1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
|
/**
* @module enums
*/
const byValue = Symbol('byValue');
export default {
/** Maps curve names under various standards to one
* @see {@link https://wiki.gnupg.org/ECC|ECC - GnuPG wiki}
* @enum {String}
* @readonly
*/
curve: {
/** NIST P-256 Curve */
'p256': 'p256',
'P-256': 'p256',
'secp256r1': 'p256',
'prime256v1': 'p256',
'1.2.840.10045.3.1.7': 'p256',
'2a8648ce3d030107': 'p256',
'2A8648CE3D030107': 'p256',
/** NIST P-384 Curve */
'p384': 'p384',
'P-384': 'p384',
'secp384r1': 'p384',
'1.3.132.0.34': 'p384',
'2b81040022': 'p384',
'2B81040022': 'p384',
/** NIST P-521 Curve */
'p521': 'p521',
'P-521': 'p521',
'secp521r1': 'p521',
'1.3.132.0.35': 'p521',
'2b81040023': 'p521',
'2B81040023': 'p521',
/** SECG SECP256k1 Curve */
'secp256k1': 'secp256k1',
'1.3.132.0.10': 'secp256k1',
'2b8104000a': 'secp256k1',
'2B8104000A': 'secp256k1',
/** Ed25519 */
'ED25519': 'ed25519',
'ed25519': 'ed25519',
'Ed25519': 'ed25519',
'1.3.6.1.4.1.11591.15.1': 'ed25519',
'2b06010401da470f01': 'ed25519',
'2B06010401DA470F01': 'ed25519',
/** Curve25519 */
'X25519': 'curve25519',
'cv25519': 'curve25519',
'curve25519': 'curve25519',
'Curve25519': 'curve25519',
'1.3.6.1.4.1.3029.1.5.1': 'curve25519',
'2b060104019755010501': 'curve25519',
'2B060104019755010501': 'curve25519',
/** BrainpoolP256r1 Curve */
'brainpoolP256r1': 'brainpoolP256r1',
'1.3.36.3.3.2.8.1.1.7': 'brainpoolP256r1',
'2b2403030208010107': 'brainpoolP256r1',
'2B2403030208010107': 'brainpoolP256r1',
/** BrainpoolP384r1 Curve */
'brainpoolP384r1': 'brainpoolP384r1',
'1.3.36.3.3.2.8.1.1.11': 'brainpoolP384r1',
'2b240303020801010b': 'brainpoolP384r1',
'2B240303020801010B': 'brainpoolP384r1',
/** BrainpoolP512r1 Curve */
'brainpoolP512r1': 'brainpoolP512r1',
'1.3.36.3.3.2.8.1.1.13': 'brainpoolP512r1',
'2b240303020801010d': 'brainpoolP512r1',
'2B240303020801010D': 'brainpoolP512r1'
},
/** A string to key specifier type
* @enum {Integer}
* @readonly
*/
s2k: {
simple: 0,
salted: 1,
iterated: 3,
gnu: 101
},
/** {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-9.1|RFC4880bis-04, section 9.1}
* @enum {Integer}
* @readonly
*/
publicKey: {
/** RSA (Encrypt or Sign) [HAC] */
rsaEncryptSign: 1,
/** RSA (Encrypt only) [HAC] */
rsaEncrypt: 2,
/** RSA (Sign only) [HAC] */
rsaSign: 3,
/** Elgamal (Encrypt only) [ELGAMAL] [HAC] */
elgamal: 16,
/** DSA (Sign only) [FIPS186] [HAC] */
dsa: 17,
/** ECDH (Encrypt only) [RFC6637] */
ecdh: 18,
/** ECDSA (Sign only) [RFC6637] */
ecdsa: 19,
/** EdDSA (Sign only)
* [{@link https://tools.ietf.org/html/draft-koch-eddsa-for-openpgp-04|Draft RFC}] */
eddsa: 22,
/** Reserved for AEDH */
aedh: 23,
/** Reserved for AEDSA */
aedsa: 24
},
/** {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC4880, section 9.2}
* @enum {Integer}
* @readonly
*/
symmetric: {
plaintext: 0,
/** Not implemented! */
idea: 1,
tripledes: 2,
cast5: 3,
blowfish: 4,
aes128: 7,
aes192: 8,
aes256: 9,
twofish: 10
},
/** {@link https://tools.ietf.org/html/rfc4880#section-9.3|RFC4880, section 9.3}
* @enum {Integer}
* @readonly
*/
compression: {
uncompressed: 0,
/** RFC1951 */
zip: 1,
/** RFC1950 */
zlib: 2,
bzip2: 3
},
/** {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC4880, section 9.4}
* @enum {Integer}
* @readonly
*/
hash: {
md5: 1,
sha1: 2,
ripemd: 3,
sha256: 8,
sha384: 9,
sha512: 10,
sha224: 11
},
/** A list of hash names as accepted by webCrypto functions.
* {@link https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest|Parameters, algo}
* @enum {String}
*/
webHash: {
'SHA-1': 2,
'SHA-256': 8,
'SHA-384': 9,
'SHA-512': 10
},
/** {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-9.6|RFC4880bis-04, section 9.6}
* @enum {Integer}
* @readonly
*/
aead: {
eax: 1,
ocb: 2,
experimentalGCM: 100 // Private algorithm
},
/** A list of packet types and numeric tags associated with them.
* @enum {Integer}
* @readonly
*/
packet: {
publicKeyEncryptedSessionKey: 1,
signature: 2,
symEncryptedSessionKey: 3,
onePassSignature: 4,
secretKey: 5,
publicKey: 6,
secretSubkey: 7,
compressedData: 8,
symmetricallyEncryptedData: 9,
marker: 10,
literalData: 11,
trust: 12,
userID: 13,
publicSubkey: 14,
userAttribute: 17,
symEncryptedIntegrityProtectedData: 18,
modificationDetectionCode: 19,
aeadEncryptedData: 20 // see IETF draft: https://tools.ietf.org/html/draft-ford-openpgp-format-00#section-2.1
},
/** Data types in the literal packet
* @enum {Integer}
* @readonly
*/
literal: {
/** Binary data 'b' */
binary: 'b'.charCodeAt(),
/** Text data 't' */
text: 't'.charCodeAt(),
/** Utf8 data 'u' */
utf8: 'u'.charCodeAt(),
/** MIME message body part 'm' */
mime: 'm'.charCodeAt()
},
/** One pass signature packet type
* @enum {Integer}
* @readonly
*/
signature: {
/** 0x00: Signature of a binary document. */
binary: 0,
/** 0x01: Signature of a canonical text document.
*
* Canonicalyzing the document by converting line endings. */
text: 1,
/** 0x02: Standalone signature.
*
* This signature is a signature of only its own subpacket contents.
* It is calculated identically to a signature over a zero-lengh
* binary document. Note that it doesn't make sense to have a V3
* standalone signature. */
standalone: 2,
/** 0x10: Generic certification of a User ID and Public-Key packet.
*
* The issuer of this certification does not make any particular
* assertion as to how well the certifier has checked that the owner
* of the key is in fact the person described by the User ID. */
certGeneric: 16,
/** 0x11: Persona certification of a User ID and Public-Key packet.
*
* The issuer of this certification has not done any verification of
* the claim that the owner of this key is the User ID specified. */
certPersona: 17,
/** 0x12: Casual certification of a User ID and Public-Key packet.
*
* The issuer of this certification has done some casual
* verification of the claim of identity. */
certCasual: 18,
/** 0x13: Positive certification of a User ID and Public-Key packet.
*
* The issuer of this certification has done substantial
* verification of the claim of identity.
*
* Most OpenPGP implementations make their "key signatures" as 0x10
* certifications. Some implementations can issue 0x11-0x13
* certifications, but few differentiate between the types. */
certPositive: 19,
/** 0x30: Certification revocation signature
*
* This signature revokes an earlier User ID certification signature
* (signature class 0x10 through 0x13) or direct-key signature
* (0x1F). It should be issued by the same key that issued the
* revoked signature or an authorized revocation key. The signature
* is computed over the same data as the certificate that it
* revokes, and should have a later creation date than that
* certificate. */
certRevocation: 48,
/** 0x18: Subkey Binding Signature
*
* This signature is a statement by the top-level signing key that
* indicates that it owns the subkey. This signature is calculated
* directly on the primary key and subkey, and not on any User ID or
* other packets. A signature that binds a signing subkey MUST have
* an Embedded Signature subpacket in this binding signature that
* contains a 0x19 signature made by the signing subkey on the
* primary key and subkey. */
subkeyBinding: 24,
/** 0x19: Primary Key Binding Signature
*
* This signature is a statement by a signing subkey, indicating
* that it is owned by the primary key and subkey. This signature
* is calculated the same way as a 0x18 signature: directly on the
* primary key and subkey, and not on any User ID or other packets.
*
* When a signature is made over a key, the hash data starts with the
* octet 0x99, followed by a two-octet length of the key, and then body
* of the key packet. (Note that this is an old-style packet header for
* a key packet with two-octet length.) A subkey binding signature
* (type 0x18) or primary key binding signature (type 0x19) then hashes
* the subkey using the same format as the main key (also using 0x99 as
* the first octet). */
keyBinding: 25,
/** 0x1F: Signature directly on a key
*
* This signature is calculated directly on a key. It binds the
* information in the Signature subpackets to the key, and is
* appropriate to be used for subpackets that provide information
* about the key, such as the Revocation Key subpacket. It is also
* appropriate for statements that non-self certifiers want to make
* about the key itself, rather than the binding between a key and a
* name. */
key: 31,
/** 0x20: Key revocation signature
*
* The signature is calculated directly on the key being revoked. A
* revoked key is not to be used. Only revocation signatures by the
* key being revoked, or by an authorized revocation key, should be
* considered valid revocation signatures.a */
keyRevocation: 32,
/** 0x28: Subkey revocation signature
*
* The signature is calculated directly on the subkey being revoked.
* A revoked subkey is not to be used. Only revocation signatures
* by the top-level signature key that is bound to this subkey, or
* by an authorized revocation key, should be considered valid
* revocation signatures.
*
* Key revocation signatures (types 0x20 and 0x28)
* hash only the key being revoked. */
subkeyRevocation: 40,
/** 0x40: Timestamp signature.
* This signature is only meaningful for the timestamp contained in
* it. */
timestamp: 64,
/** 0x50: Third-Party Confirmation signature.
*
* This signature is a signature over some other OpenPGP Signature
* packet(s). It is analogous to a notary seal on the signed data.
* A third-party signature SHOULD include Signature Target
* subpacket(s) to give easy identification. Note that we really do
* mean SHOULD. There are plausible uses for this (such as a blind
* party that only sees the signature, not the key or source
* document) that cannot include a target subpacket. */
thirdParty: 80
},
/** Signature subpacket type
* @enum {Integer}
* @readonly
*/
signatureSubpacket: {
signatureCreationTime: 2,
signatureExpirationTime: 3,
exportableCertification: 4,
trustSignature: 5,
regularExpression: 6,
revocable: 7,
keyExpirationTime: 9,
placeholderBackwardsCompatibility: 10,
preferredSymmetricAlgorithms: 11,
revocationKey: 12,
issuer: 16,
notationData: 20,
preferredHashAlgorithms: 21,
preferredCompressionAlgorithms: 22,
keyServerPreferences: 23,
preferredKeyServer: 24,
primaryUserID: 25,
policyURI: 26,
keyFlags: 27,
signersUserID: 28,
reasonForRevocation: 29,
features: 30,
signatureTarget: 31,
embeddedSignature: 32,
issuerFingerprint: 33,
preferredAEADAlgorithms: 34
},
/** Key flags
* @enum {Integer}
* @readonly
*/
keyFlags: {
/** 0x01 - This key may be used to certify other keys. */
certifyKeys: 1,
/** 0x02 - This key may be used to sign data. */
signData: 2,
/** 0x04 - This key may be used to encrypt communications. */
encryptCommunication: 4,
/** 0x08 - This key may be used to encrypt storage. */
encryptStorage: 8,
/** 0x10 - The private component of this key may have been split
* by a secret-sharing mechanism. */
splitPrivateKey: 16,
/** 0x20 - This key may be used for authentication. */
authentication: 32,
/** 0x80 - The private component of this key may be in the
* possession of more than one person. */
sharedPrivateKey: 128
},
/** Armor type
* @enum {Integer}
* @readonly
*/
armor: {
multipartSection: 0,
multipartLast: 1,
signed: 2,
message: 3,
publicKey: 4,
privateKey: 5,
signature: 6
},
/** {@link https://tools.ietf.org/html/rfc4880#section-5.2.3.23|RFC4880, section 5.2.3.23}
* @enum {Integer}
* @readonly
*/
reasonForRevocation: {
/** No reason specified (key revocations or cert revocations) */
noReason: 0,
/** Key is superseded (key revocations) */
keySuperseded: 1,
/** Key material has been compromised (key revocations) */
keyCompromised: 2,
/** Key is retired and no longer used (key revocations) */
keyRetired: 3,
/** User ID information is no longer valid (cert revocations) */
userIDInvalid: 32
},
/** {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-5.2.3.25|RFC4880bis-04, section 5.2.3.25}
* @enum {Integer}
* @readonly
*/
features: {
/** 0x01 - Modification Detection (packets 18 and 19) */
modificationDetection: 1,
/** 0x02 - AEAD Encrypted Data Packet (packet 20) and version 5
* Symmetric-Key Encrypted Session Key Packets (packet 3) */
aead: 2,
/** 0x04 - Version 5 Public-Key Packet format and corresponding new
* fingerprint format */
v5Keys: 4
},
/**
* Asserts validity of given value and converts from string/integer to integer.
* @param {Object} type target enum type
* @param {String|Integer} e value to check and/or convert
* @returns {Integer} enum value if it exists
* @throws {Error} if the value is invalid
*/
write: function(type, e) {
if (typeof e === 'number') {
e = this.read(type, e);
}
if (type[e] !== undefined) {
return type[e];
}
throw new Error('Invalid enum value.');
},
/**
* Converts enum integer value to the corresponding string, if it exists.
* @param {Object} type target enum type
* @param {Integer} e value to convert
* @returns {String} name of enum value if it exists
* @throws {Error} if the value is invalid
*/
read: function(type, e) {
if (!type[byValue]) {
type[byValue] = [];
Object.entries(type).forEach(([key, value]) => {
type[byValue][value] = key;
});
}
if (type[byValue][e] !== undefined) {
return type[byValue][e];
}
throw new Error('Invalid enum value.');
}
};
|
