Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v6] Temporarily add config.ignoreSEIPDv2FeatureFlag for compatibility #15

Merged
merged 2 commits into from
Apr 19, 2024
Merged

[v6] Temporarily add config.ignoreSEIPDv2FeatureFlag for compatibility #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c6b290c
Temporarily add `config.ignoreSEIPDv2FeatureFlag` for compatibility
larabr Apr 19, 2024
298ca68
Update src/key/helper.js [skip ci]
larabr Apr 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions src/config/config.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,14 @@ export default {
* @property {Boolean} aeadProtect
*/
aeadProtect: false,
/**
* Whether to disable encrypton using SEIPDv2 even if the encryption keys include the SEIPDv2 feature flag.
* If true, SEIPDv1 (i.e. no AEAD) packets are always used instead.
* SEIPDv2 is a more secure and faster choice, but it is not necessarily compatible with other libs and our mobile apps.
* @memberof module:config
* @property {Boolean} ignoreSEIPDv2FeatureFlag
*/
ignoreSEIPDv2FeatureFlag: false,
/**
* When reading OpenPGP v4 private keys (e.g. those generated in OpenPGP.js when not setting `config.v5Keys = true`)
* which were encrypted by OpenPGP.js v5 (or older) using `config.aeadProtect = true`,
Expand Down
2 changes: 1 addition & 1 deletion src/key/helper.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -173,7 +173,7 @@ export async function getPreferredCompressionAlgo(keys = [], date = new Date(),
export async function getPreferredCipherSuite(keys = [], date = new Date(), userIDs = [], config = defaultConfig) {
const selfSigs = await Promise.all(keys.map((key, i) => key.getPrimarySelfSignature(date, userIDs[i], config)));
const withAEAD = keys.length ?
selfSigs.every(selfSig => selfSig.features && (selfSig.features[0] & enums.features.seipdv2)) :
!config.ignoreSEIPDv2FeatureFlag && selfSigs.every(selfSig => selfSig.features && (selfSig.features[0] & enums.features.seipdv2)) :
config.aeadProtect;

if (withAEAD) {
Expand Down
11 changes: 11 additions & 0 deletions test/general/openpgp.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2253,6 +2253,17 @@ k0mXubZvyl4GBg==
expect(seipd).to.be.instanceOf(openpgp.SymEncryptedIntegrityProtectedDataPacket);
expect(seipd.version).to.equal(2);
expect(seipd.aeadAlgorithm).to.equal(openpgp.enums.aead.ocb);

const encryptedWithoutAEAD = await openpgp.encrypt({
message: await openpgp.createMessage({ text: 'test' }),
encryptionKeys: [v4PrivateKeyWithOCBPref, v6PrivateKeyWithOCBPref],
format: 'object',
config: { ignoreSEIPDv2FeatureFlag: true }
});

const seipdV1 = encryptedWithoutAEAD.packets[2];
expect(seipdV1).to.be.instanceOf(openpgp.SymEncryptedIntegrityProtectedDataPacket);
expect(seipdV1.version).to.equal(1);
});

it('should support encrypting to a key without features (missing SEIPDv1 feature)', async function () {
Expand Down