github openpgpjs/openpgpjs v4.7.0
v4.7.0 - Lightweight Build & Performance Improvements
on GitHub

latest releases: v6.0.0-beta.0, v5.11.1, v6.0.0-alpha.1...
4 years ago

Lightweight Build

This release adds a lightweight build that can lazily load indutny/elliptic on demand if needed (#956).

indutny/elliptic is a large dependency of this library that adds support for certain ECC curves. It is not required if you only use RSA (currently the default for keys generated using OpenPGP.js), curve25519, or the NIST curves (with certain exceptions - see the list below). So, when using OpenPGP.js in a web app, a lot of bandwidth can be saved by not including it by default and only loading it when necessary. Currently, the lightweight build is more than 79kB smaller (32kB smaller when comparing gzipped sizes), and we hope to make it even smaller in future releases!

To use the lightweight build, simply use dist/lightweight/openpgp.js instead of dist/openpgp.js, and additionally copy elliptic.min.js from that directory. OpenPGP.js will then automatically load elliptic.min.js when encrypting, decrypting, signing or verifying a message using a (sub)key that uses one of the following curves:

  • brainpoolP256r1
  • brainpoolP384r1 (Note: this curve is non-standard)
  • brainpoolP512r1
  • secp256k1 (Note: this curve is non-standard)
  • NIST P-521, when using Safari
  • NIST P-256, NIST P-384 or NIST P-521, in an environment where Web Crypto and Node crypto are not available (e.g., on a non-HTTPS web page)

curve25519 is always supported, regardless of Web Crypto or Node crypto availability. Even when not using the lightweight build, we recommend only using curve25519 or one of the NIST curves, if possible, as indutny/elliptic's implementation of the other curves is not constant time (#720).

If you don't need support for other curves, you can also set openpgp.config.use_indutny_elliptic = false, and then you don't have to copy elliptic.min.js when using the lightweight build. Note: in environments where Web Crypto and Node crypto are not available (e.g., on a non-HTTPS web page), this may cause things to break, as it makes OpenPGP.js non-compliant with the spec, which requires support for NIST P-256.

There are two other config options to configure how to load indutny/elliptic: indutny_elliptic_path and indutny_elliptic_fetch_options.

Note: if your web app usually does use one of the curves listed above, it's best not to use the lightweight build, as loading both the lightweight build and elliptic.min.js currently actually adds almost 17kB over just using the normal build. We're planning to reduce this gap in future releases.

Backwards-Incompatible Changes

  • Rename numBits and bits to rsaBits (#970)

    Keep supporting the old names as well though in openpgp.generateKey and getAlgorithmInfo, but not in openpgp.key.generate (as it is recommended that developers use openpgp.generateKey instead, and it now throws when using numBits instead of rsaBits, so there's no risk of silent key security downgrade).

    The old names are now deprecated, and might be removed in v5.

New features

  • Implement Key.prototype.addSubkey (#963)

Performance Improvements

  • Optimize encrypting and decrypting keys using iterated S2K (#1002)

  • Use Web Crypto & Node crypto for RSA signing and verifying (#999)

    Also, when generating RSA keys using Web Crypto or Node crypto, swap the generated p and q around, so that we don't have to recompute the generated u coefficient.

  • Verify NIST signatures using Web Crypto instead of indutny/elliptic when not streaming

  • Use tweetnacl.js instead of indutny/elliptic for curve25519 key generation

  • Don't initialize indutny's curve25519, improving performance when using that curve

  • Use serialized EdDSA public key when signing instead of deriving it

Bugfixes

  • Only store newly created signatures as valid in the non-streaming case

  • Fix openpgp.revokeKey().publicKey when using the Worker

  • Don't return lone \r characters in util.Uint8Array_to_b64

  • AEAD: Fix high water mark calculation based on chunk size

  • Fix queued bytes calculation for AEAD concurrency

  • Fix crypto.random.getRandomBytes when loading OpenPGP.js inside a Worker (#997)

  • Fix handling of private keys with leading zeros for certain curves

  • Iterated S2K: always hash the full salt+password at least once

  • Fix encrypting keys that were previously encrypted using a non-AES algorithm

  • Always encrypt keys using AES, even if they were previously encrypted using a non-AES algorithm

  • When generating RSA keys in JS, generate them with p < q, as per the spec

    Also, when generating RSA keys using Web Crypto or Node crypto, swap the generated p and q around, so that they will satisfy p < q in most browsers (but not old Microsoft Edge, 50% of the time).

Test Suite Changes

  • Switch from Sauce Labs to Browserstack (#965)

  • Fix key preferences test when using Worker and use_native=false

  • Fix test failing on high-core-count systems due to AEAD concurrency

Refactorings

  • Split up key.js (#972)

  • Move KeyPair.sign/verify to ecdsa.js

  • Move KeyPair.derive to ecdh.js

  • Move keyFromPrivate and keyFromPublic to a new indutnyKey.js file

  • Switch back to using upstream email-address library (#998)

  • Refactor S2K function

Release Script

  • Remove browserify caches when releasing, to prevent broken builds

  • Don't use sed to edit gitignore in release.sh, as sed -i is not cross-platform

Check out latest releases or
releases around openpgpjs/openpgpjs v4.7.0

Don't miss a new openpgpjs release

NewReleases is sending notifications on new releases.

Get notifications