[Snyk] Upgrade openpgp from 4.6.0 to 4.8.1

[snyk-bot]

Snyk has created this PR to upgrade openpgp from 4.6.0 to 4.8.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 7 versions ahead of your current version.
• The recommended version was released a month ago, on 2020-01-24.

Release notes

Package name: openpgp

• 4.8.1 - 2020-01-24
  
  • Don't keep entire decrypted message in memory while streaming (#1033)
    (When config.allow_unauthenticated_stream is set or the message is AEAD-encrypted.)
  • Test loading OpenPGP.js from a Worker in the application (#1032)
  • Properly detect and use Web Crypto when using OpenPGP.js from a Worker in the application.
  • Terminate workers in openpgp.destroyWorker() (#1031)
  • Allow calling clearPrivateParams on decrypted keys
    (Calling it on unencrypted keys was already allowed, so this safety check didn't do much.)
  • Zero out private key parameters in clearPrivateParams
  • Implement Key.prototype.clearPrivateParams
  • Implement openpgp.getWorker().clearKeyCache()
  • Clear worker key caches in openpgp.destroyWorker()
  • Switch code coverage reporter to nyc (#1005)

  Note: openpgp.destroyWorker() now returns a Promise (to indicate when the worker's key caches have been cleared and the workers have been terminated) but it still immediately stops OpenPGP.js from using the worker, thus should be backwards compatible in that respect.
  However, this release is backwards incompatible if you were relying on the fact that openpgp.destroyWorker() didn't terminate the workers, for example by using streaming encryption / decryption with a worker active and then continuing to read from a stream of data that was returned by openpgp.encrypt/decrypt after calling openpgp.destroyWorker().

• 4.8.0 - 2020-01-14
  
  • Cache key objects in Workers by armor (#1030)
    This improves performance when repeatedly using the same private/public keys with a Worker (using openpgp.initWorker). Note: this may pose a security risk since private keys are cached in memory indefinitely (as long as the application is open). If your threat model includes an attacker inspecting memory, be sure to clear keys from memory manually.
  • Remove support for legacy encrypted private keys (#1029)
    Note: this may be backwards-incompatible if you store very old encrypted private keys (e.g. created with GPG <1.0.7 or >=1.0.7 with --simple-sk-checksum). If this is the case for you, shoot us a message on gitter to ask about migration options.
  • Implement key.validate() (#1028)
    Calling this function after decryption is required if the encrypted private key was stored on an untrusted medium, and trust is derived from being able to decrypt the private key with your own password, and you use the private key for encrypting or verifying (rather than, or in addition to, decrypting or signing) data.
    Note that this function doesn't work for GNU-dummy keys, currently (as is more or less expected, as trust can't be derived from a GNU-dummy private key packet since the private key parameters are missing).
  • Update asmcrypto.js (#1023)
    This should fix certain issues with TypeScript declarations.
  • Comment typo fixes (#1022)
• 4.7.2 - 2019-12-20
  
  • Only throw on authorized revocation key when verifying self-signatures (#1017)
  • Explicitly include 'uncompressed' in preferred compression algos (#1020)
• 4.7.1 - 2019-11-29
  
  • Fix verifying RSA signatures with leading zero in Web Crypto (#1010)
  • Fix openpgp.config.use_native = false for RSA sign/verify
  • Use native Node crypto for RSA encryption (#1006)
  • Apply eslint to test/crypto folder (#1003)
• 4.7.0 - 2019-11-18
  

  Lightweight Build

  This release adds a lightweight build that can lazily load indutny/elliptic on demand if needed (#956).

  indutny/elliptic is a large dependency of this library that adds support for certain ECC curves. It is not required if you only use RSA (currently the default for keys generated using OpenPGP.js), curve25519, or the NIST curves (with certain exceptions - see the list below). So, when using OpenPGP.js in a web app, a lot of bandwidth can be saved by not including it by default and only loading it when necessary. Currently, the lightweight build is more than 79kB smaller (32kB smaller when comparing gzipped sizes), and we hope to make it even smaller in future releases!

  To use the lightweight build, simply use dist/lightweight/openpgp.js instead of dist/openpgp.js, and additionally copy elliptic.min.js from that directory. OpenPGP.js will then automatically load elliptic.min.js when encrypting, decrypting, signing or verifying a message using a (sub)key that uses one of the following curves:

  • brainpoolP256r1
  • brainpoolP384r1 (Note: this curve is non-standard)
  • brainpoolP512r1
  • secp256k1 (Note: this curve is non-standard)
  • NIST P-521, when using Safari
  • NIST P-256, NIST P-384 or NIST P-521, in an environment where Web Crypto and Node crypto are not available (e.g., on a non-HTTPS web page)

  curve25519 is always supported, regardless of Web Crypto or Node crypto availability. Even when not using the lightweight build, we recommend only using curve25519 or one of the NIST curves, if possible, as indutny/elliptic's implementation of the other curves is not constant time (#720).

  If you don't need support for other curves, you can also set openpgp.config.use_indutny_elliptic = false, and then you don't have to copy elliptic.min.js when using the lightweight build. Note: in environments where Web Crypto and Node crypto are not available (e.g., on a non-HTTPS web page), this may cause things to break, as it makes OpenPGP.js non-compliant with the spec, which requires support for NIST P-256.

  There are two other config options to configure how to load indutny/elliptic: indutny_elliptic_path and indutny_elliptic_fetch_options.

  Note: if your web app usually does use one of the curves listed above, it's best not to use the lightweight build, as loading both the lightweight build and elliptic.min.js currently actually adds almost 17kB over just using the normal build. We're planning to reduce this gap in future releases.

  Backwards-Incompatible Changes

  • Rename numBits and bits to rsaBits (#970)

    Keep supporting the old names as well though in openpgp.generateKey and getAlgorithmInfo, but not in openpgp.key.generate (as it is recommended that developers use openpgp.generateKey instead, and it now throws when using numBits instead of rsaBits, so there's no risk of silent key security downgrade).

    The old names are now deprecated, and might be removed in v5.

  New features

  • Implement Key.prototype.addSubkey (#963)

  Performance Improvements

  • Optimize encrypting and decrypting keys using iterated S2K (#1002)

  • Use Web Crypto & Node crypto for RSA signing and verifying (#999)

    Also, when generating RSA keys using Web Crypto or Node crypto, swap the generated p and q around, so that we don't have to recompute the generated u coefficient.

  • Verify NIST signatures using Web Crypto instead of indutny/elliptic when not streaming

  • Use tweetnacl.js instead of indutny/elliptic for curve25519 key generation

  • Don't initialize indutny's curve25519, improving performance when using that curve

  • Use serialized EdDSA public key when signing instead of deriving it

  Bugfixes

  • Only store newly created signatures as valid in the non-streaming case

  • Fix openpgp.revokeKey().publicKey when using the Worker

  • Don't return lone \r characters in util.Uint8Array_to_b64

  • AEAD: Fix high water mark calculation based on chunk size

  • Fix queued bytes calculation for AEAD concurrency

  • Fix crypto.random.getRandomBytes when loading OpenPGP.js inside a Worker (#997)

  • Fix handling of private keys with leading zeros for certain curves

  • Iterated S2K: always hash the full salt+password at least once

  • Fix encrypting keys that were previously encrypted using a non-AES algorithm

  • Always encrypt keys using AES, even if they were previously encrypted using a non-AES algorithm

  • When generating RSA keys in JS, generate them with p < q, as per the spec

    Also, when generating RSA keys using Web Crypto or Node crypto, swap the generated p and q around, so that they will satisfy p < q in most browsers (but not old Microsoft Edge, 50% of the time).

  Test Suite Changes

  • Switch from Sauce Labs to Browserstack (#965)

  • Fix key preferences test when using Worker and use_native=false

  • Fix test failing on high-core-count systems due to AEAD concurrency

  Refactorings

  • Split up key.js (#972)

  • Move KeyPair.sign/verify to ecdsa.js

  • Move KeyPair.derive to ecdh.js

  • Move keyFromPrivate and keyFromPublic to a new indutnyKey.js file

  • Switch back to using upstream email-address library (#998)

  • Refactor S2K function

  Release Script

  • Remove browserify caches when releasing, to prevent broken builds

  • Don't use sed to edit gitignore in release.sh, as sed -i is not cross-platform

• 4.6.2 - 2019-09-11
  
  • Fix verifying one-pass signatures in the compat build (broken in v4.6.0) (#968)
• 4.6.1 - 2019-09-11
  
  • Use native Node crypto for RSA key generation (#947)
  • Throw when trying to encrypt a key that's already encrypted (#950)
  • Fix intermittent Brainpool sign/verify bug (#948)
  • Style fixes; add spaces around all infix operators, remove use of new Buffer (#954)
  • Fix generating signing subkeys (#967)
  • Fix decrypting newly generated key object when using the Worker
• 4.6.0 - 2019-08-12
  

  Nontrivial changes

  • Implement V5 signatures and update V5 keys to rfc4880bis-07 (#895)
  • Remove support for openpgp.config.aead_protect_version = 0 (see below)
  • Add separate config option to use V5 keys, openpgp.config.v5_keys = true. Previously, this was implied by openpgp.config.aead_protect = true. This is no longer the case. This also means that it is now possible to use AEAD (which is often much faster in browsers) in combination with V4 keys.
  • DSA: Fix intermittent generation of invalid signatures (#938)
  • Fix armor checksum errors being ignored when not streaming (#935)
  • Decrypt message with multiple keys in parallel
  • Don't keep the entire message in memory while decrypting when streaming
  • Accept @ in User ID names (#930)
  • Implement ECDH using Web Crypto for supported (NIST) curves (#914)
  • Implement ECDH using Node crypto (#921)

  Trivial changes

  • Fix test failing due to expired key (#941)
  • Disable HKP tests due to keyserver.ubuntu.com no longer serving CORS headers (#940)
  • Fix comment describing RSA coefficient u (#937)
  • Don't babelify ES6 in unit tests when testing in modern browsers
  • Style fixes and new style rules for ESLint (#919)
  • Fix grunt-saucelabs by updating Sauce Labs Tunnel (#917)

  Backwards-incompatible changes

  This release is backwards-incompatible if you do all of the following:

  • Set openpgp.config.aead_protect = true,
  • Generate keys in OpenPGP.js,
  • Export them (these keys would have been incompatible with the new spec),
  • Store them on disk and/or expect them to continue working

  Or:

  • Set openpgp.config.aead_protect = true and openpgp.config.aead_protect_version = 0
  • Encrypt messages
  • Store them on disk and/or expect them to continue working

  There's a warning about breaking changes when using these config options in the README, hence why these changes were made in a minor release. If anyone is affected by this anyway, please ask for help on gitter and I'll try my best to offer some workarounds.

from openpgp GitHub release notes

Commit messages

Package name: openpgp

• 09e8187 Release new version
• 786d909 Fix worker tests in compat browsers
• e8ee70b Fix `UnhandledPromiseRejectionWarning`s in Node.js
• 382c05d Remove accidental `.only` in test suite
• 9bdeaa9 Don't keep entire decrypted message in memory while streaming
• 6e13604 Replace 'window' with 'global'
• 81d6b45 Test loading OpenPGP.js from a Worker in the application
• 66acd97 Clear worker key caches in openpgp.destroyWorker()
• fb666f0 Implement openpgp.getWorker().clearKeyCache()
• 5234323 Implement Key.prototype.clearPrivateParams
• 26d107b Zero out private key parameters in clearPrivateParams
• 889e0c4 Allow calling clearPrivateParams on decrypted keys
• 6ae6012 Terminate workers in openpgp.destroyWorker()
• 94a04ea Switch code coverage reporter to nyc (#1005)
• 1462aff Release new version
• 44a90d9 Cache key objects in Workers by armor (#1030)
• fd6d7b6 Remove support for legacy encrypted private keys (#1029)
• 8f355a7 Implement key.validate() (#1028)
• 26502e3 update asmcrypto.js (#1023)
• 0a32f4d Comment typo fixes (#1022)
• ba944c8 Release new version
• 3d75efc Only throw on authorized revocation key when verifying self-signatures (#1017)
• e1b9156 Explicitly include 'uncompressed' in preferred compression algos (#1020)
• 5a62c4f Release new version

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs