Skip to content

Commit

Permalink
Add subkey check, reject Bitcoin curve by default
Browse files Browse the repository at this point in the history
  • Loading branch information
@larabr
larabr committed Aug 19, 2021
1 parent b81bf39 commit 38b9faf
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 2 deletions.
2 changes: 1 addition & 1 deletion src/config/config.js
View file
Expand Up @@ -205,5 +205,5 @@ export default {
* @memberof module:config
* @property {Set<String>} rejectCurves {@link module:enums.curve}
*/
rejectCurves: new Set([enums.curve.brainpoolP256r1, enums.curve.brainpoolP384r1, enums.curve.brainpoolP512r1])
rejectCurves: new Set([enums.curve.brainpoolP256r1, enums.curve.brainpoolP384r1, enums.curve.brainpoolP512r1, enums.curve.secp256k1])
};
2 changes: 1 addition & 1 deletion src/openpgp.js
View file
Expand Up @@ -69,7 +69,7 @@ export async function generateKey({ userIDs = [], passphrase = '', type = 'ecc',

try {
const { key, revocationCertificate } = await generate(options, config);
checkKeyRequirements(key.keyPacket, config);
key.getKeys().forEach(({ keyPacket }) => checkKeyRequirements(keyPacket, config));

return {
privateKey: formatObject(key, format, config),
Expand Down
11 changes: 11 additions & 0 deletions test/general/ecc_secp256k1.js
View file
Expand Up @@ -12,6 +12,17 @@ module.exports = () => describe('Elliptic Curve Cryptography for secp256k1 curve
this.skip(); // eslint-disable-line no-invalid-this
});
}

let rejectCurvesVal;
beforeEach(() => {
rejectCurvesVal = openpgp.config.rejectCurves;
openpgp.config.rejectCurves = new Set();
});

afterEach(() => {
openpgp.config.rejectCurves = rejectCurvesVal;
});

const data = {
romeo: {
id: 'c2b12389b401a43d',
Expand Down

0 comments on commit 38b9faf

Please sign in to comment.