add test for signing with multiple keys, align signature packet order with high-level API private key order

2018-02-07 18:16:54 -08:00 · 2018-02-07 18:16:54 -08:00 · 0f4d81bf2c
commit 0f4d81bf2c
parent a57d94072c
2 changed files with 35 additions and 2 deletions
--- a/src/message.js
+++ b/src/message.js
@ -396,7 +396,7 @@ Message.prototype.sign = async function(privateKeys=[], signature=null) {
    }
  }

-  await Promise.all(privateKeys.map(async function (privateKey, i) {
+  await Promise.all(Array.from(privateKeys).reverse().map(async function (privateKey, i) {
    if (privateKey.isPublic()) {
      throw new Error('Need private key for signing');
    }
@ -422,7 +422,7 @@ Message.prototype.sign = async function(privateKeys=[], signature=null) {

  packetlist.push(literalDataPacket);

-  await Promise.all(Array.from(privateKeys).reverse().map(async function(privateKey) {
+  await Promise.all(privateKeys.map(async function(privateKey) {
    var signaturePacket = new packet.Signature();
    var signingKeyPacket = privateKey.getSigningKeyPacket();
    if (!signingKeyPacket.isDecrypted) {
--- a/test/general/openpgp.js
+++ b/test/general/openpgp.js
@ -1015,6 +1015,39 @@ describe('OpenPGP.js public api tests', function() {
          });
        });

+        it('should encrypt and decrypt/verify both signatures when signed with two private keys', function() {
+          var privKeyDE = openpgp.key.readArmored(priv_key_de).keys[0];
+          privKeyDE.decrypt(passphrase);
+
+          var pubKeyDE = openpgp.key.readArmored(pub_key_de).keys[0];
+
+          var encOpt = {
+            data: plaintext,
+            publicKeys: publicKey.keys,
+            privateKeys: [privateKey.keys[0], privKeyDE]
+          };
+
+          var decOpt = {
+            privateKey: privateKey.keys[0],
+            publicKeys: [publicKey.keys[0], pubKeyDE]
+          };
+
+          return openpgp.encrypt(encOpt).then(function(encrypted) {
+            decOpt.message = openpgp.message.readArmored(encrypted.data);
+            return openpgp.decrypt(decOpt);
+          }).then(function(decrypted) {
+            expect(decrypted.data).to.equal(plaintext);
+            expect(decrypted.signatures[0].valid).to.be.true;
+            expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
+            expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
+            expect(decrypted.signatures[1].valid).to.be.true;
+            return privKeyDE.verifyPrimaryUser().then(() => {
+              expect(decrypted.signatures[1].keyid.toHex()).to.equal(privKeyDE.getSigningKeyPacket().getKeyId().toHex());
+              expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
+              });
+          });
+        });
+
        it('should sign and verify cleartext data', function() {
          var signOpt = {
            data: plaintext,