Git Product home page Git Product logo

end-to-end's Introduction

End-To-End

Travis Build

End-To-End is a crypto library to encrypt, decrypt, digital sign, and verify signed messages (implementing OpenPGP and OTR).

This is the source code for the End-To-End library. It's built upon a newly developed, JavaScript-based crypto library. End-To-End implements the OpenPGP standard, IETF RFC 4880, enabling key generation, encryption, decryption, digital signature, and signature verification.

We're releasing this library to enable community review.

For more background, please see our blog post.

Documentation for the project is stored in our Wiki. If you're planning to contribute to the project, check out our Contributor guide.

A few projects have been built on top of this library, to list a few:

end-to-end's People

Contributors

adhintz avatar adon-at-work avatar alkar avatar concavelenz avatar coruus avatar cryptosubtlety avatar dconnolly avatar diracdeltas avatar dlg-yahoo avatar dmah42 avatar dominichamon avatar felixhammerl avatar kbsriram avatar koto avatar lukesandberg avatar mikhail avatar pborreli avatar radi-v avatar rcchan avatar shanehuntley avatar sirdarckcat avatar skyisle avatar tianhuil avatar yonigoogle avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

end-to-end's Issues

Remote File inclusion bug

From [email protected] on June 06, 2014 04:19:48

Is this report about the crypto library or the extension?
No, this is a Remote File inclusion Bug

What is the security bug?
Remote File inclusion bug
Remote File Include (RFI) is an attack technique used to exploit "dynamic file include" mechanisms in web applications. When web applications take user input (URL, parameter value, etc.) and pass them into file include commands, the web application might be tricked into including remote files with malicious code.

Almost all web application frameworks support file inclusion. File inclusion is mainly used for packaging common code into separate files that are later referenced by main application modules. When a web application references an include file, the code in this file may be executed implicitly or explicitly by calling specific procedures. If the choice of module to load is based on elements from the HTTP request, the web application might be vulnerable to RFI.
An attacker can use RFI for:

  • Running malicious code on the server: any code in the included malicious files will be run by the server. If the file include is not executed using some wrapper, code in include files is executed in the context of the server user. This could lead to a complete system compromise.
  • Running malicious code on clients: the attacker's malicious code can manipulate the content of the response sent to the client. The attacker can embed malicious code in the response that will be run by the client (for example, Javascript to steal the client session cookies).

PHP is particularly vulnerable to RFI attacks due to the extensive use of "file includes" in PHP programming and due to default server configurations that increase susceptibility to an RFI attack.

How would someone exploit it?
Phase: Architecture and Design
When the set of acceptable objects, such as filenames or URLs, is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames or URLs, and reject all other inputs.
For example, ID 1 could map to "inbox.txt" and ID 2 could map to "profile.txt". Features such as the ESAPI AccessReferenceMap provide this capability.

Phases: Architecture and Design; Operation
Run your code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which files can be accessed in a particular directory or which commands can be executed by your software.
OS-level examples include the Unix chroot jail, AppArmor, and SELinux. In general, managed code may provide some protection. For example, java.io.FilePermission in the Java SecurityManager allows you to specify restrictions on file operations.
This may not be a feasible solution, and it only limits the impact to the operating system; the rest of your application may still be subject to compromise.
Be careful to avoid CWE-243 and other weaknesses related to jails.
For PHP, the interpreter offers restrictions such as open basedir or safe mode which can make it more difficult for an attacker to escape out of the application. Also consider Suhosin, a hardened PHP extension, which includes various options that disable some of the more dangerous PHP features.

Phase: Implementation
Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a whitelist of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. Do not rely exclusively on looking for malicious or malformed inputs (i.e., do not rely on a blacklist). However, blacklists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if you are expecting colors such as "red" or "blue."
For filenames, use stringent whitelists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a whitelist of allowable file extensions, which will help to avoid CWE-434.

Phases: Architecture and Design; Operation
Store library, include, and utility files outside of the web document root, if possible. Otherwise, store them in a separate directory and use the web server's access control capabilities to prevent attackers from directly requesting them. One common practice is to define a fixed constant in each calling program, then check for the existence of the constant in the library/include file; if the constant does not exist, then the file was directly requested, and it can exit immediately.
This significantly reduces the chance of an attacker being able to bypass any protection mechanisms that are in the base program but not in the include files. It will also reduce your attack surface.

Phases: Architecture and Design; Implementation
Understand all the potential areas where untrusted inputs can enter your software: parameters or arguments, cookies, anything read from the network, environment variables, reverse DNS lookups, query results, request headers, URL components, e-mail, files, databases, and any external systems that provide data to the application. Remember that such inputs may be obtained indirectly through API calls.
Many file inclusion problems occur because the programmer assumed that certain inputs could not be modified, especially for cookies and URL components.

Attachment: Remote-File-Inclusion.raw

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=29

We eat new lines on compose mode on GMail

From [email protected] on June 07, 2014 02:46:49

Reproduction steps:

  1. hit 'c' in gmail to get composition pane
  2. write some text
  3. click on end-to-end to encrypt a message to your own long-term gpg key

What do you see? the original text from the gmail mole gets copied into the end-to-end pane, with newlines converted to whitespaces

What do you expect instead? the newlines to be preserved

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=43

Change wording on import dialog to stress the fact that the user must verify the fingerprints of the keys and subkeys being imported.

From [email protected] on June 05, 2014 22:51:49

Is this report about the crypto library or the extension?
Extension

What is the security bug?
We should be more explicit when telling the user to verify the fingerprint of keys before importing them.

How would someone exploit it?
Since subkey's fingerprints aren't as easy to verify, some users might not do it, and import a subkey they don't trust (after just verifying the main key).

We could even add some UI to help the user verify them (checkboxes in the confirmation dialog?). Also, we can hide signed subkeys from the list probably.

(this was reported by kbsriram@ - let me know if we can make this bug public, thanks!)

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=28

Switch to OpenPGP.js as a PGP encryption stack (already audited and community effort)

From [email protected] on June 03, 2014 23:29:16

Is this report about the crypto library or the extension?
crypto library

What is the security bug?

The current crypto library implementing OpenPGP stack for end-to-end is relatively young and unaudited.

To improve the security of the platform, it's suggested to integrate and switch OpenPGP.js http://openpgpjs.org/
OpenPGP.js has been already audited https://github.com/openpgpjs/openpgpjs/wiki/Cure53-security-audit and it's used by known client-side-crypto applications such as Mailvelope https://www.mailvelope.com/ .

Additionally OpenPGP.js is now being used by multiple-teams and projects around the world with a good "community effort" .

By having a multi-stakeholder approach to the development of an encryption library for OpenPGP.js that's already used by other projects, would benefit the security of the end-to-end project but also the community at large.

Would you join the mailing list [email protected] on http://list.openpgpjs.org/ to introduce a discussion on possible integration?

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=3

read protected message fails on reading gnupg signed ascii armored message

From [email protected] on June 04, 2014 01:24:42

Steps to reproduce:

  1. open prompt.html, read a protected message
    2.
    -----BEGIN PGP MESSAGE-----
    Version: GnuPG v1.4.11 (GNU/Linux)

owEBOwLE/ZANAwAIAUIGW1QB70MdAcsLYgBTjlghdGVzdAqJAhwEAAEIAAYFAlOO
WCEACgkQQgZbVAHvQx2GvBAAysBVNufueZW0ixqqQk7BbJy7/enrOpMH4ttaZMhm
7rkxG0PgFVUokuV+8gyijRXxg/nMhoz8M9pOyYBhpFyMVEUZSSRWGkt9Xg3cQJB2
jd6JojZopPQHPPOd/6pSByrFZEkvDvciDUCdlvt/Uxr6o9oYHNglzuX5jilJ7l+y
mNIa3l4Okr2DdJu8wOpqhah/Gev3T51GVkpxligYtk/mJm4pswsBOTlcOwQEqg6u
2xTuFU3q8BizH/oTGuT0mmSJbSy9d64nYhwPjQBpUz9fsTK8+MaPy0aAQ3jIOtmj
IZs6G0w20vLVzAkKI3brP/68oZ7Im4IRWqzHWG3wAkUrnmHDMlJyoviz7LmI2AVg
XZ5t3aq88oCJMIyMuu55qIxqsDwhlcpGE7nbVjvj62rODKhMp3FNPNjH234wS7iN
TNlxDKXDTHb34gxJ5QFesZ3+OfsTUvS5KtV/bizB+UBTnswWRDNBmwJyT2zvOqc2
TPhlfBzdobSKAbJ13aTC55SrADy1VMIPzam5mnX9tfhWvsf2ARBzsOSSCiYjE4xk
e7DRT5v9vaJKrXBReClUq1/9D0ZR0KdDV0bWfCplV18ecOzhL6PUFgHX6SlHjlOV
qvYGYiuG8xLR8S4ncS0MBaI3jcL/oUTsQ+43oP3+8Go7C3N/j7pIV6J7urnzKwIz
zdc=
=T2iD
-----END PGP MESSAGE-----

  1. press "Read"

What happens?
"Cannot read property 'length' of undefined" error pops up

What do you expect to happen instead?
I expect the message to be decoded and verified.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=7

e2e incompatible with Chrome Update functionality

From [email protected] on June 04, 2014 03:47:13

Is this report about the crypto library or the extension?

the extension, conceptually.

What is the security bug?

If Chrome is configured to allow automatic updates, or if the user explicitly updates Chrome, Google can ship hostile binary code that will reveal the user's private key.

How would someone exploit it?

The government sends Google a National Security Letter or other such demand to send a hostile update to a user's computer, which will then send key material back to Google, who will then relay it back to the government.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=9

alias commands do not work as they are

From [email protected] on June 04, 2014 20:31:29

Steps to reproduce:

  1. run the compile script as is
    2.
    3.

What happens?
errors on all alias statment

What do you expect to happen instead?
Script to run to completion without errors.
no errors. :-)

To solve problem I added:

shopt -s expand_aliases
source ~/.bash_aliases

at the top of the compile script
and moved the aliases to the ~/.bash_aliases file.

Worked after that.
Thank you.
Regards,
Lou

PLEASE DONT UPLOAD ANY KEYS

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=21

Help users deal with UIDs with multiple keys

From [email protected] on June 07, 2014 02:28:11

When you have multiple private keys for a single email address, there is no way to select which key is used.

Reproduction steps:

  1. Import multiple private/public keys for a single email address
  2. Attempt to sign/encrypt a message, selecting this email address as the from field.

What do you see?
The message is signed/encrypted. The first private key listed on the options page is used.

What do you expect instead?
To be able to select which key does the signing. It would also be great to be able to set the default key after importing them.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=39

Importing a duplicate key should not list duplicate entries in the keyring

From [email protected] on June 05, 2014 09:13:50

Instructions to duplicate:

  1. Create a key
  2. Export the key
  3. Import the key you just exported

Expected result:

Nothing should happen, or nothing should happen with a notice indicating which keys were duplicates and/or which keys were overwritten, perhaps including errors/warnings if the keys were expected to be identical, but actually were different

Actual result:

You get several copies of the same key listed, refreshing the options page clears out the duplicates

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=24

Source for generated code not included

From [email protected] on June 04, 2014 12:12:30

In e2e/ecc/constant_fast_multiply_table_ed25519.js it says:

  • This file was generated by looking at the document
  • e2e/ecc/create_fast_multiply_table_ed25519.html
  • in a web browser, and then copying its output.

However this file does not appear to be in the repository. In general "source" in "open source" refers to the preferred form for making modifications, so it is the generator code that is important here, not the actual generated code.

I am also curious as to how the constant table works. In general, table lookups are not performed in constant time due to caching etc. Are any of the indexes you lookup, derived from secret data, such as private keys?

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=12

Add automatic support for keyserver and attached keys

From [email protected] on June 04, 2014 18:09:52

e2e should support uploading and downloading public keys to a keyserver. upload/download should both be offered under "Keyring management". Download should also be offered under compose if any recipient is missing in the keyring.

e2s should attaching keys as an attachment and importing keys from an attachment. In the compose window the user should be able to click an option to attach the key. If a message with a PGP key attached is displayed, e2e should ask whether the user wants to import it.

Both things are currently possible if the user manual does it. But automatizing it for the user would help with probably the most difficult aspect of e2e encryption (the key management).

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=19

importing large keyrings crashes the extension in Chrome versions < 36

From [email protected] on June 04, 2014 17:08:16

I fear reporting this as a "bug", but being pre-alpha, there's not much information. I'm trying what I think should work, but might be completely wrong. (Please be kind)

I have an existing secret/public key pair through GPG that I'd like to use. I assumed that I could import it into the e2e extension, but it's not working.

Steps to reproduce:

  1. Go to Options -> Keyring Management -> Import a Keyring.
  2. Select secring.gpg from my ~/.gnupg directory (it wouldn't find hidden directories, so had to copy it back to ~
  3. Click "Import"

What happens? Nothing.

What do you expect to happen instead? Takes file and imports it to use as my secret key.

PLEASE DONT UPLOAD ANY KEYS

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=16

Add support for PGP / MIME

From [email protected] on June 06, 2014 11:36:13

If you're interested in supporting PGP/MIME for attachments, we have written MIME-codec for our application:

MIME encoding: https://github.com/whiteout-io/mailbuild
MIME decoding: https://github.com/whiteout-io/mimeparser

The code is MIT licensed and is part of our email.js effort:
http://emailjs.org

Looking forward to your feedback. Thanks
Tankred

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=32

Invalid S2K type error when importing a Subkey without a primary key

From [email protected] on June 04, 2014 22:58:46

Steps to reproduce:

Attempt to import my secret key via Options or via "Import an OpenPGP Key" dialog box under end-to-end actions menu.

What happens?
I receive an error "Invalid S2K type" through the Chrome console or at the top of the Import an OpenPGP Key Dialog. The keys do not get imported to end-to-end as is expected.

I am able to import the public keys fine, just not the private keys.

If it helps (potentially a problem with compatibility of the keys), my keys are types 1024D and 2048g, and they were generated in 2008. They seem to work fine for encryption/decryption otherwise.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=22

clearsign format is not recognized by e2e during verification

From [email protected] on June 04, 2014 01:22:26

Example message, generated by e2e (sign with no recipients):

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

test
-----BEGIN PGP SIGNATURE-----
Charset: UTF-8
Version: End-To-End v0.3.1337

wv8AAAIkBAEBCAAY/wAAAAWCU45XT/8AAAAJkEIGW1QB70MdAACy6g//SpSn1MUf
NcjdHh7bQkztvXdtX6/pT6AtXwrfvL3BF1zXQkQo+d9kC3XOybBT0XSLR+T2BlGL
+iGlYCeNS+6KWko2tJwwY86+XaS0ysC8pPn3geB3n+8uDKm/bTeeG4TTGhH3UYwK
/dkuPBDv/9mV+f3M9g/XQDlu4mwzTuSDIr/aABI1ZhxgyrXbTXcrcycvZmslr0mi
gx4WIONI5sgQdHmjEx1UZUKUJjwgxLRSuh6V0onSfl2Z32NBOJLYdN+NLUjuR5LO
37tS1iQreotOpEWs3A15P0yBbsGpYUd6poVJIZXZNkoyYU3z9Vg7SFhavJmdopxb
4QIq04qWyK4SsO4IzOVf3nZJrWZFULEmQknQ/q1hkUljj82PL+Q2v+jGpJF1OAmw
aakwD3c3C8bbBgZ5Ovx+Ztwo0Dn/+g72VR4/F70jOi+LFLYuqACAlop1kPqOFIlT
uEIWwFgiVr7pYbbJjoI8sfzA4CbZhaulR7lDnbJBf6PShdf//6HCCM4Ynuxqbmsc
cDvJL02gJAZpArvahiA4itMTOK1nUIVWLx5C+pWQIvu6I0cG+sr8Ik/O8GOjJ/40
pkyfhA3GMMgwWAgZAWblj5hrYmFRwDmLFO2HB0gezgHRxZkoJgICRGhVFVzC/KAY
MkD+dMlTLHWMALqclY/o4ZDEHSEGwH9k4EI=
=FACo
-----END PGP SIGNATURE-----

Have you tested if this key/message works in other implementations? (PGP Desktop, GnuPG, etc..)

gpg --verify works as intended:

gpg: Signature made Wed 04 Jun 2014 01:16:31 AM CEST using RSA key ID 01EF431D
gpg: Good signature from "Sebastian Zagrodzki "

e2e fails to recognize message format:
"invalid ASCII armor format"

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=6

javascript runtime mutability?

From [email protected] on June 03, 2014 22:37:43

Is this report about the crypto library or the extension?

Possibly both, due to both using javascript

What is the security bug?

This is more a question than a definite exploit but does this project suffer from the fact that javascript functions (including the runtime) are mutable?

The front page says that "crypto operations are performed in a different process" which sounds like it is secure but could you talk about the mutability of javascript anyway and say that it is a non issue? An excellent writeup is at http://matasano.com/articles/javascript-cryptography/ on why javascript and encryption is hard if not a fools errand, which is why the js OTR library warn journalists not to use it http://thechangelog.com/otr-js-off-the-record-protocol-in-javascript/

How would someone exploit it?

Could a webpage run this to modify the behaviour of the extension?
Math.random = function() { return 0; };
e2e.random = { ... };

(note this is hypothetical - I've never written a chrome extension and am not sure of the details of how extensions and webpages interact)

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=2

Feature request: import key by fingerprint

From [email protected] on June 06, 2014 22:33:45

Steps to reproduce:

  1. click on end-to-end extension
  2. click options
  3. observe that the only way to import a key is to upload a file

What do you expect to happen instead?

There should be an additional field where the user could type a key fingerprint and the key would be downloaded from any public keyserver.
While this may not be intuitive for new users, printing PGP
fingerprints on business cards is standard practice open source
and security communities. Sending key files is less common.
And it just seems silly not to have this option.

I would be willing to contribute code for this.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=35

User can create a key without a passphrase

From [email protected] on June 06, 2014 09:42:05

Is this report about the crypto library or the extension?
extension

What is the security bug?
The user can create a key pair which is directly saved unencrypted to the local storage. In a second action the key can be secured with a passphrase.

How would someone exploit it?
After creating the kay pair, someone with access to the file system of the computer could access the local storage where the key is not secured with a passphrase.

On creation the user should be ask for a passphrase, so the key pair can be directly stored in the local storage secured with a passphrase. If the user doesn't want a passphrase a warning should be shown.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=31

Detect PGP keys with higher priority than "compose" for action guessing

From [email protected] on June 07, 2014 02:23:49

Steps to reproduce:

  1. Open gmail inbox
  2. Click on end to end-to-end
  3. Try to select "Import OpenPGP key"

What happens?
At step 2, a compose box opens instead of a menu.

What do you expect to happen instead?
A menu, where compose would be one option. There is no indication that the user is trying to immediately send a message.

I missed the import button this way.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=38

Instructions for running tests

From [email protected] on June 04, 2014 12:38:07

For those unfamiliar with Google Closure, some instructions on running the tests would be good. This is what I did:

git clone https://github.com/google/closure-library
git clone https://code.google.com/p/end-to-end/
cd end-to-end
ln -s ../../closure-library/closure/goog javascript/closure
ln -s deps.js javascript/crypto/e2e/test_js_deps-runfiles.js
ln -s ../closure-library/third_party third_party

Then run it from a web server, not file://.

Some way of "running all tests at once" would be good, too.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=13

welcome.html is not rendered

From [email protected] on June 04, 2014 09:32:26

Steps to reproduce:

  1. Build extension according to wiki
  2. Load extension with chrome
  3. New window with welcome.html opens

What happens?

Renders some raw text instead of executing it (see attachment), basically it does not execute the javascript.

What do you expect to happen instead?

To see a wizard, tutorial, setup etc.

Mac OS X 10.9.3
Chrome Version 36.0.1985.32 beta
Commit ID of end-to-end: ed4a8aa0a9d9def3dfb5794ab6c1785af54c05fb

Attachment: Screen Shot 2014-06-04 at 9.29.45 AM.png

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=10

Key with multiple uids results in "No Keys Found"

From [email protected] on June 06, 2014 07:15:53

I imported an RSA key previously generated with GPG that had multiple UIDs (email address, specifically) associated with they key. When imported, two entries appeared in the e2e plug-in, both sharing they same primary and sub-key IDs (which is probably fine). Attempting to decrypt messages always resulted in "No Keys Found" error. Deleting one of the UIDs allowed successful decryption of messages. Maybe this is a special case that needs to be handled specifically?

Have you tested if this key/message works in other implementations? (PGP
Desktop, GnuPG, etc..): Multiple UIDs works fine in GPG 1.4.16.

== DO NOT UPLOAD ANY KEYS PLEASE ==

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=30

dashed lines are improperly escaped in signed message

From [email protected] on June 04, 2014 01:14:21

With clear signature (sign with no recipients) prepared by e2e, GnuPG complains about incorrectly escaped dashed lines if there are any lines in the message prefixed with dashes.

BEGIN TEST MESSAGE
-- test
END TEST MESSAGE

e2e output:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

-- test
-----BEGIN PGP SIGNATURE-----
Charset: UTF-8
Version: End-To-End v0.3.1337

...

expected output:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -- test
-----BEGIN PGP SIGNATURE-----
Charset: UTF-8
Version: End-To-End v0.3.1337

output of gpg --list-packets :

:packet 63: length 19 - gpg control packet
gpg: invalid dash escaped line: -- test\n
:literal data packet:
mode t (74), created 0, name="",
raw data: unknown length

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=5

importing an existing public key with a uid, embedded image and another uid fails

From [email protected] on June 06, 2014 18:29:27

When attempting to import an existing public key with a uid, an embedded jpeg image and another uid; end-to-end fails to import the key or produce any visible error.

I was expecting the key to import, and it does so with gpg 1.4.16

The key was extracted via 'gpg --extract -a'

A stack trace includes:
Error {stack: (...), message: "No valid block."}
prompt_binary.js:2227
e2e.ext.utils.errorHandler prompt_binary.js:2227
e2e.ext.ui.Prompt.displayFailure_ prompt_binary.js:2508
e2e.ext.ui.Prompt.runWrappedProcessor_ prompt_binary.js:2507
e2e.ext.ui.Prompt.executeAction_ prompt_binary.js:2505
(anonymous function) prompt_binary.js:17
goog.events.fireListener prompt_binary.js:530
goog.events.handleBrowserEvent_ prompt_binary.js:533
(anonymous function)

I've attached the relevant --list-packets as well as an example public key

Attachment: packets.txt test.key

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=33

Allow export of a single private key

From [email protected] on June 05, 2014 09:32:24

Let's say you have a private key for your personal email account and a key for your work email account. You happen to generate the key for work from your home machine and realize you need to export the work key. But exporting a single key currently gives only the public key, not the private key. And exporting the whole keyring includes your personal account key, which you may not want to place onto your work computer at all.

Other use-cases might include private keys for a shared email alias.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=25

Support for OpenPGP smart cards

From [email protected] on June 06, 2014 21:25:52

This is a feature request rather than a functionality bug as such.

OpenPGP smart cards allow PGP keys to be stored securely in a secure element:

http://g10code.com/p-card.html

GnuPG supports these (they're developed by the GnuPG author). It would be really nice if end-to-end also supported these. I'd really like to use end-to-end but my private key is stored on such a card.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=34

Build standalone lib

From [email protected] on June 05, 2014 10:09:30

Hi,

first of all great work guys. I'm a contributor on OpenPGP.js and already got in touch on Hacknews: https://news.ycombinator.com/item?id=7843397

We currently use OpenPGP.js at whiteout.io in our Chrome Packaged App https://whiteout.io/technology.html and I was wondering if there is a way to build the end-to-end code as a standalone library for our application. The reason I'm asking is that we're currently porting the Chrome App to Android and iOS using the Chrome Cordova tools and generating RSA keys is quite taxing on mobile. So I like that you went ahead and implemented ECC.

Your rewrite in general looks very modular and clean. So kudos to you. OpenPGP.js was started as a proof of concept by Recurity Labs in Berlin, and was originally a mashup of several js crypto libs. Since then we have invested quite a bit in cleaning up the code. But there are still some inconsistencies as you have pointed out.

If it helps any, Thomas from Mailvelope and I did some profiling for OpenPGP.js and have refactored the AES and CFB code to use typed arrays which much faster than the old implementation. This will probably also still be used once we integrate the Web Crypto apis in OpenPGP.js since the standard does not seem the provide the OpenPGP CFB mode which has some quirks compared the standard CFB. But given your rewrite with the Google Closure library and our LGPL license, I understand that it's probably difficult to integrate. In case you're interested anyway:

https://github.com/openpgpjs/openpgpjs/blob/master/src/crypto/cipher/aes.js
https://github.com/openpgpjs/openpgpjs/blob/master/src/crypto/cfb.js

Cheers,
Tankred

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=26

Critical signature subpacket not recognized.

From [email protected] on June 04, 2014 12:46:09

I could import all my private and public keys, except for one where I got the error "Critical signature subpacket not recognized."
Unfortunately, it was hard to find exactly this one, as I had all my keys in one text-block and then none would be imported.
Trying to import a text-file with all the keys silently failed without any error message. Clicking the import button just did nothing. This is also true for a file with just this one faulty key.

Debug instructions:

  1. Please build the extension and go to chrome-extension:///prompt.html and try to encrypt, decrypt or import a key from there.
    2. Note the error shown in red (if any)
    Critical signature subpacket not recognized.
  2. Open the JavaScript console (Tools -> JavaScript Console)
    4. Copy the output from the console here.
    Uncaught Error: Critical signature subpacket not recognized.
    (anonymous function) settings_binary.js:2302
    d.onload settings_binary.js:2293

Have you tested if this key/message works in other implementations? (PGP
Desktop, GnuPG, etc..)
Yes! Works with gpg on fedora.

If you can, please copy the output of gpg --list-packets .

== DO NOT UPLOAD ANY KEYS PLEASE ==

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=14

the cp -t doesn't seem to work on Mac OSX Lion

From [email protected] on June 04, 2014 00:08:38

Changed the find in the build script to this:
find end-to-end/javascript/crypto/e2e/extension/ui -regex .*.html | while read line; do cp $line end-to-end/javascript/crypto/e2e/extension; done

Seems to work.

== PLEASE DONT PUT ANY KEYS HERE ==

Debug instructions:

  1. Please build the extension and go to chrome-extension:///prompt.html and try to encrypt, decrypt or import a key from there.
    2. Note the error shown in red (if any)
  2. Open the JavaScript console (Tools -> JavaScript Console)
    4. Copy the output from the console here.

Have you tested if this key/message works in other implementations? (PGP
Desktop, GnuPG, etc..)

If you can, please copy the output of gpg --list-packets .

== DO NOT UPLOAD ANY KEYS PLEASE ==

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=4

Figure out a way to deal with slow operations UX wise

From [email protected] on June 07, 2014 02:41:03

Reproduction steps:

  1. Import public keys for multiple recipients (4+).
  2. Compose a message and include multiple recipients on the To line.
  3. Press 'Protect this message'

What do you see?
There isn't any feedback that the user pressed the Protect button. It left me wondering if I had pressed the button, or if the extension had become unresponsive.

What do you expect instead?
Change the color of the button or display a progress bar when encrypting the message.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=41

Can't export the same key twice

From [email protected] on June 04, 2014 15:55:33

Steps to reproduce:

  1. Import or generate at least one public key or keypair.
  2. Export the public key by clicking on the export icon.
  3. Click the export icon to export the same public key again.

What happens?
The public key is not downloaded the second time, and no error message appears. Neither removing the previously downloaded file nor restarting the browser appears to affect this.

What do you expect to happen instead?
The public key is downloaded both times.

Original issue: http://code.google.com/p/end-to-end/issues/detail?id=15

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.