets.forEach(data => {
         arr.push(writeSimpleLength(data.length));
         arr.push(data);
@@ -23423,9 +23428,11 @@ var openpgp = (function (exports) {
       const critical = bytes[mypos] & 0x80;
       const type = bytes[mypos] & 0x7F;
 
-      if (!hashed && !allowedUnhashedSubpackets.has(type)) {
+      if (!hashed) {
         this.unhashedSubpackets.push(bytes.subarray(mypos, bytes.length));
-        return;
+        if (!allowedUnhashedSubpackets.has(type)) {
+          return;
+        }
       }
 
       mypos++;