From 08d6b276e3fb54b8969bcae571fe90c2e8082c52 Mon Sep 17 00:00:00 2001 From: Daniel Huigens Date: Tue, 11 Feb 2020 21:27:21 +0100 Subject: [PATCH] Return data as string in openpgp.verify by default Add format='utf8'/'binary' param to openpgp.verify in order to be able to return binary data instead. --- src/openpgp.js | 6 ++++-- test/general/openpgp.js | 9 ++++++--- test/general/signature.js | 12 ++++++------ test/general/streaming.js | 17 ++++++++++------- 4 files changed, 26 insertions(+), 18 deletions(-) diff --git a/src/openpgp.js b/src/openpgp.js index 259848a7..81fe5482 100644 --- a/src/openpgp.js +++ b/src/openpgp.js @@ -461,6 +461,7 @@ export function sign({ message, privateKeys, armor = true, streaming = message & * Verifies signatures of cleartext signed message * @param {Key|Array} publicKeys array of publicKeys or single key, to verify signatures * @param {CleartextMessage|Message} message (cleartext) message object with signatures + * @param {'utf8'|'binary'} format (optional) whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. * @param {'web'|'node'|false} streaming (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any. * @param {Signature} signature (optional) detached signature for verification * @param {Date} date (optional) use the given date for verification instead of the current time @@ -480,8 +481,9 @@ export function sign({ message, privateKeys, armor = true, streaming = message & * @async * @static */ -export function verify({ message, publicKeys, streaming = message && message.fromStream, signature = null, date = new Date() }) { +export function verify({ message, publicKeys, format = 'utf8', streaming = message && message.fromStream, signature = null, date = new Date() }) { checkCleartextOrMessage(message); + if (message instanceof CleartextMessage && format === 'binary') throw new Error("Can't return cleartext message data as binary"); publicKeys = toArray(publicKeys); if (asyncProxy) { // use web worker if available @@ -491,7 +493,7 @@ export function verify({ message, publicKeys, streaming = message && message.fro return Promise.resolve().then(async function() { const result = {}; result.signatures = signature ? await message.verifyDetached(signature, publicKeys, date, streaming) : await message.verify(publicKeys, date, streaming); - result.data = message instanceof CleartextMessage ? message.getText() : message.getLiteralData(); + result.data = format === 'binary' ? message.getLiteralData() : message.getText(); if (streaming) linkStreams(result, message); result.data = await convertStream(result.data, streaming); if (!streaming) await prepareSignatures(result.signatures); diff --git a/test/general/openpgp.js b/test/general/openpgp.js index 896697df..19c17c9b 100644 --- a/test/general/openpgp.js +++ b/test/general/openpgp.js @@ -2265,7 +2265,8 @@ describe('OpenPGP.js public api tests', function() { }; const verifyOpt = { publicKeys: publicKey_2038_2045.keys, - date: future + date: future, + format: 'binary' }; return openpgp.sign(signOpt).then(async function (signed) { verifyOpt.message = openpgp.message.fromBinary(data); @@ -2289,7 +2290,8 @@ describe('OpenPGP.js public api tests', function() { armor: false }; const verifyOpt = { - publicKeys: publicKey.keys + publicKeys: publicKey.keys, + format: 'binary' }; return openpgp.sign(signOpt).then(async function (signed) { const message = await openpgp.message.read(signed.data); @@ -2318,7 +2320,8 @@ describe('OpenPGP.js public api tests', function() { }; const verifyOpt = { publicKeys: publicKey.keys, - streaming: 'web' + streaming: 'web', + format: 'binary' }; return openpgp.sign(signOpt).then(async function (signed) { expect(openpgp.util.isStream(signed.data)).to.equal('web'); diff --git a/test/general/signature.js b/test/general/signature.js index 81569b90..f54e3500 100644 --- a/test/general/signature.js +++ b/test/general/signature.js @@ -1218,7 +1218,7 @@ yYDnCgA= return openpgp.verify({ publicKeys: [pubKey], message: sMsg }).then(function(cleartextSig) { expect(cleartextSig).to.exist; - expect(openpgp.util.Uint8Array_to_str(openpgp.util.nativeEOL(cleartextSig.data))).to.equal(plaintext); + expect(cleartextSig.data).to.equal(plaintext); expect(cleartextSig.signatures).to.have.length(1); expect(cleartextSig.signatures[0].valid).to.equal(!openpgp.config.reject_message_hash_algorithms.has(openpgp.enums.hash.sha1)); expect(cleartextSig.signatures[0].signature.packets.length).to.equal(1); @@ -1255,7 +1255,7 @@ yYDnCgA= return openpgp.verify({ publicKeys: [pubKey], message: sMsg }).then(async function(cleartextSig) { expect(cleartextSig).to.exist; - expect(openpgp.util.Uint8Array_to_str(openpgp.util.nativeEOL(await openpgp.stream.readToEnd(cleartextSig.data)))).to.equal(plaintext); + expect(await openpgp.stream.readToEnd(cleartextSig.data)).to.equal(plaintext); expect(cleartextSig.signatures).to.have.length(1); if (!openpgp.config.reject_message_hash_algorithms.has(openpgp.enums.hash.sha1)) { expect(await cleartextSig.signatures[0].verified).to.be.true; @@ -1288,7 +1288,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA return openpgp.verify({ publicKeys: [pubKey], message: sMsg }).then(async function(cleartextSig) { expect(cleartextSig).to.exist; - expect(openpgp.util.Uint8Array_to_str(openpgp.util.nativeEOL(await openpgp.stream.readToEnd(cleartextSig.data)))).to.equal(plaintext); + expect(await openpgp.stream.readToEnd(cleartextSig.data)).to.equal(plaintext); expect(cleartextSig.signatures).to.have.length(0); }); }); @@ -1321,7 +1321,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA return openpgp.verify({ publicKeys: [pubKey], message: sMsg }).then(async function(cleartextSig) { expect(cleartextSig).to.exist; - expect(openpgp.util.Uint8Array_to_str(openpgp.util.nativeEOL(await openpgp.stream.readToEnd(cleartextSig.data)))).to.equal(plaintext); + expect(await openpgp.stream.readToEnd(cleartextSig.data)).to.equal(plaintext); expect(cleartextSig.signatures).to.have.length(1); await expect(cleartextSig.signatures[0].verified).to.be.rejectedWith('Corresponding signature packet missing'); expect((await cleartextSig.signatures[0].signature).packets.length).to.equal(0); @@ -1422,7 +1422,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA return openpgp.sign({ privateKeys:[privKey], message: openpgp.message.fromBinary(plaintext) }).then(async function(signed) { const csMsg = await openpgp.message.readArmored(signed.data); - return openpgp.verify({ publicKeys:[pubKey], message:csMsg }); + return openpgp.verify({ publicKeys:[pubKey], message:csMsg, format: 'binary' }); }).then(async function(cleartextSig) { expect(cleartextSig).to.exist; @@ -1442,7 +1442,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA return openpgp.sign({ privateKeys:[privKey], message: openpgp.message.fromBinary(plaintext), armor:false }).then(async function(signed) { const csMsg = await openpgp.message.read(signed.data); - return openpgp.verify({ publicKeys:[pubKey], message:csMsg }); + return openpgp.verify({ publicKeys:[pubKey], message:csMsg, format: 'binary' }); }).then(function(cleartextSig) { expect(cleartextSig).to.exist; diff --git a/test/general/streaming.js b/test/general/streaming.js index e62289cc..267a2c0a 100644 --- a/test/general/streaming.js +++ b/test/general/streaming.js @@ -498,7 +498,8 @@ function tests() { const verified = await openpgp.verify({ publicKeys: pubKey, message, - streaming: expectedType + streaming: expectedType, + format: 'binary' }); expect(util.isStream(verified.data)).to.equal(expectedType); const reader = openpgp.stream.getReader(verified.data); @@ -649,7 +650,8 @@ function tests() { const message = await openpgp.message.readArmored(msgAsciiArmored); const verified = await openpgp.verify({ publicKeys: pubKey, - message + message, + format: 'binary' }); expect(util.isStream(verified.data)).to.equal(expectedType); const reader = openpgp.stream.getReader(verified.data); @@ -733,7 +735,8 @@ function tests() { const message = await openpgp.message.readArmored(msgAsciiArmored); const verified = await openpgp.verify({ publicKeys: pubKey, - message + message, + format: 'binary' }); expect(util.isStream(verified.data)).to.equal(expectedType); const reader = openpgp.stream.getReader(verified.data); @@ -766,7 +769,7 @@ function tests() { publicKeys: pubKey, message: openpgp.message.fromText('hello world') }); - expect(openpgp.util.decode_utf8(verified.data)).to.equal('hello world'); + expect(verified.data).to.equal('hello world'); expect(verified.signatures).to.exist.and.have.length(1); expect(verified.signatures[0].valid).to.be.true; }); @@ -794,7 +797,7 @@ function tests() { publicKeys: pubKey, message: openpgp.message.fromText('hello world') }); - expect(openpgp.util.decode_utf8(verified.data)).to.equal('hello world'); + expect(verified.data).to.equal('hello world'); expect(verified.signatures).to.exist.and.have.length(1); expect(verified.signatures[0].valid).to.be.true; }); @@ -825,7 +828,7 @@ function tests() { publicKeys: pub, message: openpgp.message.fromText('hello world') }); - expect(openpgp.util.decode_utf8(verified.data)).to.equal('hello world'); + expect(verified.data).to.equal('hello world'); expect(verified.signatures).to.exist.and.have.length(1); expect(verified.signatures[0].valid).to.be.true; }); @@ -856,7 +859,7 @@ function tests() { publicKeys: pub, message: openpgp.message.fromText('hello world') }); - expect(openpgp.util.decode_utf8(verified.data)).to.equal('hello world'); + expect(verified.data).to.equal('hello world'); expect(verified.signatures).to.exist.and.have.length(1); expect(verified.signatures[0].valid).to.be.true; });