[Snyk] Upgrade openpgp from 4.6.0 to 4.8.1 #3
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade openpgp from 4.6.0 to 4.8.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.Release notes
Package name: openpgp
(When config.allow_unauthenticated_stream is set or the message is AEAD-encrypted.)
openpgp.destroyWorker()
(#1031)(Calling it on unencrypted keys was already allowed, so this safety check didn't do much.)
clearPrivateParams
Key.prototype.clearPrivateParams
openpgp.getWorker().clearKeyCache()
openpgp.destroyWorker()
Note:
openpgp.destroyWorker()
now returns a Promise (to indicate when the worker's key caches have been cleared and the workers have been terminated) but it still immediately stops OpenPGP.js from using the worker, thus should be backwards compatible in that respect.However, this release is backwards incompatible if you were relying on the fact that
openpgp.destroyWorker()
didn't terminate the workers, for example by using streaming encryption / decryption with a worker active and then continuing to read from a stream of data that was returned byopenpgp.encrypt
/decrypt
after callingopenpgp.destroyWorker()
.This improves performance when repeatedly using the same private/public keys with a Worker (using
openpgp.initWorker
). Note: this may pose a security risk since private keys are cached in memory indefinitely (as long as the application is open). If your threat model includes an attacker inspecting memory, be sure to clear keys from memory manually.Note: this may be backwards-incompatible if you store very old encrypted private keys (e.g. created with GPG <1.0.7 or >=1.0.7 with
--simple-sk-checksum
). If this is the case for you, shoot us a message on gitter to ask about migration options.key.validate()
(#1028)Calling this function after decryption is required if the encrypted private key was stored on an untrusted medium, and trust is derived from being able to decrypt the private key with your own password, and you use the private key for encrypting or verifying (rather than, or in addition to, decrypting or signing) data.
Note that this function doesn't work for GNU-dummy keys, currently (as is more or less expected, as trust can't be derived from a GNU-dummy private key packet since the private key parameters are missing).
This should fix certain issues with TypeScript declarations.
openpgp.config.use_native = false
for RSA sign/verifyLightweight Build
This release adds a lightweight build that can lazily load
indutny/elliptic
on demand if needed (#956).indutny/elliptic
is a large dependency of this library that adds support for certain ECC curves. It is not required if you only use RSA (currently the default for keys generated using OpenPGP.js), curve25519, or the NIST curves (with certain exceptions - see the list below). So, when using OpenPGP.js in a web app, a lot of bandwidth can be saved by not including it by default and only loading it when necessary. Currently, the lightweight build is more than 79kB smaller (32kB smaller when comparing gzipped sizes), and we hope to make it even smaller in future releases!To use the lightweight build, simply use
dist/lightweight/openpgp.js
instead ofdist/openpgp.js
, and additionally copyelliptic.min.js
from that directory. OpenPGP.js will then automatically loadelliptic.min.js
when encrypting, decrypting, signing or verifying a message using a (sub)key that uses one of the following curves:curve25519 is always supported, regardless of Web Crypto or Node crypto availability. Even when not using the lightweight build, we recommend only using curve25519 or one of the NIST curves, if possible, as
indutny/elliptic
's implementation of the other curves is not constant time (#720).If you don't need support for other curves, you can also set
openpgp.config.use_indutny_elliptic = false
, and then you don't have to copyelliptic.min.js
when using the lightweight build. Note: in environments where Web Crypto and Node crypto are not available (e.g., on a non-HTTPS web page), this may cause things to break, as it makes OpenPGP.js non-compliant with the spec, which requires support for NIST P-256.There are two other config options to configure how to load
indutny/elliptic
:indutny_elliptic_path
andindutny_elliptic_fetch_options
.Note: if your web app usually does use one of the curves listed above, it's best not to use the lightweight build, as loading both the lightweight build and
elliptic.min.js
currently actually adds almost 17kB over just using the normal build. We're planning to reduce this gap in future releases.Backwards-Incompatible Changes
Rename
numBits
andbits
torsaBits
(#970)Keep supporting the old names as well though in
openpgp.generateKey
andgetAlgorithmInfo
, but not inopenpgp.key.generate
(as it is recommended that developers useopenpgp.generateKey
instead, and it now throws when usingnumBits
instead ofrsaBits
, so there's no risk of silent key security downgrade).The old names are now deprecated, and might be removed in v5.
New features
Key.prototype.addSubkey
(#963)Performance Improvements
Optimize encrypting and decrypting keys using iterated S2K (#1002)
Use Web Crypto & Node crypto for RSA signing and verifying (#999)
Also, when generating RSA keys using Web Crypto or Node crypto, swap the generated p and q around, so that we don't have to recompute the generated u coefficient.
Verify NIST signatures using Web Crypto instead of
indutny/elliptic
when not streamingUse tweetnacl.js instead of
indutny/elliptic
for curve25519 key generationDon't initialize indutny's curve25519, improving performance when using that curve
Use serialized EdDSA public key when signing instead of deriving it
Bugfixes
Only store newly created signatures as valid in the non-streaming case
Fix
openpgp.revokeKey().publicKey
when using the WorkerDon't return lone
\r
characters inutil.Uint8Array_to_b64
AEAD: Fix high water mark calculation based on chunk size
Fix queued bytes calculation for AEAD concurrency
Fix
crypto.random.getRandomBytes
when loading OpenPGP.js inside a Worker (#997)Fix handling of private keys with leading zeros for certain curves
Iterated S2K: always hash the full salt+password at least once
Fix encrypting keys that were previously encrypted using a non-AES algorithm
Always encrypt keys using AES, even if they were previously encrypted using a non-AES algorithm
When generating RSA keys in JS, generate them with p < q, as per the spec
Also, when generating RSA keys using Web Crypto or Node crypto, swap the generated p and q around, so that they will satisfy p < q in most browsers (but not old Microsoft Edge, 50% of the time).
Test Suite Changes
Switch from Sauce Labs to Browserstack (#965)
Fix key preferences test when using Worker and
use_native=false
Fix test failing on high-core-count systems due to AEAD concurrency
Refactorings
Split up key.js (#972)
Move KeyPair.sign/verify to ecdsa.js
Move KeyPair.derive to ecdh.js
Move keyFromPrivate and keyFromPublic to a new indutnyKey.js file
Switch back to using upstream email-address library (#998)
Refactor S2K function
Release Script
Remove browserify caches when releasing, to prevent broken builds
Don't use sed to edit gitignore in release.sh, as
sed -i
is not cross-platformnew Buffer
(#954)Nontrivial changes
openpgp.config.aead_protect_version = 0
(see below)openpgp.config.v5_keys = true
. Previously, this was implied byopenpgp.config.aead_protect = true
. This is no longer the case. This also means that it is now possible to use AEAD (which is often much faster in browsers) in combination with V4 keys.@
in User ID names (#930)Trivial changes
Backwards-incompatible changes
This release is backwards-incompatible if you do all of the following:
openpgp.config.aead_protect = true
,Or:
openpgp.config.aead_protect = true
andopenpgp.config.aead_protect_version = 0
There's a warning about breaking changes when using these config options in the README, hence why these changes were made in a minor release. If anyone is affected by this anyway, please ask for help on gitter and I'll try my best to offer some workarounds.
Commit messages
Package name: openpgp
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs