Decrypt message with multiple keys in parallel

Don't keep the entire message in memory. This also fixes an unhandled promise rejection when the input stream contains an error (e.g. an armor checksum mismatch).
2019-07-19 16:33:35 +02:00 · 2019-07-19 16:33:35 +02:00 · 2a5ab75fca
commit 2a5ab75fca
parent 10cbd307c3
2 changed files with 7 additions and 7 deletions
--- a/src/message.js
+++ b/src/message.js
@ -115,22 +115,22 @@ Message.prototype.decrypt = async function(privateKeys, passwords, sessionKeys,

  const symEncryptedPacket = symEncryptedPacketlist[0];
  let exception = null;
-  for (let i = 0; i < keyObjs.length; i++) {
-    if (!keyObjs[i] || !util.isUint8Array(keyObjs[i].data) || !util.isString(keyObjs[i].algorithm)) {
+  const decryptedPromise = Promise.all(keyObjs.map(async keyObj => {
+    if (!keyObj || !util.isUint8Array(keyObj.data) || !util.isString(keyObj.algorithm)) {
      throw new Error('Invalid session key for decryption.');
    }

    try {
-      await symEncryptedPacket.decrypt(keyObjs[i].algorithm, keyObjs[i].data, streaming);
-      break;
+      await symEncryptedPacket.decrypt(keyObj.algorithm, keyObj.data, streaming);
    } catch (e) {
      util.print_debug_error(e);
      exception = e;
    }
-  }
+  }));
  // We don't await stream.cancel here because it only returns when the other copy is canceled too.
  stream.cancel(symEncryptedPacket.encrypted); // Don't keep copy of encrypted data in memory.
  symEncryptedPacket.encrypted = null;
+  await decryptedPromise;

  if (!symEncryptedPacket.packets || !symEncryptedPacket.packets.length) {
    throw exception || new Error('Decryption failed.');
--- a/src/packet/sym_encrypted_integrity_protected.js
+++ b/src/packet/sym_encrypted_integrity_protected.js
@ -109,8 +109,8 @@ SymEncryptedIntegrityProtected.prototype.encrypt = async function (sessionKeyAlg
 * @async
 */
 SymEncryptedIntegrityProtected.prototype.decrypt = async function (sessionKeyAlgorithm, key, streaming) {
-  if (!streaming) this.encrypted = await stream.readToEnd(this.encrypted);
-  const encrypted = stream.clone(this.encrypted);
+  let encrypted = stream.clone(this.encrypted);
+  if (!streaming) encrypted = await stream.readToEnd(encrypted);
  const decrypted = await crypto.cfb.decrypt(sessionKeyAlgorithm, key, encrypted, new Uint8Array(crypto.cipher[sessionKeyAlgorithm].blockSize));

  // there must be a modification detection code packet as the