Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v6] Refuse to use keys without key flags, add config.allowMissingKeyFlags #1677

Merged
merged 3 commits into from
Oct 23, 2023
Merged

[v6] Refuse to use keys without key flags, add config.allowMissingKeyFlags #1677

merged 3 commits into from
Oct 23, 2023

Conversation

larabr
Copy link
Collaborator

@larabr larabr commented Sep 11, 2023
edited

Key flags are needed to restrict key usage to specific purposes: https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#section-5.2.3.29 . Some older keys (e.g. from OpenPGP.js v0) do not declare any key flags. In previous OpenPGP.js versions, we've allowed such keys to be used for any operation for which they were compatible. This behaviour has now changed, and these keys are not allowed to be used for any operation.

The setting config.allowMissingKeyFlags has been added to selectively revert to the past behaviour.

@larabr larabr requested a review from twiss September 11, 2023 15:33
larabr
larabr commented Sep 11, 2023
View reviewed changes
src/config/config.js Outdated Show resolved Hide resolved
twiss
twiss reviewed Sep 11, 2023
View reviewed changes
src/key/helper.js Outdated Show resolved Hide resolved
src/key/helper.js Outdated Show resolved Hide resolved
@larabr larabr requested a review from twiss October 4, 2023 08:41
twiss
twiss approved these changes Oct 17, 2023
View reviewed changes
src/key/helper.js Outdated
Comment on lines 365 to 372
case enums.publicKey.ed25519: {
if (!signature.keyFlags && !config.allowMissingKeyFlags) {
throw new Error('None of the key flags is set: consider passing `config.allowMissingKeyFlags`');
}

return !signature.keyFlags ||
(signature.keyFlags[0] & enums.keyFlags.signData) !== 0;
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for missing these last time (and being very nitpicky ^.^), but these brackets are also not necessary. They're only necessary if you need a block scope, e.g. if you're creating block-scoped variables.

Suggested change
case enums.publicKey.ed25519: {
if (!signature.keyFlags && !config.allowMissingKeyFlags) {
throw new Error('None of the key flags is set: consider passing `config.allowMissingKeyFlags`');
}
return !signature.keyFlags ||
(signature.keyFlags[0] & enums.keyFlags.signData) !== 0;
}
case enums.publicKey.ed25519:
if (!signature.keyFlags && !config.allowMissingKeyFlags) {
throw new Error('None of the key flags is set: consider passing `config.allowMissingKeyFlags`');
}
return !signature.keyFlags ||
(signature.keyFlags[0] & enums.keyFlags.signData) !== 0;

Copy link
Collaborator Author

@larabr larabr Oct 17, 2023
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know they are not needed, but it's not a big deal to add them IMO -- I just find it confusing to have a lot of code without brackets.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Er, OK, but I think it's more important to have a consistent code style. JS cases normally don't have brackets, and most other code in the library doesn't have them, so we should only add them when needed.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, but then I'll add a linting rule for this, so that it's automatically enforced

src/key/helper.js Outdated Show resolved Hide resolved
@larabr larabr mentioned this pull request Oct 17, 2023
Draft
19 tasks
@larabr larabr force-pushed the v6-reject-no-key-flags branch 2 times, most recently from 3160172 to a28ae91 Compare October 23, 2023 15:50
@larabr
Refuse to use keys without key flags, add config.allowMissingKeyFlags
4a234bb 
Key flags are needed to restrict key usage to specific purposes:
https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#section-5.2.3.29 .
Some older keys (e.g. from OpenPGP.js v1) do not declare any key flags.
In previous OpenPGP.js versions, we've allowed such keys to be used for any operation for which they were compatible.
This behaviour has now changed, and these keys are not allowed to be used for any operation.

The setting  `config.allowMissingKeyFlags` has been added to selectively revert to the past behaviour.
@larabr
Rename internal functions, filter key algos on decryption
551647b
@larabr
Lint: error on unnecessary switch-case braces
e69b1db 
Also fix some indent issues with armoring code detected after required ESLint update.

s
@larabr larabr merged commit de9b4d5 into openpgpjs:v6 Oct 23, 2023
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@twiss twiss twiss approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@larabr @twiss