@protontech/openpgp 6.0.2-patch.0 → 6.0.2-patch.1

package/dist/openpgp.mjs

@@ -1,4 +1,4 @@
-/*! OpenPGP.js v6.0.2-patch.0 - 2024-11-27 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+/*! OpenPGP.js v6.0.2-patch.1 - 2024-12-13 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
 const globalThis = typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
 
 function _mergeNamespaces(n, m) {
@@ -1702,7 +1702,7 @@ var config = {
    * @memberof module:config
    * @property {String} versionString A version string to be included in armored messages
    */
-  versionString: 'OpenPGP.js 6.0.2-patch.0',
+  versionString: 'OpenPGP.js 6.0.2-patch.1',
   /**
    * @memberof module:config
    * @property {String} commentString A comment string to be included in armored messages
@@ -11330,12 +11330,8 @@ async function generate$6(algo) {
 async function encaps$1(eccAlgo, eccRecipientPublicKey) {
   switch (eccAlgo) {
     case enums.publicKey.pqc_mlkem_x25519: {
-      const { ephemeralPublicKey: eccCipherText, sharedSecret: eccSharedSecret } = await generateEphemeralEncryptionMaterial(enums.publicKey.x25519, eccRecipientPublicKey);
-      const eccKeyShare = await hash.sha3_256(util.concatUint8Array([
-        eccSharedSecret,
-        eccCipherText,
-        eccRecipientPublicKey
-      ]));
+      const { ephemeralPublicKey: eccCipherText, sharedSecret: eccKeyShare } = await generateEphemeralEncryptionMaterial(enums.publicKey.x25519, eccRecipientPublicKey);
+
       return {
         eccCipherText,
         eccKeyShare
@@ -11349,12 +11345,7 @@ async function encaps$1(eccAlgo, eccRecipientPublicKey) {
 async function decaps$1(eccAlgo, eccCipherText, eccSecretKey, eccPublicKey) {
   switch (eccAlgo) {
     case enums.publicKey.pqc_mlkem_x25519: {
-      const eccSharedSecret = await recomputeSharedSecret(enums.publicKey.x25519, eccCipherText, eccPublicKey, eccSecretKey);
-      const eccKeyShare = await hash.sha3_256(util.concatUint8Array([
-        eccSharedSecret,
-        eccCipherText,
-        eccPublicKey
-      ]));
+      const eccKeyShare = await recomputeSharedSecret(enums.publicKey.x25519, eccCipherText, eccPublicKey, eccSecretKey);
       return eccKeyShare;
     }
     default:
@@ -11466,7 +11457,7 @@ async function decrypt$1(algo, eccCipherText, mlkemCipherText, eccSecretKey, ecc
 async function multiKeyCombine(algo, ecdhKeyShare, ecdhCipherText, ecdhPublicKey, mlkemKeyShare, mlkemCipherText, mlkemPublicKey) {
   // LAMPS-aligned and NIST compatible combiner, proposed in: https://mailarchive.ietf.org/arch/msg/openpgp/NMTCy707LICtxIhP3Xt1U5C8MF0/
   // 2a. KDF(mlkemSS || tradSS || tradCT || tradPK || Domain)
-  //     where Domain is "Domain" for LAMPS, and "mlkemCT || mlkemPK || algId" for OpenPGP
+  //     where Domain is "Domain" for LAMPS, and "mlkemCT || mlkemPK || algId || const" for OpenPGP
   const encData = util.concatUint8Array([
     mlkemKeyShare,
     ecdhKeyShare,
@@ -11475,7 +11466,8 @@ async function multiKeyCombine(algo, ecdhKeyShare, ecdhCipherText, ecdhPublicKey
     // domSep
     mlkemCipherText,
     mlkemPublicKey,
-    new Uint8Array([algo])
+    new Uint8Array([algo]),
+    util.encodeUTF8('OpenPGPCompositeKDFv1')
   ]);
 
   const kek = await hash.digest(enums.hash.sha3_256, encData);

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@protontech/openpgp",
   "description": "OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.",
-  "version": "6.0.2-patch.0",
+  "version": "6.0.2-patch.1",
   "license": "LGPL-3.0+",
   "homepage": "https://openpgpjs.org/",
   "engines": {