		@@ -140,2 +140,7 @@ (function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n\|\|r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r})()({1:[function(require,module,exports){

		/**
		* Let the main window know the worker has loaded.
		*/
		postMessage({ event: 'loaded' });

		},{}]},{},[1]);

dist/compat/openpgp.worker.min.js

		@@ -1,2 +0,2 @@
		/! OpenPGP.js v4.4.10 - 2019-03-04 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. /
		!function(){return function e(n,r,t){function o(a,f){if(!r[a]){if(!n[a]){var u="function"==typeof require&&require;if(!f&&u)return u(a,!0);if(i)return i(a,!0);var c=new Error("Cannot find module '"+a+"'");throw c.code="MODULE_NOT_FOUND",c}var s=r[a]={exports:{}};n[a][0].call(s.exports,function(e){return o(n[a][1][e]\|\|e)},s,s.exports,e,n,r,t)}return r[a].exports}for(var i="function"==typeof require&&require,a=0;a<t.length;a++)o(t[a]);return o}}()({1:[function(e,n,r){self.window=self,importScripts("openpgp.min.js");var t=window.openpgp,o=[],i=6e4;function a(e){self.postMessage(e,t.util.getTransferables(e.data,!0))}t.crypto.random.randomBuffer.init(i,function(){return o.length\|\|self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,r=e.data\|\|{};switch(r.event){case"configure":n=r.config,Object.keys(n).forEach(function(e){t.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array\|\|(e=new Uint8Array(e));t.crypto.random.randomBuffer.set(e)}(r.buf);var i=o;o=[];for(var f=0;f<i.length;f++)i[f]();break;default:!function(e,n,r){if("function"!=typeof t[n])return void a({id:e,event:"method-return",err:"Unknown Worker Event"});r=t.packet.clone.parseClonedPackets(r,n),t.util.restoreStreams(r),t[n](r).then(function(n){a({id:e,event:"method-return",data:t.packet.clone.clonePackets(n)})}).catch(function(n){t.util.print_debug_error(n),a({id:e,event:"method-return",err:n.message,stack:n.stack})})}(r.id,r.event,r.options\|\|{})}}},{}]},{},[1]);
		/! OpenPGP.js v4.5.0 - 2019-05-02 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. /
		!function(){return function e(n,t,r){function o(a,f){if(!t[a]){if(!n[a]){var s="function"==typeof require&&require;if(!f&&s)return s(a,!0);if(i)return i(a,!0);var u=new Error("Cannot find module '"+a+"'");throw u.code="MODULE_NOT_FOUND",u}var c=t[a]={exports:{}};n[a][0].call(c.exports,function(e){return o(n[a][1][e]\|\|e)},c,c.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;function a(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}r.crypto.random.randomBuffer.init(i,function(){return o.length\|\|self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data\|\|{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array\|\|(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var f=0;f<i.length;f++)i[f]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void a({id:e,event:"method-return",err:"Unknown Worker Event"});t=r.packet.clone.parseClonedPackets(t,n),r.util.restoreStreams(t),r[n](t).then(function(n){a({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),a({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options\|\|{})}},postMessage({event:"loaded"})},{}]},{},[1]);

dist/openpgp.worker.js

		@@ -140,2 +140,7 @@ (function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n\|\|r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r})()({1:[function(require,module,exports){

		/**
		* Let the main window know the worker has loaded.
		*/
		postMessage({ event: 'loaded' });

		},{}]},{},[1]);

dist/openpgp.worker.min.js

		@@ -1,2 +0,2 @@
		/! OpenPGP.js v4.4.10 - 2019-03-04 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. /
		!function(){return function e(n,r,t){function o(a,f){if(!r[a]){if(!n[a]){var u="function"==typeof require&&require;if(!f&&u)return u(a,!0);if(i)return i(a,!0);var c=new Error("Cannot find module '"+a+"'");throw c.code="MODULE_NOT_FOUND",c}var s=r[a]={exports:{}};n[a][0].call(s.exports,function(e){return o(n[a][1][e]\|\|e)},s,s.exports,e,n,r,t)}return r[a].exports}for(var i="function"==typeof require&&require,a=0;a<t.length;a++)o(t[a]);return o}}()({1:[function(e,n,r){self.window=self,importScripts("openpgp.min.js");var t=window.openpgp,o=[],i=6e4;function a(e){self.postMessage(e,t.util.getTransferables(e.data,!0))}t.crypto.random.randomBuffer.init(i,function(){return o.length\|\|self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,r=e.data\|\|{};switch(r.event){case"configure":n=r.config,Object.keys(n).forEach(function(e){t.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array\|\|(e=new Uint8Array(e));t.crypto.random.randomBuffer.set(e)}(r.buf);var i=o;o=[];for(var f=0;f<i.length;f++)i[f]();break;default:!function(e,n,r){if("function"!=typeof t[n])return void a({id:e,event:"method-return",err:"Unknown Worker Event"});r=t.packet.clone.parseClonedPackets(r,n),t.util.restoreStreams(r),t[n](r).then(function(n){a({id:e,event:"method-return",data:t.packet.clone.clonePackets(n)})}).catch(function(n){t.util.print_debug_error(n),a({id:e,event:"method-return",err:n.message,stack:n.stack})})}(r.id,r.event,r.options\|\|{})}}},{}]},{},[1]);
		/! OpenPGP.js v4.5.0 - 2019-05-02 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. /
		!function(){return function e(n,t,r){function o(a,f){if(!t[a]){if(!n[a]){var s="function"==typeof require&&require;if(!f&&s)return s(a,!0);if(i)return i(a,!0);var u=new Error("Cannot find module '"+a+"'");throw u.code="MODULE_NOT_FOUND",u}var c=t[a]={exports:{}};n[a][0].call(c.exports,function(e){return o(n[a][1][e]\|\|e)},c,c.exports,e,n,t,r)}return t[a].exports}for(var i="function"==typeof require&&require,a=0;a<r.length;a++)o(r[a]);return o}}()({1:[function(e,n,t){self.window=self,importScripts("openpgp.min.js");var r=window.openpgp,o=[],i=6e4;function a(e){self.postMessage(e,r.util.getTransferables(e.data,!0))}r.crypto.random.randomBuffer.init(i,function(){return o.length\|\|self.postMessage({event:"request-seed",amount:i}),new Promise(function(e){o.push(e)})}),self.onmessage=function(e){var n,t=e.data\|\|{};switch(t.event){case"configure":n=t.config,Object.keys(n).forEach(function(e){r.config[e]=n[e]});break;case"seed-random":!function(e){e instanceof Uint8Array\|\|(e=new Uint8Array(e));r.crypto.random.randomBuffer.set(e)}(t.buf);var i=o;o=[];for(var f=0;f<i.length;f++)i[f]();break;default:!function(e,n,t){if("function"!=typeof r[n])return void a({id:e,event:"method-return",err:"Unknown Worker Event"});t=r.packet.clone.parseClonedPackets(t,n),r.util.restoreStreams(t),r[n](t).then(function(n){a({id:e,event:"method-return",data:r.packet.clone.clonePackets(n)})}).catch(function(n){r.util.print_debug_error(n),a({id:e,event:"method-return",err:n.message,stack:n.stack})})}(t.id,t.event,t.options\|\|{})}},postMessage({event:"loaded"})},{}]},{},[1]);

package.json

		{
		"name": "openpgp",
		"description": "OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.",
		"version": "4.4.10",
		"version": "4.5.0",
		"license": "LGPL-3.0+",
		@@ -72,19 +72,21 @@ "homepage": "https://openpgpjs.org/",
		"text-encoding-utf-8": "^1.0.2",
		"whatwg-fetch": "^2.0.3"
		},
		"dependencies": {
		"whatwg-fetch": "^2.0.3",

		"@mattiasbuelens/web-streams-polyfill": "^0.3.1",
		"address-rfc2822": "^2.0.3",
		"asmcrypto.js": "github:openpgpjs/asmcrypto#6e4e407b9b8ae317925a9e677cc7b4de3e447e83",
		"asn1.js": "^5.0.0",
		"bn.js": "^4.11.8",
		"buffer": "^5.0.8",
		"elliptic": "github:openpgpjs/elliptic#ad81845f693effa5b4b6d07db2e82112de222f48",
		"elliptic": "github:openpgpjs/elliptic#1beea74833b48bd5698ed079c75fd21f0eb70b1c",
		"hash.js": "^1.1.3",
		"node-fetch": "^2.1.2",
		"node-localstorage": "~1.3.0",
		"pako": "^1.0.6",
		"seek-bzip": "github:openpgpjs/seek-bzip#3aca608ffedc055a1da1d898ecb244804ef32209",
		"seek-bzip": "github:openpgpjs/seek-bzip#6187fc025851d35c4e104a25ea15a10b9b8d6f7d",
		"tweetnacl": "github:openpgpjs/tweetnacl-js#1ef755f2b252a3e328ac739848d00e0dad76be2d",
		"web-stream-tools": "github:openpgpjs/web-stream-tools#84a497715c9df271a673f8616318264ab42ab3cc"
		},
		"dependencies": {
		"asn1.js": "^5.0.0",
		"node-fetch": "^2.1.2",
		"node-localstorage": "~1.3.0"
		},
		"repository": {
		@@ -91,0 +93,0 @@ "type": "git",

README.md

		@@ -122,3 +122,3 @@ OpenPGP.js [![Build Status](https://travis-ci.org/openpgpjs/openpgpjs.svg?branch=master)](https://travis-ci.org/openpgpjs/openpgpjs) [![Join the chat on Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/openpgpjs/openpgpjs?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)

		openpgp.initWorker({ path:'openpgp.worker.js' }) // set the relative web worker path
		await openpgp.initWorker({ path:'openpgp.worker.js' }) // set the relative web worker path
		```
		@@ -163,3 +163,3 @@

		openpgp.initWorker({ path:'openpgp.worker.js' }) // set the relative web worker path
		await openpgp.initWorker({ path:'openpgp.worker.js' }) // set the relative web worker path

		@@ -166,0 +166,0 @@ // put keys in backtick (``) to avoid errors caused by spaces or tabs

120

src/crypto/crypto.js

		@@ -72,32 +72,30 @@ // GPG4Browsers - An OpenPGP implementation in javascript
		const types = this.getEncSessionKeyParamTypes(algo);
		return (async function() {
		switch (algo) {
		case enums.publicKey.rsa_encrypt:
		case enums.publicKey.rsa_encrypt_sign: {
		const m = data.toBN();
		const n = pub_params[0].toBN();
		const e = pub_params[1].toBN();
		const res = await publicKey.rsa.encrypt(m, n, e);
		return constructParams(types, [res]);
		}
		case enums.publicKey.elgamal: {
		const m = data.toBN();
		const p = pub_params[0].toBN();
		const g = pub_params[1].toBN();
		const y = pub_params[2].toBN();
		const res = await publicKey.elgamal.encrypt(m, p, g, y);
		return constructParams(types, [res.c1, res.c2]);
		}
		case enums.publicKey.ecdh: {
		const oid = pub_params[0];
		const Q = pub_params[1].toUint8Array();
		const kdf_params = pub_params[2];
		const { V, C } = await publicKey.elliptic.ecdh.encrypt(
		oid, kdf_params.cipher, kdf_params.hash, data, Q, fingerprint);
		return constructParams(types, [new BN(V), C]);
		}
		default:
		return [];
		switch (algo) {
		case enums.publicKey.rsa_encrypt:
		case enums.publicKey.rsa_encrypt_sign: {
		const m = data.toBN();
		const n = pub_params[0].toBN();
		const e = pub_params[1].toBN();
		const res = await publicKey.rsa.encrypt(m, n, e);
		return constructParams(types, [res]);
		}
		}());
		case enums.publicKey.elgamal: {
		const m = data.toBN();
		const p = pub_params[0].toBN();
		const g = pub_params[1].toBN();
		const y = pub_params[2].toBN();
		const res = await publicKey.elgamal.encrypt(m, p, g, y);
		return constructParams(types, [res.c1, res.c2]);
		}
		case enums.publicKey.ecdh: {
		const oid = pub_params[0];
		const Q = pub_params[1].toUint8Array();
		const kdf_params = pub_params[2];
		const { publicKey: V, wrappedKey: C } = await publicKey.elliptic.ecdh.encrypt(
		oid, kdf_params.cipher, kdf_params.hash, data, Q, fingerprint);
		return constructParams(types, [new BN(V), C]);
		}
		default:
		return [];
		}
		},
		@@ -116,39 +114,37 @@
		* @param {String} fingerprint Recipient fingerprint
		* @returns {module:type/mpi} An MPI containing the decrypted data
		* @returns {BN} A BN containing the decrypted data
		* @async
		*/
		publicKeyDecrypt: async function(algo, key_params, data_params, fingerprint) {
		return new type_mpi(await (async function() {
		switch (algo) {
		case enums.publicKey.rsa_encrypt_sign:
		case enums.publicKey.rsa_encrypt: {
		const c = data_params[0].toBN();
		const n = key_params[0].toBN(); // n = pq
		const e = key_params[1].toBN();
		const d = key_params[2].toBN(); // de = 1 mod (p-1)(q-1)
		const p = key_params[3].toBN();
		const q = key_params[4].toBN();
		const u = key_params[5].toBN(); // q^-1 mod p
		return publicKey.rsa.decrypt(c, n, e, d, p, q, u);
		}
		case enums.publicKey.elgamal: {
		const c1 = data_params[0].toBN();
		const c2 = data_params[1].toBN();
		const p = key_params[0].toBN();
		const x = key_params[3].toBN();
		return publicKey.elgamal.decrypt(c1, c2, p, x);
		}
		case enums.publicKey.ecdh: {
		const oid = key_params[0];
		const kdf_params = key_params[2];
		const V = data_params[0].toUint8Array();
		const C = data_params[1].data;
		const d = key_params[3].toUint8Array();
		return publicKey.elliptic.ecdh.decrypt(
		oid, kdf_params.cipher, kdf_params.hash, V, C, d, fingerprint);
		}
		default:
		throw new Error('Invalid public key encryption algorithm.');
		switch (algo) {
		case enums.publicKey.rsa_encrypt_sign:
		case enums.publicKey.rsa_encrypt: {
		const c = data_params[0].toBN();
		const n = key_params[0].toBN(); // n = pq
		const e = key_params[1].toBN();
		const d = key_params[2].toBN(); // de = 1 mod (p-1)(q-1)
		const p = key_params[3].toBN();
		const q = key_params[4].toBN();
		const u = key_params[5].toBN(); // q^-1 mod p
		return publicKey.rsa.decrypt(c, n, e, d, p, q, u);
		}
		}()));
		case enums.publicKey.elgamal: {
		const c1 = data_params[0].toBN();
		const c2 = data_params[1].toBN();
		const p = key_params[0].toBN();
		const x = key_params[3].toBN();
		return publicKey.elgamal.decrypt(c1, c2, p, x);
		}
		case enums.publicKey.ecdh: {
		const oid = key_params[0];
		const kdf_params = key_params[2];
		const V = data_params[0].toUint8Array();
		const C = data_params[1].data;
		const d = key_params[3].toUint8Array();
		return publicKey.elliptic.ecdh.decrypt(
		oid, kdf_params.cipher, kdf_params.hash, V, C, d, fingerprint);
		}
		default:
		throw new Error('Invalid public key encryption algorithm.');
		}
		},
		@@ -155,0 +151,0 @@

src/crypto/public_key/elliptic/curves.js

		@@ -175,6 +175,2 @@ // OpenPGP.js - An OpenPGP implementation in javascript

		Curve.prototype.keyFromSecret = function (secret) { // Only for ed25519
		return new KeyPair(this, { secret: secret });
		};

		Curve.prototype.keyFromPublic = function (pub) {
		@@ -181,0 +177,0 @@ const keyPair = new KeyPair(this, { pub: pub });

src/crypto/public_key/elliptic/ecdh.js

		@@ -21,2 +21,3 @@ // OpenPGP.js - An OpenPGP implementation in javascript
		* @requires bn.js
		* @requires tweetnacl
		* @requires crypto/public_key/elliptic/curve
		@@ -33,2 +34,3 @@ * @requires crypto/aes_kw
		import BN from 'bn.js';
		import nacl from 'tweetnacl/nacl-fast-light.js';
		import Curve from './curves';
		@@ -55,9 +57,6 @@ import aes_kw from '../../aes_kw';
		// Key Derivation Function (RFC 6637)
		async function kdf(hash_algo, S, length, param, curve, stripLeading=false, stripTrailing=false) {
		const len = curve.curve.curve.p.byteLength();
		// Note: this is not ideal, but the RFC's are unclear
		async function kdf(hash_algo, X, length, param, stripLeading=false, stripTrailing=false) {
		// Note: X is little endian for Curve25519, big-endian for all others.
		// This is not ideal, but the RFC's are unclear
		// https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-02#appendix-B
		let X = curve.curve.curve.type === 'mont' ?
		S.toArrayLike(Uint8Array, 'le', len) :
		S.toArrayLike(Uint8Array, 'be', len);
		let i;
		@@ -91,7 +90,16 @@ if (stripLeading) {
		async function genPublicEphemeralKey(curve, Q) {
		if (curve.name === 'curve25519') {
		const { secretKey: d } = nacl.box.keyPair();
		const { secretKey, sharedKey } = await genPrivateEphemeralKey(curve, Q, d);
		let { publicKey } = nacl.box.keyPair.fromSecretKey(secretKey);
		publicKey = util.concatUint8Array([new Uint8Array([0x40]), publicKey]);
		return { publicKey, sharedKey }; // Note: sharedKey is little-endian here, unlike below
		}
		const v = await curve.genKeyPair();
		Q = curve.keyFromPublic(Q);
		const V = new Uint8Array(v.getPublic());
		const publicKey = new Uint8Array(v.getPublic());
		const S = v.derive(Q);
		return { V, S };
		const len = curve.curve.curve.p.byteLength();
		const sharedKey = S.toArrayLike(Uint8Array, 'be', len);
		return { publicKey, sharedKey };
		}
		@@ -113,8 +121,8 @@
		const curve = new Curve(oid);
		const { V, S } = await genPublicEphemeralKey(curve, Q);
		const { publicKey, sharedKey } = await genPublicEphemeralKey(curve, Q);
		const param = buildEcdhParam(enums.publicKey.ecdh, oid, cipher_algo, hash_algo, fingerprint);
		cipher_algo = enums.read(enums.symmetric, cipher_algo);
		const Z = await kdf(hash_algo, S, cipher[cipher_algo].keySize, param, curve);
		const C = aes_kw.wrap(Z, m.toString());
		return { V, C };
		const Z = await kdf(hash_algo, sharedKey, cipher[cipher_algo].keySize, param);
		const wrappedKey = aes_kw.wrap(Z, m.toString());
		return { publicKey, wrappedKey };
		}
		@@ -132,5 +140,19 @@
		async function genPrivateEphemeralKey(curve, V, d) {
		if (curve.name === 'curve25519') {
		const one = new BN(1);
		const mask = one.ushln(255 - 3).sub(one).ushln(3);
		let secretKey = new BN(d);
		secretKey = secretKey.or(one.ushln(255 - 1));
		secretKey = secretKey.and(mask);
		secretKey = secretKey.toArrayLike(Uint8Array, 'le', 32);
		const sharedKey = nacl.scalarMult(secretKey, V.subarray(1));
		return { secretKey, sharedKey }; // Note: sharedKey is little-endian here, unlike below
		}
		V = curve.keyFromPublic(V);
		d = curve.keyFromPrivate(d);
		return d.derive(V);
		const secretKey = new Uint8Array(d.getPrivate());
		const S = d.derive(V);
		const len = curve.curve.curve.p.byteLength();
		const sharedKey = S.toArrayLike(Uint8Array, 'be', len);
		return { secretKey, sharedKey };
		}
		@@ -153,3 +175,3 @@
		const curve = new Curve(oid);
		const S = await genPrivateEphemeralKey(curve, V, d);
		const { sharedKey } = await genPrivateEphemeralKey(curve, V, d);
		const param = buildEcdhParam(enums.publicKey.ecdh, oid, cipher_algo, hash_algo, fingerprint);
		@@ -161,3 +183,3 @@ cipher_algo = enums.read(enums.symmetric, cipher_algo);
		// Work around old go crypto bug and old OpenPGP.js bug, respectively.
		const Z = await kdf(hash_algo, S, cipher[cipher_algo].keySize, param, curve, i === 1, i === 2);
		const Z = await kdf(hash_algo, sharedKey, cipher[cipher_algo].keySize, param, i === 1, i === 2);
		return new BN(aes_kw.unwrap(Z, C));
		@@ -164,0 +186,0 @@ } catch (e) {

src/crypto/public_key/elliptic/eddsa.js

		@@ -20,8 +20,15 @@ // OpenPGP.js - An OpenPGP implementation in javascript
		* @fileoverview Implementation of EdDSA following RFC4880bis-03 for OpenPGP
		* @requires hash.js
		* @requires tweetnacl
		* @requires crypto/public_key/elliptic/curve
		* @requires util
		* @module crypto/public_key/elliptic/eddsa
		*/

		import Curve from './curves';
		import sha512 from 'hash.js/lib/hash/sha/512';
		import nacl from 'tweetnacl/nacl-fast-light.js';
		import util from '../../../util';

		nacl.hash = bytes => new Uint8Array(sha512().update(bytes).digest());

		/**
		@@ -39,8 +46,9 @@ * Sign a message using the provided key
		async function sign(oid, hash_algo, m, d, hashed) {
		const curve = new Curve(oid);
		const key = curve.keyFromSecret(d);
		const signature = await key.sign(m, hash_algo, hashed);
		const { secretKey } = nacl.sign.keyPair.fromSeed(d);
		const signature = nacl.sign.detached(hashed, secretKey);
		// EdDSA signature params are returned in little-endian format
		return { R: new Uint8Array(signature.Rencoded()),
		S: new Uint8Array(signature.Sencoded()) };
		return {
		R: signature.subarray(0, 32),
		S: signature.subarray(32)
		};
		}
		@@ -55,3 +63,3 @@
		* @param {Uint8Array} m Message to verify
		* @param {Uint8Array} Q Public key used to verify the message
		* @param {Uint8Array} publicKey Public key used to verify the message
		* @param {Uint8Array} hashed The hashed message
		@@ -61,8 +69,7 @@ * @returns {Boolean}
		*/
		async function verify(oid, hash_algo, signature, m, Q, hashed) {
		const curve = new Curve(oid);
		const key = curve.keyFromPublic(Q);
		return key.verify(m, signature, hash_algo, hashed);
		async function verify(oid, hash_algo, { R, S }, m, publicKey, hashed) {
		const signature = util.concatUint8Array([R, S]);
		return nacl.sign.detached.verify(hashed, signature, publicKey.subarray(1));
		}

		export default { sign, verify };

src/crypto/public_key/index.js

		/**
		* @fileoverview Asymmetric cryptography functions
		* @requires tweetnacl
		* @requires crypto/public_key/dsa
		@@ -10,2 +11,3 @@ * @requires crypto/public_key/elgamal

		import nacl from 'tweetnacl/nacl-fast-light.js';
		import rsa from './rsa';
		@@ -24,3 +26,5 @@ import elgamal from './elgamal';
		/** @see module:crypto/public_key/dsa */
		dsa: dsa
		dsa: dsa,
		/** @see tweetnacl */
		nacl: nacl
		};

src/crypto/signature.js

		@@ -61,7 +61,6 @@ /**
		const oid = pub_MPIs[0];
		// TODO refactor elliptic to accept Uint8Array
		// EdDSA signature params are expected in little-endian format
		const signature = { R: Array.from(msg_MPIs[0].toUint8Array('le', 32)),
		S: Array.from(msg_MPIs[1].toUint8Array('le', 32)) };
		const Q = Array.from(pub_MPIs[1].toUint8Array('be', 33));
		const signature = { R: msg_MPIs[0].toUint8Array('le', 32),
		S: msg_MPIs[1].toUint8Array('le', 32) };
		const Q = pub_MPIs[1].toUint8Array('be', 33);
		return publicKey.elliptic.eddsa.verify(oid, hash_algo, signature, data, Q, hashed);
		@@ -124,3 +123,3 @@ }
		const oid = key_params[0];
		const d = Array.from(key_params[2].toUint8Array('be', 32));
		const d = key_params[2].toUint8Array('be', 32);
		const signature = await publicKey.elliptic.eddsa.sign(oid, hash_algo, data, d, hashed);
		@@ -127,0 +126,0 @@ return util.concatUint8Array([

src/openpgp.js

		@@ -66,8 +66,15 @@ // OpenPGP.js - An OpenPGP implementation in javascript
		* @param {Array<Object>} workers alternative to path parameter: web workers initialized with 'openpgp.worker.js'
		* @returns {Promise<Boolean>} returns a promise that resolves to true if all workers have succesfully finished loading
		* @async
		*/
		export function initWorker({ path='openpgp.worker.js', n = 1, workers = [] } = {}) {
		export async function initWorker({ path='openpgp.worker.js', n = 1, workers = [] } = {}) {
		if (workers.length \|\| (typeof window !== 'undefined' && window.Worker && window.MessageChannel)) {
		asyncProxy = new AsyncProxy({ path, n, workers, config });
		return true;
		const proxy = new AsyncProxy({ path, n, workers, config });
		const loaded = await proxy.loaded();
		if (loaded) {
		asyncProxy = proxy;
		return true;
		}
		}
		return false;
		}
		@@ -441,2 +448,10 @@
		result.signature = armor ? signature.armor() : signature;
		if (message.packets) {
		result.signature = stream.transformPair(message.packets.write(), async (readable, writable) => {
		await Promise.all([
		stream.pipe(result.signature, writable),
		stream.readToEnd(readable).catch(() => {})
		]);
		});
		}
		} else {
		@@ -443,0 +458,0 @@ message = await message.sign(privateKeys, undefined, date, fromUserIds);

src/packet/public_key_encrypted_session_key.js

		@@ -140,4 +140,4 @@ // GPG4Browsers - An OpenPGP implementation in javascript
		const algo = enums.write(enums.publicKey, this.publicKeyAlgorithm);
		const result = await crypto.publicKeyDecrypt(
		algo, key.params, this.encrypted, key.getFingerprintBytes());
		const result = new type_mpi(await crypto.publicKeyDecrypt(
		algo, key.params, this.encrypted, key.getFingerprintBytes()));

		@@ -144,0 +144,0 @@ let checksum;

src/polyfills.js

		@@ -11,4 +11,2 @@ /**

		/* eslint-disable import/no-extraneous-dependencies */

		if (typeof window !== 'undefined') {
		@@ -15,0 +13,0 @@ /********************************************************************

src/util.js

		@@ -655,7 +655,19 @@ // GPG4Browsers - An OpenPGP implementation in javascript
		formatUserId: function(id) {
		// name and email address can be empty but must be of the correct type
		if ((id.name && !util.isString(id.name)) \|\| (id.email && !util.isEmailAddress(id.email))) {
		// name, email address and comment can be empty but must be of the correct type
		if ((id.name && !util.isString(id.name)) \|\|
		(id.email && !util.isEmailAddress(id.email)) \|\|
		(id.comment && !util.isString(id.comment))) {
		throw new Error('Invalid user id format');
		}
		return new rfc2822.Address(id.name, id.email, id.comment).format();
		const components = [];
		if (id.name) {
		components.push(id.name);
		}
		if (id.comment) {
		components.push(`(${id.comment})`);
		}
		if (id.email) {
		components.push(`<${id.email}>`);
		}
		return components.join(' ');
		},
		@@ -662,0 +674,0 @@

src/worker/async_proxy.js

		@@ -52,2 +52,5 @@ // GPG4Browsers - An OpenPGP implementation in javascript
		switch (msg.event) {
		case 'loaded':
		this.workers[workerId].loadedResolve(true);
		break;
		case 'method-return':
		@@ -87,6 +90,11 @@ if (msg.err) {
		this.workers.forEach(worker => {
		worker.loadedPromise = new Promise(resolve => {
		worker.loadedResolve = resolve;
		});
		worker.requests = 0;
		worker.onmessage = handleMessage(workerId++);
		worker.onerror = e => {
		throw new Error('Unhandled error in openpgp worker: ' + e.message + ' (' + e.filename + ':' + e.lineno + ')');
		worker.loadedResolve(false);
		console.error('Unhandled error in openpgp worker: ' + e.message + ' (' + e.filename + ':' + e.lineno + ')');
		return false;
		};
		@@ -105,2 +113,11 @@
		/**
		* Returns a promise that resolves when all workers have finished loading
		* @returns {Promise<Boolean>} Resolves to true if all workers have loaded succesfully; false otherwise
		*/
		AsyncProxy.prototype.loaded = async function() {
		const loaded = await Promise.all(this.workers.map(worker => worker.loadedPromise));
		return loaded.every(Boolean);
		};

		/**
		* Get new request ID
		@@ -107,0 +124,0 @@ * @returns {integer} New unique request ID

src/worker/worker.js

		@@ -138,1 +138,6 @@ // GPG4Browsers - An OpenPGP implementation in javascript
		}

		/**
		* Let the main window know the worker has loaded.
		*/
		postMessage({ event: 'loaded' });

test/crypto/crypto.js

		@@ -367,3 +367,3 @@ const openpgp = typeof window !== 'undefined' && window.openpgp ? window.openpgp : require('../../dist/openpgp');
		).then(data => {
		data = data.write();
		data = new openpgp.MPI(data).write();
		data = util.Uint8Array_to_str(data.subarray(2, data.length));
		@@ -387,3 +387,3 @@
		).then(data => {
		data = data.write();
		data = new openpgp.MPI(data).write();
		data = util.Uint8Array_to_str(data.subarray(2, data.length));
		@@ -390,0 +390,0 @@

test/crypto/elliptic.js

		@@ -432,3 +432,3 @@ const openpgp = typeof window !== 'undefined' && window.openpgp ? window.openpgp : require('../../dist/openpgp');
		const oid = new openpgp.OID(curveObj.oid);
		const { V, S } = await openpgp.crypto.publicKey.elliptic.ecdh.genPublicEphemeralKey(
		const { publicKey: V, sharedKey } = await openpgp.crypto.publicKey.elliptic.ecdh.genPublicEphemeralKey(
		curveObj, Q
		@@ -443,3 +443,3 @@ );
		const Z = await openpgp.crypto.publicKey.elliptic.ecdh.kdf(
		hash_algo, S, openpgp.crypto.cipher[cipher_algo].keySize, param, curveObj, false
		hash_algo, sharedKey, openpgp.crypto.cipher[cipher_algo].keySize, param, curveObj, false
		);
		@@ -451,3 +451,3 @@ return { V, Z };
		const oid = new openpgp.OID(curveObj.oid);
		const S = await openpgp.crypto.publicKey.elliptic.ecdh.genPrivateEphemeralKey(
		const { sharedKey } = await openpgp.crypto.publicKey.elliptic.ecdh.genPrivateEphemeralKey(
		curveObj, V, d
		@@ -462,3 +462,3 @@ );
		const Z = await openpgp.crypto.publicKey.elliptic.ecdh.kdf(
		hash_algo, S, openpgp.crypto.cipher[cipher_algo].keySize, param, curveObj, false
		hash_algo, sharedKey, openpgp.crypto.cipher[cipher_algo].keySize, param, curveObj, false
		);
		@@ -465,0 +465,0 @@ return Z;

test/general/brainpool.js

		@@ -276,4 +276,4 @@ /* globals tryTests: true */
		if: typeof window !== 'undefined' && window.Worker,
		before: function() {
		openpgp.initWorker({ path:'../dist/openpgp.worker.js' });
		before: async function() {
		await openpgp.initWorker({ path:'../dist/openpgp.worker.js' });
		},
		@@ -280,0 +280,0 @@ beforeEach: function() {

test/general/ecc_nist.js

		@@ -300,4 +300,4 @@ /* globals tryTests: true */
		if: typeof window !== 'undefined' && window.Worker,
		before: function() {
		openpgp.initWorker({ path:'../dist/openpgp.worker.js' });
		before: async function() {
		await openpgp.initWorker({ path:'../dist/openpgp.worker.js' });
		},
		@@ -304,0 +304,0 @@ beforeEach: function() {

269

test/general/streaming.js

		@@ -79,3 +79,3 @@ const openpgp = typeof window !== 'undefined' && window.openpgp ? window.openpgp : require('../../dist/openpgp');

		let plaintext, data, i, canceled, expectedType, dataArrived;
		let privKey, pubKey, plaintext, data, i, canceled, expectedType, dataArrived;

		@@ -138,5 +138,2 @@ function tests() {
		it('Sign: Input stream should be canceled when canceling encrypted stream', async function() {
		const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
		await privKey.decrypt(passphrase);

		const signed = await openpgp.sign({
		@@ -207,6 +204,2 @@ message: openpgp.message.fromBinary(data),
		try {
		const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
		const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
		await privKey.decrypt(passphrase);

		const encrypted = await openpgp.encrypt({
		@@ -274,6 +267,2 @@ message: openpgp.message.fromBinary(data),
		try {
		const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
		const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
		await privKey.decrypt(passphrase);

		const encrypted = await openpgp.encrypt({
		@@ -314,6 +303,2 @@ message: openpgp.message.fromBinary(data),
		try {
		const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
		const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
		await privKey.decrypt(passphrase);

		const encrypted = await openpgp.encrypt({
		@@ -350,36 +335,26 @@ message: openpgp.message.fromBinary(data),

		it('Sign/verify: Detect armor checksum error (allow_unauthenticated_stream=true)', async function() {
		let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
		openpgp.config.allow_unauthenticated_stream = true;
		try {
		const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
		const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
		await privKey.decrypt(passphrase);
		it('Sign/verify: Detect armor checksum error', async function() {
		const signed = await openpgp.sign({
		message: openpgp.message.fromBinary(data),
		privateKeys: privKey
		});

		const signed = await openpgp.sign({
		message: openpgp.message.fromBinary(data),
		privateKeys: privKey
		});

		const msgAsciiArmored = signed.data;
		const message = await openpgp.message.readArmored(openpgp.stream.transform(msgAsciiArmored, value => {
		value += '';
		const newlineIndex = value.indexOf('\r\n', 500);
		if (value.length > 1000) return value.slice(0, newlineIndex - 1) + (value[newlineIndex - 1] === 'a' ? 'b' : 'a') + value.slice(newlineIndex);
		return value;
		}));
		const verified = await openpgp.verify({
		publicKeys: pubKey,
		message,
		streaming: expectedType
		});
		expect(util.isStream(verified.data)).to.equal(expectedType);
		const reader = openpgp.stream.getReader(verified.data);
		expect(await reader.peekBytes(1024)).not.to.deep.equal(plaintext[0]);
		dataArrived();
		await expect(reader.readToEnd()).to.be.rejectedWith('Ascii armor integrity check on message failed');
		expect(verified.signatures).to.exist.and.have.length(1);
		} finally {
		openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
		}
		const msgAsciiArmored = signed.data;
		const message = await openpgp.message.readArmored(openpgp.stream.transform(msgAsciiArmored, value => {
		value += '';
		const newlineIndex = value.indexOf('\r\n', 500);
		if (value.length > 1000) return value.slice(0, newlineIndex - 1) + (value[newlineIndex - 1] === 'a' ? 'b' : 'a') + value.slice(newlineIndex);
		return value;
		}));
		const verified = await openpgp.verify({
		publicKeys: pubKey,
		message,
		streaming: expectedType
		});
		expect(util.isStream(verified.data)).to.equal(expectedType);
		const reader = openpgp.stream.getReader(verified.data);
		expect(await reader.peekBytes(1024)).not.to.deep.equal(plaintext[0]);
		dataArrived();
		await expect(reader.readToEnd()).to.be.rejectedWith('Ascii armor integrity check on message failed');
		expect(verified.signatures).to.exist.and.have.length(1);
		});
		@@ -514,36 +489,23 @@

		it('Sign/verify: Input stream should be canceled when canceling decrypted stream (draft04)', async function() {
		let aead_protectValue = openpgp.config.aead_protect;
		let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte;
		openpgp.config.aead_protect = true;
		openpgp.config.aead_chunk_size_byte = 4;
		try {
		const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
		const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
		await privKey.decrypt(passphrase);
		it('Sign/verify: Input stream should be canceled when canceling verified stream', async function() {
		const signed = await openpgp.sign({
		message: openpgp.message.fromBinary(data),
		privateKeys: privKey
		});

		const signed = await openpgp.sign({
		message: openpgp.message.fromBinary(data),
		privateKeys: privKey
		});

		const msgAsciiArmored = signed.data;
		const message = await openpgp.message.readArmored(msgAsciiArmored);
		const verified = await openpgp.verify({
		publicKeys: pubKey,
		message
		});
		expect(util.isStream(verified.data)).to.equal(expectedType);
		const reader = openpgp.stream.getReader(verified.data);
		expect(await reader.readBytes(1024)).to.deep.equal(plaintext[0]);
		dataArrived();
		reader.releaseLock();
		await openpgp.stream.cancel(verified.data, new Error('canceled by test'));
		expect(canceled).to.be.true;
		expect(verified.signatures).to.exist.and.have.length(1);
		await expect(verified.signatures[0].verified).to.be.rejectedWith('canceled');
		} finally {
		openpgp.config.aead_protect = aead_protectValue;
		openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteValue;
		}
		const msgAsciiArmored = signed.data;
		const message = await openpgp.message.readArmored(msgAsciiArmored);
		const verified = await openpgp.verify({
		publicKeys: pubKey,
		message
		});
		expect(util.isStream(verified.data)).to.equal(expectedType);
		const reader = openpgp.stream.getReader(verified.data);
		expect(await reader.readBytes(1024)).to.deep.equal(plaintext[0]);
		dataArrived();
		reader.releaseLock();
		await openpgp.stream.cancel(verified.data, new Error('canceled by test'));
		expect(canceled).to.be.true;
		expect(verified.signatures).to.exist.and.have.length(1);
		await expect(verified.signatures[0].verified).to.be.rejectedWith('canceled');
		});
		@@ -560,10 +522,6 @@
		await new Promise(resolve => setTimeout(resolve, 3000));
		expect(i).to.be.lessThan(50);
		expect(i).to.be.lessThan(expectedType === 'web' ? 50 : 100);
		});

		it("Sign: Don't pull entire input stream when we're not pulling signed stream", async function() {
		const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
		const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
		await privKey.decrypt(passphrase);

		const signed = await openpgp.sign({
		@@ -577,3 +535,3 @@ message: openpgp.message.fromBinary(data),
		await new Promise(resolve => setTimeout(resolve, 3000));
		expect(i).to.be.lessThan(50);
		expect(i).to.be.lessThan(expectedType === 'web' ? 50 : 100);
		});
		@@ -605,3 +563,3 @@
		await new Promise(resolve => setTimeout(resolve, 3000));
		expect(i).to.be.lessThan(50);
		expect(i).to.be.lessThan(expectedType === 'web' ? 50 : 100);
		} finally {
		@@ -614,34 +572,101 @@ openpgp.config.aead_protect = aead_protectValue;

		it("Sign/verify: Don't pull entire input stream when we're not pulling verified stream (draft04)", async function() {
		let aead_protectValue = openpgp.config.aead_protect;
		let aead_chunk_size_byteValue = openpgp.config.aead_chunk_size_byte;
		openpgp.config.aead_protect = true;
		openpgp.config.aead_chunk_size_byte = 4;
		try {
		const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
		const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
		await privKey.decrypt(passphrase);
		it("Sign/verify: Don't pull entire input stream when we're not pulling verified stream", async function() {
		const signed = await openpgp.sign({
		message: openpgp.message.fromBinary(data),
		privateKeys: privKey
		});
		const msgAsciiArmored = signed.data;
		const message = await openpgp.message.readArmored(msgAsciiArmored);
		const verified = await openpgp.verify({
		publicKeys: pubKey,
		message
		});
		expect(util.isStream(verified.data)).to.equal(expectedType);
		const reader = openpgp.stream.getReader(verified.data);
		expect(await reader.readBytes(1024)).to.deep.equal(plaintext[0]);
		dataArrived();
		await new Promise(resolve => setTimeout(resolve, 3000));
		expect(i).to.be.lessThan(expectedType === 'web' ? 50 : 100);
		});

		const signed = await openpgp.sign({
		message: openpgp.message.fromBinary(data),
		privateKeys: privKey
		});
		const msgAsciiArmored = signed.data;
		const message = await openpgp.message.readArmored(msgAsciiArmored);
		const verified = await openpgp.verify({
		publicKeys: pubKey,
		message
		});
		expect(util.isStream(verified.data)).to.equal(expectedType);
		const reader = openpgp.stream.getReader(verified.data);
		expect(await reader.readBytes(1024)).to.deep.equal(plaintext[0]);
		dataArrived();
		await new Promise(resolve => setTimeout(resolve, 3000));
		expect(i).to.be.lessThan(50);
		} finally {
		openpgp.config.aead_protect = aead_protectValue;
		openpgp.config.aead_chunk_size_byte = aead_chunk_size_byteValue;
		}
		it('Detached sign small message', async function() {
		dataArrived(); // Do not wait until data arrived.
		const data = new ReadableStream({
		async start(controller) {
		controller.enqueue(util.str_to_Uint8Array('hello '));
		controller.enqueue(util.str_to_Uint8Array('world'));
		controller.close();
		}
		});
		const signed = await openpgp.sign({
		message: openpgp.message.fromBinary(data),
		privateKeys: privKey,
		detached: true,
		});
		const sigArmored = await openpgp.stream.readToEnd(signed.signature);
		const signature = await openpgp.message.readArmored(sigArmored);
		const verified = await openpgp.verify({
		signature,
		publicKeys: pubKey,
		message: openpgp.message.fromText('hello world')
		});
		expect(openpgp.util.decode_utf8(verified.data)).to.equal('hello world');
		expect(verified.signatures).to.exist.and.have.length(1);
		expect(verified.signatures[0].valid).to.be.true;
		});

		it('Detached sign small message (not streaming)', async function() {
		dataArrived(); // Do not wait until data arrived.
		const data = new ReadableStream({
		async start(controller) {
		controller.enqueue(util.str_to_Uint8Array('hello '));
		controller.enqueue(util.str_to_Uint8Array('world'));
		controller.close();
		}
		});
		const signed = await openpgp.sign({
		message: openpgp.message.fromBinary(data),
		privateKeys: privKey,
		detached: true,
		streaming: false,
		});
		const sigArmored = await openpgp.stream.readToEnd(signed.signature);
		const signature = await openpgp.message.readArmored(sigArmored);
		const verified = await openpgp.verify({
		signature,
		publicKeys: pubKey,
		message: openpgp.message.fromText('hello world')
		});
		expect(openpgp.util.decode_utf8(verified.data)).to.equal('hello world');
		expect(verified.signatures).to.exist.and.have.length(1);
		expect(verified.signatures[0].valid).to.be.true;
		});

		it("Detached sign is expected to pull entire input stream when we're not pulling signed stream", async function() {
		const signed = await openpgp.sign({
		message: openpgp.message.fromBinary(data),
		privateKeys: privKey,
		detached: true
		});
		const reader = openpgp.stream.getReader(signed.signature);
		expect((await reader.readBytes(31)).toString('utf8')).to.equal('-----BEGIN PGP SIGNATURE-----\r\n');
		dataArrived();
		await new Promise(resolve => setTimeout(resolve, 3000));
		expect(i).to.be.greaterThan(100);
		});

		it('Detached sign: Input stream should be canceled when canceling signed stream', async function() {
		const signed = await openpgp.sign({
		message: openpgp.message.fromBinary(data),
		privateKeys: privKey,
		detached: true
		});
		const reader = openpgp.stream.getReader(signed.signature);
		expect((await reader.readBytes(31)).toString('utf8')).to.equal('-----BEGIN PGP SIGNATURE-----\r\n');
		dataArrived();
		reader.releaseLock();
		await openpgp.stream.cancel(signed.signature, new Error('canceled by test'));
		expect(canceled).to.be.true;
		});

		if (openpgp.util.detectNode()) {
		@@ -676,2 +701,8 @@ const fs = util.nodeRequire('fs');

		before(async function() {
		pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
		privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
		await privKey.decrypt(passphrase);
		});

		beforeEach(function() {
		@@ -689,3 +720,3 @@ let test = ++currentTest;
		await new Promise(setTimeout);
		if (test === currentTest && i++ < 10) {
		if (test === currentTest && i++ < 100) {
		if (i === 4) await dataArrivedPromise;
		@@ -692,0 +723,0 @@ let randomBytes = await openpgp.crypto.random.getRandomBytes(1024);

test/general/x25519.js

		@@ -322,4 +322,4 @@ const openpgp = typeof window !== 'undefined' && window.openpgp ? window.openpgp : require('../../dist/openpgp');
		if: typeof window !== 'undefined' && window.Worker,
		before: function() {
		openpgp.initWorker({ path:'../dist/openpgp.worker.js' });
		before: async function() {
		await openpgp.initWorker({ path:'../dist/openpgp.worker.js' });
		},
		@@ -340,5 +340,4 @@ beforeEach: function() {
		const curve = new elliptic.Curve('ed25519');
		const S = curve.keyFromSecret(vector.SECRET_KEY);
		const P = curve.keyFromPublic('40'+vector.PUBLIC_KEY);
		expect(S.getPublic()).to.deep.equal(P.getPublic());
		const { publicKey } = openpgp.crypto.publicKey.nacl.sign.keyPair.fromSeed(openpgp.util.hex_to_Uint8Array(vector.SECRET_KEY));
		expect(publicKey).to.deep.equal(openpgp.util.hex_to_Uint8Array(vector.PUBLIC_KEY));
		const data = util.str_to_Uint8Array(vector.MESSAGE);
		@@ -355,3 +354,3 @@ const keyIntegers = [
		return Promise.all([
		signature.sign(22, undefined, keyIntegers, data).then(signed => {
		signature.sign(22, undefined, keyIntegers, undefined, data).then(signed => {
		const len = ((signed[0] << 8\| signed[1]) + 7) / 8;
		@@ -361,3 +360,3 @@ expect(util.hex_to_Uint8Array(vector.SIGNATURE.R)).to.deep.eq(signed.slice(2, 2 + len));
		}),
		signature.verify(22, undefined, msg_MPIs, keyIntegers, data).then(result => {
		signature.verify(22, undefined, msg_MPIs, keyIntegers, undefined, data).then(result => {
		expect(result).to.be.true;
		@@ -364,0 +363,0 @@ })

dist/compat/openpgp.js