[v6] crypto-refresh: support generating Curve448 and Curve25519 keys (new format)
#1676
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
larabr
commented
Sep 7, 2023
b867d84 to
c0506f5
Compare
c0506f5 to
c3642e5
Compare
larabr
commented
Sep 25, 2023
11 tasks
7f9670b to
580b76a
Compare
twiss
reviewed
Oct 17, 2023
crypto-refresh: support generating Curve448 and Curve25519 keys (new format)crypto-refresh: support generating Curve448 and Curve25519 keys (new format)
4695250 to
50b69e0
Compare
twiss
approved these changes
Oct 20, 2023
Neither type is set as default for now, since they are not widely supported.
The crypto-refresh has standardised a new key format for EdDSA, whose algorithm identifier are `enums.publicKey.ed25519` and `.ed448`
As required by the spec.
As per the spec, v6 keys must not use the legacy curve25519 format. The new format is not used by default with v4 keys as it's not compatible with OpenPGP.js older than v5.10.0 . However, v6 keys already break compatibility, so if the user requests them via config flag, we can safely use the new curve format as well.
…ed}25519'` to `'{curve. ed}25519Legacy'`
To reflect the crypto-refresh naming, after the standardisation of the new EdDSA
key types.
50b69e0 to
d78cfd3
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
generateKeynow acceptstype: 'curve25519'and'curve448'to generate keys as per crypto-refresh (see #1620 and #1625).Neither type is set as default for now, since they are not widely supported.
Note that the generate key options
{ type: 'curve25519' }are not equivalent to{ type: 'ecc', curve: 'curve25519' }: the latter is still the default (same as OpenPGP.js v5), and generates keys in legacy - but widely adopted - format.Breaking change:
enums.publicKey.eddsahas been dropped, in favour ofenums.publicKey.eddsaLegacy. This is to highlight the difference with the new format algo identifier (enums.publicKey.ed25519).enums.curve.ed25519Legacyand.curve25519Legacyhave been renamed from'ed25519'/'curve25519'to'ed25519Legacy'/'curve25519Legacy'.TODO
crypto-refresh: add support for Ed448/X448 #1625