suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OP-01-007 Algorithm Preferences ignored upon Encryption (Low)

Browse Source
This commit is contained in:
Thomas Oberndörfer 2014-03-18 17:45:15 +01:00
parent 9f23c6a891
commit 22e4540ed9
3 changed files with 64 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/key.js
View File

@ -939,6 +939,40 @@ function generate(keyType, numBits, userId, passphrase) {
return new Key(packetlist); return new Key(packetlist);
} }
/**
* Returns the preferred symmetric algorithm for a set of keys
* @param {Array<module:key~Key>} keys Set of keys
* @return {enums.symmetric} Preferred symmetric algorithm
*/
function getPreferredSymAlgo(keys) {
var prioMap = {};
for (var i = 0; i < keys.length; i++) {
var primaryUser = keys[i].getPrimaryUser();
if (!primaryUser || !primaryUser.selfCertificate.preferredSymmetricAlgorithms) {
return config.encryption_cipher;
}
primaryUser.selfCertificate.preferredSymmetricAlgorithms.forEach(function(algo, index) {
var entry = prioMap[algo] || (prioMap[algo] = {prio: 0, count: 0, algo: algo});
entry.prio += 64 >> index;
entry.count++;
});
}
var prefAlgo = {prio: 0, algo: config.encryption_cipher};
for (var algo in prioMap) {
try {
if (algo !== enums.symmetric.plaintext &&
algo !== enums.symmetric.idea && // not implemented
enums.read(enums.symmetric, algo) && // known algorithm
prioMap[algo].count === keys.length && // available for all keys
prioMap[algo].prio > prefAlgo.prio) {
prefAlgo = prioMap[algo];
}
} catch (e) {}
}
return prefAlgo.algo;
}
exports.Key = Key; exports.Key = Key;
exports.readArmored = readArmored; exports.readArmored = readArmored;
exports.generate = generate; exports.generate = generate;
exports.getPreferredSymAlgo = getPreferredSymAlgo;

13
src/message.js
View File

@ -28,7 +28,8 @@ var packet = require('./packet'),
enums = require('./enums.js'), enums = require('./enums.js'),
armor = require('./encoding/armor.js'), armor = require('./encoding/armor.js'),
config = require('./config'), config = require('./config'),
crypto = require('./crypto'); crypto = require('./crypto'),
keyModule = require('./key.js');
/** /**
* @class * @class
@ -144,8 +145,8 @@ Message.prototype.getText = function() {
*/ */
Message.prototype.encrypt = function(keys) { Message.prototype.encrypt = function(keys) {
var packetlist = new packet.List(); var packetlist = new packet.List();
//TODO get preferred algo from signature var symAlgo = keyModule.getPreferredSymAlgo(keys);
var sessionKey = crypto.generateSessionKey(enums.read(enums.symmetric, config.encryption_cipher)); var sessionKey = crypto.generateSessionKey(enums.read(enums.symmetric, symAlgo));
keys.forEach(function(key) { keys.forEach(function(key) {
var encryptionKeyPacket = key.getEncryptionKeyPacket(); var encryptionKeyPacket = key.getEncryptionKeyPacket();
if (encryptionKeyPacket) { if (encryptionKeyPacket) {
@ -153,8 +154,7 @@ Message.prototype.encrypt = function(keys) {
pkESKeyPacket.publicKeyId = encryptionKeyPacket.getKeyId(); pkESKeyPacket.publicKeyId = encryptionKeyPacket.getKeyId();
pkESKeyPacket.publicKeyAlgorithm = encryptionKeyPacket.algorithm; pkESKeyPacket.publicKeyAlgorithm = encryptionKeyPacket.algorithm;
pkESKeyPacket.sessionKey = sessionKey; pkESKeyPacket.sessionKey = sessionKey;
//TODO get preferred algo from signature pkESKeyPacket.sessionKeyAlgorithm = enums.read(enums.symmetric, symAlgo);
pkESKeyPacket.sessionKeyAlgorithm = enums.read(enums.symmetric, config.encryption_cipher);
pkESKeyPacket.encrypt(encryptionKeyPacket); pkESKeyPacket.encrypt(encryptionKeyPacket);
packetlist.push(pkESKeyPacket); packetlist.push(pkESKeyPacket);
} else { } else {
@ -168,8 +168,7 @@ Message.prototype.encrypt = function(keys) {
symEncryptedPacket = new packet.SymmetricallyEncrypted(); symEncryptedPacket = new packet.SymmetricallyEncrypted();
} }
symEncryptedPacket.packets = this.packets; symEncryptedPacket.packets = this.packets;
//TODO get preferred algo from signature symEncryptedPacket.encrypt(enums.read(enums.symmetric, symAlgo), sessionKey);
symEncryptedPacket.encrypt(enums.read(enums.symmetric, config.encryption_cipher), sessionKey);
packetlist.push(symEncryptedPacket); packetlist.push(symEncryptedPacket);
// remove packets after encryption // remove packets after encryption
symEncryptedPacket.packets = new packet.List(); symEncryptedPacket.packets = new packet.List();

24
test/general/key.js
View File

@ -454,5 +454,29 @@ describe('Key', function() {
expect(dest.update.bind(dest, source)).to.throw('Cannot update public key with private key if subkey mismatch'); expect(dest.update.bind(dest, source)).to.throw('Cannot update public key with private key if subkey mismatch');
}); });
it('getPreferredSymAlgo() - one key - AES256', function() {
var key1 = openpgp.key.readArmored(twoKeys).keys[0];
var prefAlgo = openpgp.key.getPreferredSymAlgo([key1]);
expect(prefAlgo).to.equal(openpgp.enums.symmetric.aes256);
});
it('getPreferredSymAlgo() - two key - AES192', function() {
var keys = openpgp.key.readArmored(twoKeys).keys;
var key1 = keys[0];
var key2 = keys[1];
key2.getPrimaryUser().selfCertificate.preferredSymmetricAlgorithms = [6,8,3];
var prefAlgo = openpgp.key.getPreferredSymAlgo([key1, key2]);
expect(prefAlgo).to.equal(openpgp.enums.symmetric.aes192);
});
it('getPreferredSymAlgo() - two key - one without pref', function() {
var keys = openpgp.key.readArmored(twoKeys).keys;
var key1 = keys[0];
var key2 = keys[1];
key2.getPrimaryUser().selfCertificate.preferredSymmetricAlgorithms = null;
var prefAlgo = openpgp.key.getPreferredSymAlgo([key1, key2]);
expect(prefAlgo).to.equal(openpgp.config.encryption_cipher);
});
}); });