Merge pull request #534 from openpgpjs/signature_input

Accept signature object as an input to encrypt function
2017-03-28 10:43:00 -07:00 · 2017-03-28 10:43:00 -07:00 · 62c24ed227
commit 62c24ed227
parent 69da0974ca 16c6d2f162
3 changed files with 187 additions and 14 deletions
--- a/src/message.js
+++ b/src/message.js
@ -292,10 +292,11 @@ export function encryptSessionKey(sessionKey, symAlgo, publicKeys, passwords) {

 /**
 * Sign the message (the literal data packet of the message)
- * @param  {Array<module:key~Key>} privateKey private keys with decrypted secret key data for signing
- * @return {module:message~Message}      new message with signed content
+ * @param  {Array<module:key~Key>}        privateKey private keys with decrypted secret key data for signing
+ * @param  {Signature} signature          (optional) any existing detached signature to add to the message
+ * @return {module:message~Message}       new message with signed content
 */
-Message.prototype.sign = function(privateKeys) {
+Message.prototype.sign = function(privateKeys=[], signature=null) {

  var packetlist = new packet.List();

@ -307,12 +308,30 @@ Message.prototype.sign = function(privateKeys) {
  var literalFormat = enums.write(enums.literal, literalDataPacket.format);
  var signatureType = literalFormat === enums.literal.binary ?
                      enums.signature.binary : enums.signature.text;
-  var i, signingKeyPacket;
+  var i, signingKeyPacket, existingSigPacketlist, onePassSig;
+
+  if (signature) {
+    existingSigPacketlist = signature.packets.filterByTag(enums.packet.signature);
+    if (existingSigPacketlist.length) {
+      for (i = existingSigPacketlist.length - 1; i >= 0; i--) {
+        var sigPacket = existingSigPacketlist[i];
+        onePassSig = new packet.OnePassSignature();
+        onePassSig.type = signatureType;
+        onePassSig.hashAlgorithm = config.prefer_hash_algorithm;
+        onePassSig.publicKeyAlgorithm = sigPacket.publicKeyAlgorithm;
+        onePassSig.signingKeyId = sigPacket.issuerKeyId;
+        if (!privateKeys.length && i === 0) {
+          onePassSig.flags = 1;
+        }
+        packetlist.push(onePassSig);
+      }
+    }
+  }
  for (i = 0; i < privateKeys.length; i++) {
    if (privateKeys[i].isPublic()) {
      throw new Error('Need private key for signing');
    }
-    var onePassSig = new packet.OnePassSignature();
+    onePassSig = new packet.OnePassSignature();
    onePassSig.type = signatureType;
    //TODO get preferred hashg algo from key signature
    onePassSig.hashAlgorithm = config.prefer_hash_algorithm;
@ -342,15 +361,20 @@ Message.prototype.sign = function(privateKeys) {
    packetlist.push(signaturePacket);
  }

+  if (signature) {
+    packetlist.concat(existingSigPacketlist);
+  }
+
  return new Message(packetlist);
 };

 /**
 * Create a detached signature for the message (the literal data packet of the message)
- * @param  {Array<module:key~Key>} privateKey private keys with decrypted secret key data for signing
+ * @param  {Array<module:key~Key>}           privateKey private keys with decrypted secret key data for signing
+ * @param  {Signature} signature             (optional) any existing detached signature
 * @return {module:signature~Signature}      new detached signature of message content
 */
-Message.prototype.signDetached = function(privateKeys) {
+Message.prototype.signDetached = function(privateKeys=[], signature=null) {

  var packetlist = new packet.List();

@ -375,6 +399,10 @@ Message.prototype.signDetached = function(privateKeys) {
    signaturePacket.sign(signingKeyPacket, literalDataPacket);
    packetlist.push(signaturePacket);
  }
+  if (signature) {
+    var existingSigPacketlist = signature.packets.filterByTag(enums.packet.signature);
+    packetlist.concat(existingSigPacketlist);
+  }

  return new sigModule.Signature(packetlist);
 };
--- a/src/openpgp.js
+++ b/src/openpgp.js
@ -180,31 +180,35 @@ export function decryptKey({ privateKey, passphrase }) {
 * @param  {String} filename                  (optional) a filename for the literal data packet
 * @param  {Boolean} armor                    (optional) if the return values should be ascii armored or the message/signature objects
 * @param  {Boolean} detached                 (optional) if the signature should be detached (if true, signature will be added to returned object)
+ * @param  {Signature} signature              (optional) a detached signature to add to the encrypted message
 * @return {Promise<Object>}                  encrypted (and optionally signed message) in the form:
 *                                              {data: ASCII armored message if 'armor' is true,
 *                                                message: full Message object if 'armor' is false, signature: detached signature if 'detached' is true}
 * @static
 */
-export function encrypt({ data, publicKeys, privateKeys, passwords, filename, armor=true, detached=false }) {
+export function encrypt({ data, publicKeys, privateKeys, passwords, filename, armor=true, detached=false, signature=null }) {
  checkData(data); publicKeys = toArray(publicKeys); privateKeys = toArray(privateKeys); passwords = toArray(passwords);

  if (!nativeAEAD() && asyncProxy) { // use web worker if web crypto apis are not supported
-    return asyncProxy.delegate('encrypt', { data, publicKeys, privateKeys, passwords, filename, armor, detached });
+    return asyncProxy.delegate('encrypt', { data, publicKeys, privateKeys, passwords, filename, armor, detached, signature });
  }
  var result = {};
  return Promise.resolve().then(() => {

    let message = createMessage(data, filename);
-    if (privateKeys) { // sign the message only if private keys are specified
+    if (!privateKeys) {
+      privateKeys = [];
+    }
+    if (privateKeys.length || signature) { // sign the message only if private keys or signature is specified
      if (detached) {
-        var signature = message.signDetached(privateKeys);
+        var detachedSignature = message.signDetached(privateKeys, signature);
        if (armor) {
-          result.signature = signature.armor();
+          result.signature = detachedSignature.armor();
        } else {
-          result.signature = signature;
+          result.signature = detachedSignature;
        }
      } else {
-        message = message.sign(privateKeys);
+        message = message.sign(privateKeys, signature);
      }
    }
    return message.encrypt(publicKeys, passwords);
--- a/test/general/openpgp.js
+++ b/test/general/openpgp.js
@ -689,6 +689,147 @@ describe('OpenPGP.js public api tests', function() {
          });
        });

+        it('should encrypt and decrypt/verify with detached signature input and detached flag set for encryption', function(done) {
+          var signOpt = {
+            data: plaintext,
+            privateKeys: privateKey.keys[0],
+            detached: true
+          };
+
+          var encOpt = {
+            data: plaintext,
+            publicKeys: publicKey.keys,
+            detached: true
+          };
+
+          var decOpt = {
+            privateKey: privateKey.keys[0],
+            publicKeys: publicKey.keys[0]
+          };
+
+          openpgp.sign(signOpt).then(function(signed) {
+            encOpt.signature = openpgp.signature.readArmored(signed.signature);
+            return openpgp.encrypt(encOpt);
+          }).then(function(encrypted) {
+            decOpt.message = openpgp.message.readArmored(encrypted.data);
+            decOpt.signature = openpgp.signature.readArmored(encrypted.signature);
+            return openpgp.decrypt(decOpt);
+          }).then(function(decrypted) {
+            expect(decrypted.data).to.equal(plaintext);
+            expect(decrypted.signatures[0].valid).to.be.true;
+            expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
+            expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
+            done();
+          });
+        });
+
+        it('should encrypt and decrypt/verify with detached signature as input and detached flag not set for encryption', function(done) {
+          var privKeyDE = openpgp.key.readArmored(priv_key_de).keys[0];
+          privKeyDE.decrypt(passphrase);
+
+          var pubKeyDE = openpgp.key.readArmored(pub_key_de).keys[0];
+
+          var signOpt = {
+            data: plaintext,
+            privateKeys: privKeyDE,
+            detached: true
+          };
+
+          var encOpt = {
+            data: plaintext,
+            publicKeys: publicKey.keys,
+            privateKeys: privateKey.keys[0]
+          };
+
+          var decOpt = {
+            privateKey: privateKey.keys[0],
+            publicKeys: [publicKey.keys[0], pubKeyDE]
+          };
+
+          openpgp.sign(signOpt).then(function(signed) {
+            encOpt.signature = openpgp.signature.readArmored(signed.signature);
+            return openpgp.encrypt(encOpt);
+          }).then(function(encrypted) {
+            decOpt.message = openpgp.message.readArmored(encrypted.data);
+            return openpgp.decrypt(decOpt);
+          }).then(function(decrypted) {
+            expect(decrypted.data).to.equal(plaintext);
+            expect(decrypted.signatures[0].valid).to.be.true;
+            expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
+            expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
+            expect(decrypted.signatures[1].valid).to.be.true;
+            expect(decrypted.signatures[1].keyid.toHex()).to.equal(privKeyDE.getSigningKeyPacket().getKeyId().toHex());
+            expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
+            done();
+          });
+        });
+
+        it('should fail to encrypt and decrypt/verify with detached signature input and detached flag set for encryption with wrong public key', function(done) {
+          var signOpt = {
+            data: plaintext,
+            privateKeys: privateKey.keys,
+            detached: true
+          };
+
+          var encOpt = {
+            data: plaintext,
+            publicKeys: publicKey.keys,
+            detached: true
+          };
+
+          var decOpt = {
+            privateKey: privateKey.keys[0],
+            publicKeys: openpgp.key.readArmored(wrong_pubkey).keys
+          };
+
+          openpgp.sign(signOpt).then(function(signed) {
+            encOpt.signature = openpgp.signature.readArmored(signed.signature);
+            return openpgp.encrypt(encOpt);
+          }).then(function(encrypted) {
+            decOpt.message = openpgp.message.readArmored(encrypted.data);
+            decOpt.signature = openpgp.signature.readArmored(encrypted.signature);
+            return openpgp.decrypt(decOpt);
+          }).then(function(decrypted) {
+            expect(decrypted.data).to.equal(plaintext);
+            expect(decrypted.signatures[0].valid).to.be.null;
+            expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
+            expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
+            done();
+          });
+        });
+
+        it('should fail to encrypt and decrypt/verify with detached signature as input and detached flag not set for encryption with wrong public key', function(done) {
+          var signOpt = {
+            data: plaintext,
+            privateKeys: privateKey.keys,
+            detached: true
+          };
+
+          var encOpt = {
+            data: plaintext,
+            publicKeys: publicKey.keys
+          };
+
+          var decOpt = {
+            privateKey: privateKey.keys[0],
+            publicKeys: openpgp.key.readArmored(wrong_pubkey).keys
+          };
+
+          openpgp.sign(signOpt).then(function(signed) {
+            encOpt.signature = openpgp.signature.readArmored(signed.signature);
+            return openpgp.encrypt(encOpt);
+          }).then(function(encrypted) {
+            decOpt.message = openpgp.message.readArmored(encrypted.data);
+            return openpgp.decrypt(decOpt);
+          }).then(function(decrypted) {
+            expect(decrypted.data).to.equal(plaintext);
+            expect(decrypted.signatures[0].valid).to.be.null;
+            expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
+            expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
+            done();
+          });
+        });
+
        it('should fail to verify decrypted data with wrong public pgp key', function(done) {
          var encOpt = {
            data: plaintext,