npm - @protontech/openpgp - Versions diffs - 6.0.1 → 6.0.2-patch.1 - Mend

@protontech/openpgp 6.0.1 → 6.0.2-patch.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (33) hide show

package/dist/lightweight/argon2id.min.mjs +1 -1
package/dist/lightweight/argon2id.mjs +1 -1
package/dist/lightweight/legacy_ciphers.min.mjs +1 -1
package/dist/lightweight/legacy_ciphers.mjs +1 -1
package/dist/lightweight/noble_curves.min.mjs +1 -1
package/dist/lightweight/noble_curves.mjs +1 -1
package/dist/lightweight/noble_hashes.min.mjs +1 -1
package/dist/lightweight/noble_hashes.mjs +1 -1
package/dist/lightweight/noble_post_quantum.min.mjs +1 -1
package/dist/lightweight/noble_post_quantum.mjs +1 -1
package/dist/lightweight/openpgp.min.mjs +4 -4
package/dist/lightweight/openpgp.min.mjs.map +1 -1
package/dist/lightweight/openpgp.mjs +15 -19
package/dist/lightweight/seek-bzip.min.mjs +1 -1
package/dist/lightweight/seek-bzip.mjs +1 -1
package/dist/lightweight/sha3.min.mjs +1 -1
package/dist/lightweight/sha3.mjs +1 -1
package/dist/lightweight/sha512.min.mjs +1 -1
package/dist/lightweight/sha512.mjs +1 -1
package/dist/node/openpgp.cjs +15 -19
package/dist/node/openpgp.min.cjs +10 -10
package/dist/node/openpgp.min.cjs.map +1 -1
package/dist/node/openpgp.min.mjs +12 -12
package/dist/node/openpgp.min.mjs.map +1 -1
package/dist/node/openpgp.mjs +15 -19
package/dist/openpgp.js +15 -19
package/dist/openpgp.min.js +11 -11
package/dist/openpgp.min.js.map +1 -1
package/dist/openpgp.min.mjs +9 -9
package/dist/openpgp.min.mjs.map +1 -1
package/dist/openpgp.mjs +15 -19
package/openpgp.d.ts +4 -2
package/package.json +1 -1

package/dist/openpgp.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-/*! OpenPGP.js v6.0.1 - 2024-11-25 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+/*! OpenPGP.js v6.0.2-patch.1 - 2024-12-13 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
 const globalThis = typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
 function _mergeNamespaces(n, m) {
@@ -1702,7 +1702,7 @@ var config = {
    * @memberof module:config
    * @property {String} versionString A version string to be included in armored messages
    */
-  versionString: 'OpenPGP.js 6.0.1',
+  versionString: 'OpenPGP.js 6.0.2-patch.1',
   /**
    * @memberof module:config
    * @property {String} commentString A comment string to be included in armored messages
@@ -9281,7 +9281,11 @@ async function generate$a(algo) {
           seed: b64ToUint8Array(privateKey.d, true)
         };
       } catch (err) {
-        if (err.name !== 'NotSupportedError' && err.name !== 'OperationError') { // Temporary (hopefully) fix for WebKit on Linux
+        if (
+          err.name !== 'NotSupportedError' &&
+          err.name !== 'OperationError' && // Temporary (hopefully) fix for WebKit on Linux
+          err.name !== 'SyntaxError' // Temporary fix for Palemoon throwing 'SyntaxError'
+        ) {
           throw err;
         }
         const seed = getRandomBytes(getPayloadSize$1(algo));
@@ -9333,7 +9337,7 @@ async function sign$9(algo, hashAlgo, message, publicKey, privateKey, hashed) {
         return { RS: signature };
       } catch (err) {
-        if (err.name !== 'NotSupportedError') {
+        if (err.name !== 'NotSupportedError' && err.name !== 'SyntaxError') { // Temporary fix for Palemoon throwing 'SyntaxError'
           throw err;
         }
         const secretKey = util.concatUint8Array([privateKey, publicKey]);
@@ -9379,7 +9383,7 @@ async function verify$9(algo, hashAlgo, { RS }, m, publicKey, hashed) {
         const verified = await webCrypto.verify('Ed25519', key, RS, hashed);
         return verified;
       } catch (err) {
-        if (err.name !== 'NotSupportedError') {
+        if (err.name !== 'NotSupportedError' && err.name !== 'SyntaxError') { // Temporary fix for Palemoon throwing 'SyntaxError'
           throw err;
         }
         return verify$a(RS, hashed, publicKey);
@@ -11326,12 +11330,8 @@ async function generate$6(algo) {
 async function encaps$1(eccAlgo, eccRecipientPublicKey) {
   switch (eccAlgo) {
     case enums.publicKey.pqc_mlkem_x25519: {
-      const { ephemeralPublicKey: eccCipherText, sharedSecret: eccSharedSecret } = await generateEphemeralEncryptionMaterial(enums.publicKey.x25519, eccRecipientPublicKey);
-      const eccKeyShare = await hash.sha3_256(util.concatUint8Array([
-        eccSharedSecret,
-        eccCipherText,
-        eccRecipientPublicKey
-      ]));
+      const { ephemeralPublicKey: eccCipherText, sharedSecret: eccKeyShare } = await generateEphemeralEncryptionMaterial(enums.publicKey.x25519, eccRecipientPublicKey);
       return {
         eccCipherText,
         eccKeyShare
@@ -11345,12 +11345,7 @@ async function encaps$1(eccAlgo, eccRecipientPublicKey) {
 async function decaps$1(eccAlgo, eccCipherText, eccSecretKey, eccPublicKey) {
   switch (eccAlgo) {
     case enums.publicKey.pqc_mlkem_x25519: {
-      const eccSharedSecret = await recomputeSharedSecret(enums.publicKey.x25519, eccCipherText, eccPublicKey, eccSecretKey);
-      const eccKeyShare = await hash.sha3_256(util.concatUint8Array([
-        eccSharedSecret,
-        eccCipherText,
-        eccPublicKey
-      ]));
+      const eccKeyShare = await recomputeSharedSecret(enums.publicKey.x25519, eccCipherText, eccPublicKey, eccSecretKey);
       return eccKeyShare;
     }
     default:
@@ -11462,7 +11457,7 @@ async function decrypt$1(algo, eccCipherText, mlkemCipherText, eccSecretKey, ecc
 async function multiKeyCombine(algo, ecdhKeyShare, ecdhCipherText, ecdhPublicKey, mlkemKeyShare, mlkemCipherText, mlkemPublicKey) {
   // LAMPS-aligned and NIST compatible combiner, proposed in: https://mailarchive.ietf.org/arch/msg/openpgp/NMTCy707LICtxIhP3Xt1U5C8MF0/
   // 2a. KDF(mlkemSS || tradSS || tradCT || tradPK || Domain)
-  //     where Domain is "Domain" for LAMPS, and "mlkemCT || mlkemPK || algId" for OpenPGP
+  //     where Domain is "Domain" for LAMPS, and "mlkemCT || mlkemPK || algId || const" for OpenPGP
   const encData = util.concatUint8Array([
     mlkemKeyShare,
     ecdhKeyShare,
@@ -11471,7 +11466,8 @@ async function multiKeyCombine(algo, ecdhKeyShare, ecdhCipherText, ecdhPublicKey
     // domSep
     mlkemCipherText,
     mlkemPublicKey,
-    new Uint8Array([algo])
+    new Uint8Array([algo]),
+    util.encodeUTF8('OpenPGPCompositeKDFv1')
   ]);
   const kek = await hash.digest(enums.hash.sha3_256, encData);

package/openpgp.d.ts CHANGED Viewed

@@ -825,7 +825,7 @@ export namespace enums {
     aeadEncryptedData = 20
   }
-  export type publicKeyNames = 'rsaEncryptSign' | 'rsaEncrypt' | 'rsaSign' | 'elgamal' | 'dsa' | 'ecdh' | 'ecdsa' | 'eddsaLegacy' | 'aedh' | 'aedsa' | 'ed25519' | 'x25519' | 'ed448' | 'x448';
+  export type publicKeyNames = 'rsaEncryptSign' | 'rsaEncrypt' | 'rsaSign' | 'elgamal' | 'dsa' | 'ecdh' | 'ecdsa' | 'eddsaLegacy' | 'aedh' | 'aedsa' | 'ed25519' | 'x25519' | 'ed448' | 'x448' | 'pqc_mlkem_x25519' | 'pqc_mldsa_ed25519';
   export enum publicKey {
     rsaEncryptSign = 1,
     rsaEncrypt = 2,
@@ -840,7 +840,9 @@ export namespace enums {
     x25519 = 25,
     x448 = 26,
     ed25519 = 27,
-    ed448 = 28
+    ed448 = 28,
+    pqc_mlkem_x25519 = 105,
+    pqc_mldsa_ed25519 = 107
   }
   export enum curve {

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@protontech/openpgp",
   "description": "OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.",
-  "version": "6.0.1",
+  "version": "6.0.2-patch.1",
   "license": "LGPL-3.0+",
   "homepage": "https://openpgpjs.org/",
   "engines": {