suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix decryption with multiple passwords

Browse Source
This commit is contained in:
Daniel Huigens 2018-10-26 15:21:17 +02:00
parent 09def1208d
commit 13c29b1fc9
2 changed files with 29 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/message.js
View File

@ -158,8 +158,15 @@ Message.prototype.decryptSessionKeys = async function(privateKeys, passwords) {
if (!symESKeyPacketlist) {
throw new Error('No symmetrically encrypted session key packet found.');
}
await Promise.all(symESKeyPacketlist.map(async function(keyPacket) {
await Promise.all(passwords.map(async function(password) {
await Promise.all(passwords.map(async function(password, i) {
let packets;
if (i) {
packets = new packet.List();
await packets.read(symESKeyPacketlist.write());
} else {
packets = symESKeyPacketlist;
}
await Promise.all(packets.map(async function(keyPacket) {
try {
await keyPacket.decrypt(password);
keyPackets.push(keyPacket);
@ -167,8 +174,6 @@ Message.prototype.decryptSessionKeys = async function(privateKeys, passwords) {
util.print_debug_error(err);
}
}));
stream.cancel(keyPacket.encrypted); // Don't keep copy of encrypted data in memory.
keyPacket.encrypted = null;
}));
} else if (privateKeys) {
const pkESKeyPacketlist = this.packets.filterByTag(enums.packet.publicKeyEncryptedSessionKey);

33
test/general/openpgp.js
View File

@ -1668,18 +1668,6 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
});
});
it('should decrypt with two passwords message which GPG fails on', async function () {
const decOpt = {
message: await openpgp.message.readArmored(twoPasswordGPGFail),
passwords: password2
};
return openpgp.decrypt(decOpt).then(function (decrypted) {
expect(decrypted.data).to.equal('short message\nnext line\n한국어/조선말');
expect(decrypted.signatures.length).to.equal(0);
});
});
it('should encrypt and decrypt with password and not ascii armor', function () {
const encOpt = {
message: openpgp.message.fromText(plaintext),
@ -1776,7 +1764,7 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
}
describe('AES / RSA sign, verify', function() {
describe('AES / RSA encrypt, decrypt, sign, verify', function() {
const wrong_pubkey = '-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n' +
'Version: OpenPGP.js v0.9.0\r\n' +
'Comment: Hoodiecrow - https://hoodiecrow.com\r\n' +
@ -2248,6 +2236,25 @@ describe('[Sauce Labs Group 2] OpenPGP.js public api tests', function() {
});
});
it('should decrypt with two passwords message which GPG fails on', async function() {
const decOpt = {
message: await openpgp.message.readArmored(twoPasswordGPGFail),
passwords: password2
};
return openpgp.decrypt(decOpt).then(function(decrypted) {
expect(decrypted.data).to.equal('short message\nnext line\n한국어/조선말');
expect(decrypted.signatures.length).to.equal(0);
});
});
it('should decrypt with three passwords', async function() {
const messageBinary = openpgp.util.b64_to_Uint8Array('wy4ECQMIElIx/jiwJV9gp/MZ/ElZwUfHrzOBfOtM8VmgDy76F7eSGWH26tAlx3WI0kMBZv6Tlc1Y6baaZ6MEcOLTG/C7uzHH7KMfuQFd3fcMaVcDawk9EEy/CybiGBE+acT6id2pemHQy6Nk76d9UUTFubcB');
const message = await openpgp.message.read(messageBinary);
const passwords = ['Test', 'Pinata', 'a'];
const decrypted = await openpgp.decrypt({ message, passwords });
expect(decrypted.data).to.equal('Hello world');
});
});
describe('Errors', function() {