Short security review results May 2018

[toberndo]

In the course of the project https://github.com/mailvelope/mailvelope/wiki/mw2018 we have initiated an audit of the OpenPGP.js code base which was conducted by Cure53.
This was only a short security review without final report, still I think it is interesting to share the assessement of Cure53 on features newly implemented in OpenPGP.js v3.

Coverage of the audit:

• AEAD encrypted packets
• EAX, GCM, OCB
• CMAC
• all cryptographic primitive implementations: AES,
  AES-EAX, AES-GCM, AES-CBC, ED25519, C25519, ECDSA, HMAC, P256, P384,
  P521, SECP256K1.
• Prime number handling.
• Date support in signatures.
• Cryptographic API exposure via different providers.

Feedback from Cure53 team:

Tested cryptographic implementations were top notch and excellent
quality given the platform. The only limitations come from the platform
itself (JavaScript/web), which do not allow for side channel resistance
or reliable constant time operations. Overall however this is an
exceptional library for JavaScript cryptography.

@cure53 please confirm result and please also open a new ticket for the identified issue MV-02-005 (low).

[tomholub]

Excellent news

[cure53]

Hi @toberndo, the result is hereby confirmed!

[brainscar]

This is great!