PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
This PR adds support for RecipientKeyIdentifiers in KeyAgreeRecipientInfo types. This approach is needed in cases where the recipient is using a key that has an identifier, but not an X.509 certificate.
Consequently, this PR implements a new method in EnvelopedData: addRecipientByKeyIdentifier(key, keyId), which is to be used instead of addRecipientByCertificate() or addRecipientByPreDefinedData().
Fixes #304.
Side effect: Take curve name from originator when decrypting
EnvelopedData.decrypt() originally used the recipientCertificate argument to find out the name of the curve, but since there's no certificate in this case, I'm changing that so that the curve name is taken from the originator when using a RecipientKeyIdentifier -- recipients created with addRecipientByCertificate() shouldn't be affected.
A consequence of this change is that I had to delete the code that removed the AlgorithmParams from the originator's key in EnvelopedData.encrypt(). (I don't know why that was done in the first place, so I may be missing an important piece of context)
TODO
[ ] Document change. But how? The current approach involves duplicating README.md, but with this change there will be 3 instances of the same file, which we presumably don't want.
[x] Test interoperability with OpenSSL and Bouncy Castle. I'm happy to do it but I'd prefer to get some early feedback on the approach used in this PR.
I've just finished testing interoperability with Bouncy Castle and OpenSSL, and only found one issue (#334) which is pre-existing. Everything else works! 🎉
This PR adds support for
RecipientKeyIdentifier
s inKeyAgreeRecipientInfo
types. This approach is needed in cases where the recipient is using a key that has an identifier, but not an X.509 certificate.Consequently, this PR implements a new method in
EnvelopedData
:addRecipientByKeyIdentifier(key, keyId)
, which is to be used instead ofaddRecipientByCertificate()
oraddRecipientByPreDefinedData()
.Fixes #304.
Side effect: Take curve name from originator when decrypting
EnvelopedData.decrypt()
originally used therecipientCertificate
argument to find out the name of the curve, but since there's no certificate in this case, I'm changing that so that the curve name is taken from the originator when using aRecipientKeyIdentifier
-- recipients created withaddRecipientByCertificate()
shouldn't be affected.A consequence of this change is that I had to delete the code that removed the
AlgorithmParams
from the originator's key inEnvelopedData.encrypt()
. (I don't know why that was done in the first place, so I may be missing an important piece of context)TODO
README.md
, but with this change there will be 3 instances of the same file, which we presumably don't want.Example
https://lapo.it/asn1js/#MIIB2wYJKoZIhvcNAQcDoIIBzDCCAcgCAQIxggF9oYIBeQIBA6BboVkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuhtMx13SbmxNhXLsaSPervZeLAtdf-9qd4Askimtixz9jSDaiG8OGiigmsvHRQMTi9ny_G84w75uikWVZc1vt6FCBEDDixLR9WDMZ3boWe8eJGGrOU7piz88E7RR5W0hb7koF1gPztPPt7itpTJPfPlEigZcKgqCw-HEmn3uMwQ9ipm9MBcGBiuBBAELATANBglghkgBZQMEAS0FADCBuTCBtqCBmQSBljCBkwIBADATBgcqhkjOPQIBBggqhkjOPQMBBwR5MHcCAQEEIDdosDp08_RKJ5V42eqpE4V0HjzpNK9foEvueHeR6CNsoAoGCCqGSM49AwEHoUQDQgAERAMz2AIvZALAk2A-50KtNhoXKdjCh_fAMuGsSK4RkXLsY1r1HafsHTeBJeSYjcHlDra6rdeFZIiMlJywAYsGCQQYLuWkW37gNYMlW5VNKnqxiNvCwgYjPRcyMIAGCSqGSIb3DQEHATAdBglghkgBZQMEAQIEEHP-QeKLyqKeYXk8ZdzIr8mggAQQjNKDIxP1B8kGEfNDmVPw1QAAAAA