suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix #706 - if ignore_mdc_error is set to false then MDC is required for all symmetrically encrypted data

Browse Source
This commit is contained in:
Sanjana Rajan 2018-05-14 23:39:28 -07:00
parent 6efcce1069
commit 33d5b158f8
2 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/packet/symmetrically_encrypted.js
View File

@ -77,12 +77,9 @@ SymmetricallyEncrypted.prototype.write = function () {
*/
SymmetricallyEncrypted.prototype.decrypt = async function (sessionKeyAlgorithm, key) {
const decrypted = crypto.cfb.decrypt(sessionKeyAlgorithm, key, this.encrypted, true);
// for modern cipher (blocklength != 64 bit, except for Twofish) MDC is required
if (!this.ignore_mdc_error &&
(sessionKeyAlgorithm === 'aes128' ||
sessionKeyAlgorithm === 'aes192' ||
sessionKeyAlgorithm === 'aes256')) {
throw new Error('Decryption failed due to missing MDC in combination with modern cipher.');
// If MDC errors are not being ignored, all missing MDC packets in symmetrically encrypted data should throw an error
if (!this.ignore_mdc_error) {
throw new Error('Decryption failed due to missing MDC.');
}
this.packets.read(decrypted);

2
test/general/packet.js
View File

@ -96,7 +96,7 @@ describe("Packet", function() {
const msg2 = new openpgp.packet.List();
msg2.read(message.write());
await expect(msg2[0].decrypt(algo, key)).to.eventually.be.rejectedWith('Decryption failed due to missing MDC in combination with modern cipher.');
await expect(msg2[0].decrypt(algo, key)).to.eventually.be.rejectedWith('Decryption failed due to missing MDC.');
});
it('Sym. encrypted integrity protected packet', async function() {