Support for Intended Recipient fingerprint

.github/workflows/benchmark.yml

@@ -2,7 +2,7 @@ name: Performance Regression Test
 
 on:
   pull_request:
-    branches: [main]
+    branches: [main, v6]
 
 jobs:
   benchmark:

.github/workflows/docs.yml

@@ -4,7 +4,7 @@ on:
   push:
     branches: [main]
   pull_request:
-    branches: [main]
+    branches: [main, v6]
 
 jobs:
   lint:

.github/workflows/sop-test-suite.yml

@@ -2,7 +2,7 @@ name: SOP interoperability test suite
 
 on:
   pull_request:
-    branches: [ main ]
+    branches: [ main, v6 ]
 
 jobs:
 

.github/workflows/tests.yml

@@ -4,7 +4,7 @@ on:
   push:
     branches: [main]
   pull_request:
-    branches: [main]
+    branches: [main, v6]
 
 jobs:
   build: # cache both dist and tests (non-lightweight only), based on commit hash
@@ -30,7 +30,7 @@ jobs:
   node:
     strategy:
       matrix:
-        node-version: [14.x, 16.x, 18.x]
+        node-version: [16.x, 18.x, '20-v8-canary']
         # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
 
     name: Node ${{ matrix.node-version }}

openpgp.d.ts

@@ -332,7 +332,9 @@ interface Config {
   v5Keys: boolean;
   preferredAEADAlgorithm: enums.aead;
   aeadChunkSizeByte: number;
+  s2kType: enums.s2k.iterated | enums.s2k.argon2;
   s2kIterationCountByte: number;
+  s2kArgon2Params: { passes: number, parallelism: number; memoryExponent: number; };
   minBytesForWebCrypto: number;
   maxUserIDLength: number;
   knownNotations: string[];
@@ -902,4 +904,12 @@ export namespace enums {
     utf8 = 117,
     mime = 109
   }
+
+  enum s2k {
+    simple = 0,
+    salted = 1,
+    iterated = 3,
+    argon2 = 4,
+    gnu = 101
+  }
 }

package.json

@@ -60,11 +60,13 @@
     "@openpgp/pako": "^1.0.12",
     "@openpgp/seek-bzip": "^1.0.5-git",
     "@openpgp/tweetnacl": "^1.0.3",
-    "@openpgp/web-stream-tools": "^0.0.11",
+    "@openpgp/web-stream-tools": "^0.0.13",
     "@rollup/plugin-commonjs": "^11.1.0",
     "@rollup/plugin-node-resolve": "^7.1.3",
     "@rollup/plugin-replace": "^2.3.2",
+    "@rollup/plugin-wasm": "^6.1.2",
     "@types/chai": "^4.2.14",
+    "argon2id": "^1.0.0",
     "benchmark": "^2.1.4",
     "bn.js": "^4.11.8",
     "chai": "^4.3.6",

rollup.config.js

@@ -6,10 +6,25 @@ import resolve from '@rollup/plugin-node-resolve';
 import commonjs from '@rollup/plugin-commonjs';
 import replace from '@rollup/plugin-replace';
 import { terser } from 'rollup-plugin-terser';
+import { wasm } from '@rollup/plugin-wasm';
+
 
 import pkg from './package.json';
 
 const nodeDependencies = Object.keys(pkg.dependencies);
+const wasmOptions = {
+  node: { targetEnv: 'node' },
+  browser: { targetEnv: 'browser', maxFileSize: undefined } // always inlline (our wasm files are small)
+};
+
+const getChunkFileName = (chunkInfo, extension) => {
+  // index files result in chunks named simply 'index', so we rename them to include the package name
+  if (chunkInfo.name === 'index') {
+    const packageName = chunkInfo.facadeModuleId.split('/').at(-2); // assume index file is under the root folder
+    return `${packageName}.${extension}`;
+  }
+  return `[name].${extension}`;
+};
 
 const banner =
   `/*! OpenPGP.js v${pkg.version} - ` +
@@ -50,7 +65,8 @@ export default Object.assign([
         'OpenPGP.js VERSION': `OpenPGP.js ${pkg.version}`,
         'require(': 'void(',
         delimiters: ['', '']
-      })
+      }),
+      wasm(wasmOptions.browser)
     ]
   },
   {
@@ -68,14 +84,15 @@ export default Object.assign([
       commonjs(),
       replace({
         'OpenPGP.js VERSION': `OpenPGP.js ${pkg.version}`
-      })
+      }),
+      wasm(wasmOptions.node)
     ]
   },
   {
     input: 'src/index.js',
     output: [
-      { dir: 'dist/lightweight', entryFileNames: 'openpgp.mjs', chunkFileNames: '[name].mjs', format: 'es', banner, intro },
-      { dir: 'dist/lightweight', entryFileNames: 'openpgp.min.mjs', chunkFileNames: '[name].min.mjs', format: 'es', banner, intro, plugins: [terser(terserOptions)], sourcemap: true }
+      { dir: 'dist/lightweight', entryFileNames: 'openpgp.mjs', chunkFileNames: chunkInfo => getChunkFileName(chunkInfo, 'mjs'), format: 'es', banner, intro },
+      { dir: 'dist/lightweight', entryFileNames: 'openpgp.min.mjs', chunkFileNames: chunkInfo => getChunkFileName(chunkInfo, 'min.mjs'), format: 'es', banner, intro, plugins: [terser(terserOptions)], sourcemap: true }
     ],
     preserveEntrySignatures: 'allow-extension',
     plugins: [
@@ -89,7 +106,8 @@ export default Object.assign([
         'OpenPGP.js VERSION': `OpenPGP.js ${pkg.version}`,
         'require(': 'void(',
         delimiters: ['', '']
-      })
+      }),
+      wasm(wasmOptions.browser)
     ]
   },
   {
@@ -110,7 +128,8 @@ export default Object.assign([
         "import openpgpjs from '../../..';": `import * as openpgpjs from '/dist/${process.env.npm_config_lightweight ? 'lightweight/' : ''}openpgp.mjs'; window.openpgp = openpgpjs;`,
         'require(': 'void(',
         delimiters: ['', '']
-      })
+      }),
+      wasm(wasmOptions.browser)
     ]
   }
 ].filter(config => {

src/config/config.js

@@ -76,12 +76,41 @@ export default {
    */
   v5Keys: false,
   /**
-   * {@link https://tools.ietf.org/html/rfc4880#section-3.7.1.3|RFC4880 3.7.1.3}:
-   * Iteration Count Byte for S2K (String to Key)
+   * S2K (String to Key) type, used for key derivation in the context of secret key encryption
+   * and password-encrypted data. Weaker s2k options are not allowed.
+   * Note: Argon2 is the strongest option but not all OpenPGP implementations are compatible with it
+   * (pending standardisation).
+   * @memberof module:config
+   * @property {enums.s2k.argon2|enums.s2k.iterated} s2kType {@link module:enums.s2k}
+   */
+  s2kType: enums.s2k.iterated,
+  /**
+   * {@link https://tools.ietf.org/html/rfc4880#section-3.7.1.3| RFC4880 3.7.1.3}:
+   * Iteration Count Byte for Iterated and Salted S2K (String to Key).
+   * Only relevant if `config.s2kType` is set to `enums.s2k.iterated`.
+   * Note: this is the exponent value, not the final number of iterations (refer to specs for more details).
    * @memberof module:config
    * @property {Integer} s2kIterationCountByte
    */
   s2kIterationCountByte: 224,
+  /**
+   * {@link https://tools.ietf.org/html/draft-ietf-openpgp-crypto-refresh-07.html#section-3.7.1.4| draft-crypto-refresh 3.7.1.4}:
+   * Argon2 parameters for S2K (String to Key).
+   * Only relevant if `config.s2kType` is set to `enums.s2k.argon2`.
+   * Default settings correspond to the second recommendation from RFC9106 ("uniformly safe option"),
+   * to ensure compatibility with memory-constrained environments.
+   * For more details on the choice of parameters, see https://tools.ietf.org/html/rfc9106#section-4.
+   * @memberof module:config
+   * @property {Object} params
+   * @property {Integer} params.passes - number of iterations t
+   * @property {Integer} params.parallelism - degree of parallelism p
+   * @property {Integer} params.memoryExponent - one-octet exponent indicating the memory size, which will be: 2**memoryExponent kibibytes.
+   */
+  s2kArgon2Params: {
+    passes: 3,
+    parallelism: 4, // lanes
+    memoryExponent: 16 // 64 MiB of RAM
+  },
   /**
    * Allow decryption of messages without integrity protection.
    * This is an **insecure** setting: