diff --git a/src/message.js b/src/message.js index 8580fd36..c415e195 100644 --- a/src/message.js +++ b/src/message.js @@ -292,10 +292,11 @@ export function encryptSessionKey(sessionKey, symAlgo, publicKeys, passwords) { /** * Sign the message (the literal data packet of the message) - * @param {Array} privateKey private keys with decrypted secret key data for signing - * @return {module:message~Message} new message with signed content + * @param {Array} privateKey private keys with decrypted secret key data for signing + * @param {Signature} signature (optional) any existing detached signature to add to the message + * @return {module:message~Message} new message with signed content */ -Message.prototype.sign = function(privateKeys) { +Message.prototype.sign = function(privateKeys=[], signature=null) { var packetlist = new packet.List(); @@ -307,12 +308,30 @@ Message.prototype.sign = function(privateKeys) { var literalFormat = enums.write(enums.literal, literalDataPacket.format); var signatureType = literalFormat === enums.literal.binary ? enums.signature.binary : enums.signature.text; - var i, signingKeyPacket; + var i, signingKeyPacket, existingSigPacketlist, onePassSig; + + if (signature) { + existingSigPacketlist = signature.packets.filterByTag(enums.packet.signature); + if (existingSigPacketlist.length) { + for (i = existingSigPacketlist.length - 1; i >= 0; i--) { + var sigPacket = existingSigPacketlist[i]; + onePassSig = new packet.OnePassSignature(); + onePassSig.type = signatureType; + onePassSig.hashAlgorithm = config.prefer_hash_algorithm; + onePassSig.publicKeyAlgorithm = sigPacket.publicKeyAlgorithm; + onePassSig.signingKeyId = sigPacket.issuerKeyId; + if (!privateKeys.length && i === 0) { + onePassSig.flags = 1; + } + packetlist.push(onePassSig); + } + } + } for (i = 0; i < privateKeys.length; i++) { if (privateKeys[i].isPublic()) { throw new Error('Need private key for signing'); } - var onePassSig = new packet.OnePassSignature(); + onePassSig = new packet.OnePassSignature(); onePassSig.type = signatureType; //TODO get preferred hashg algo from key signature onePassSig.hashAlgorithm = config.prefer_hash_algorithm; @@ -342,15 +361,20 @@ Message.prototype.sign = function(privateKeys) { packetlist.push(signaturePacket); } + if (signature) { + packetlist.concat(existingSigPacketlist); + } + return new Message(packetlist); }; /** * Create a detached signature for the message (the literal data packet of the message) - * @param {Array} privateKey private keys with decrypted secret key data for signing + * @param {Array} privateKey private keys with decrypted secret key data for signing + * @param {Signature} signature (optional) any existing detached signature * @return {module:signature~Signature} new detached signature of message content */ -Message.prototype.signDetached = function(privateKeys) { +Message.prototype.signDetached = function(privateKeys=[], signature=null) { var packetlist = new packet.List(); @@ -375,6 +399,10 @@ Message.prototype.signDetached = function(privateKeys) { signaturePacket.sign(signingKeyPacket, literalDataPacket); packetlist.push(signaturePacket); } + if (signature) { + var existingSigPacketlist = signature.packets.filterByTag(enums.packet.signature); + packetlist.concat(existingSigPacketlist); + } return new sigModule.Signature(packetlist); }; diff --git a/src/openpgp.js b/src/openpgp.js index e3ad9404..c2181519 100644 --- a/src/openpgp.js +++ b/src/openpgp.js @@ -180,31 +180,35 @@ export function decryptKey({ privateKey, passphrase }) { * @param {String} filename (optional) a filename for the literal data packet * @param {Boolean} armor (optional) if the return values should be ascii armored or the message/signature objects * @param {Boolean} detached (optional) if the signature should be detached (if true, signature will be added to returned object) + * @param {Signature} signature (optional) a detached signature to add to the encrypted message * @return {Promise} encrypted (and optionally signed message) in the form: * {data: ASCII armored message if 'armor' is true, * message: full Message object if 'armor' is false, signature: detached signature if 'detached' is true} * @static */ -export function encrypt({ data, publicKeys, privateKeys, passwords, filename, armor=true, detached=false }) { +export function encrypt({ data, publicKeys, privateKeys, passwords, filename, armor=true, detached=false, signature=null }) { checkData(data); publicKeys = toArray(publicKeys); privateKeys = toArray(privateKeys); passwords = toArray(passwords); if (!nativeAEAD() && asyncProxy) { // use web worker if web crypto apis are not supported - return asyncProxy.delegate('encrypt', { data, publicKeys, privateKeys, passwords, filename, armor, detached }); + return asyncProxy.delegate('encrypt', { data, publicKeys, privateKeys, passwords, filename, armor, detached, signature }); } var result = {}; return Promise.resolve().then(() => { let message = createMessage(data, filename); - if (privateKeys) { // sign the message only if private keys are specified + if (!privateKeys) { + privateKeys = []; + } + if (privateKeys.length || signature) { // sign the message only if private keys or signature is specified if (detached) { - var signature = message.signDetached(privateKeys); + var detachedSignature = message.signDetached(privateKeys, signature); if (armor) { - result.signature = signature.armor(); + result.signature = detachedSignature.armor(); } else { - result.signature = signature; + result.signature = detachedSignature; } } else { - message = message.sign(privateKeys); + message = message.sign(privateKeys, signature); } } return message.encrypt(publicKeys, passwords); diff --git a/test/general/openpgp.js b/test/general/openpgp.js index ac3fd50d..01295fe6 100644 --- a/test/general/openpgp.js +++ b/test/general/openpgp.js @@ -689,6 +689,147 @@ describe('OpenPGP.js public api tests', function() { }); }); + it('should encrypt and decrypt/verify with detached signature input and detached flag set for encryption', function(done) { + var signOpt = { + data: plaintext, + privateKeys: privateKey.keys[0], + detached: true + }; + + var encOpt = { + data: plaintext, + publicKeys: publicKey.keys, + detached: true + }; + + var decOpt = { + privateKey: privateKey.keys[0], + publicKeys: publicKey.keys[0] + }; + + openpgp.sign(signOpt).then(function(signed) { + encOpt.signature = openpgp.signature.readArmored(signed.signature); + return openpgp.encrypt(encOpt); + }).then(function(encrypted) { + decOpt.message = openpgp.message.readArmored(encrypted.data); + decOpt.signature = openpgp.signature.readArmored(encrypted.signature); + return openpgp.decrypt(decOpt); + }).then(function(decrypted) { + expect(decrypted.data).to.equal(plaintext); + expect(decrypted.signatures[0].valid).to.be.true; + expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex()); + expect(decrypted.signatures[0].signature.packets.length).to.equal(1); + done(); + }); + }); + + it('should encrypt and decrypt/verify with detached signature as input and detached flag not set for encryption', function(done) { + var privKeyDE = openpgp.key.readArmored(priv_key_de).keys[0]; + privKeyDE.decrypt(passphrase); + + var pubKeyDE = openpgp.key.readArmored(pub_key_de).keys[0]; + + var signOpt = { + data: plaintext, + privateKeys: privKeyDE, + detached: true + }; + + var encOpt = { + data: plaintext, + publicKeys: publicKey.keys, + privateKeys: privateKey.keys[0] + }; + + var decOpt = { + privateKey: privateKey.keys[0], + publicKeys: [publicKey.keys[0], pubKeyDE] + }; + + openpgp.sign(signOpt).then(function(signed) { + encOpt.signature = openpgp.signature.readArmored(signed.signature); + return openpgp.encrypt(encOpt); + }).then(function(encrypted) { + decOpt.message = openpgp.message.readArmored(encrypted.data); + return openpgp.decrypt(decOpt); + }).then(function(decrypted) { + expect(decrypted.data).to.equal(plaintext); + expect(decrypted.signatures[0].valid).to.be.true; + expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex()); + expect(decrypted.signatures[0].signature.packets.length).to.equal(1); + expect(decrypted.signatures[1].valid).to.be.true; + expect(decrypted.signatures[1].keyid.toHex()).to.equal(privKeyDE.getSigningKeyPacket().getKeyId().toHex()); + expect(decrypted.signatures[1].signature.packets.length).to.equal(1); + done(); + }); + }); + + it('should fail to encrypt and decrypt/verify with detached signature input and detached flag set for encryption with wrong public key', function(done) { + var signOpt = { + data: plaintext, + privateKeys: privateKey.keys, + detached: true + }; + + var encOpt = { + data: plaintext, + publicKeys: publicKey.keys, + detached: true + }; + + var decOpt = { + privateKey: privateKey.keys[0], + publicKeys: openpgp.key.readArmored(wrong_pubkey).keys + }; + + openpgp.sign(signOpt).then(function(signed) { + encOpt.signature = openpgp.signature.readArmored(signed.signature); + return openpgp.encrypt(encOpt); + }).then(function(encrypted) { + decOpt.message = openpgp.message.readArmored(encrypted.data); + decOpt.signature = openpgp.signature.readArmored(encrypted.signature); + return openpgp.decrypt(decOpt); + }).then(function(decrypted) { + expect(decrypted.data).to.equal(plaintext); + expect(decrypted.signatures[0].valid).to.be.null; + expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex()); + expect(decrypted.signatures[0].signature.packets.length).to.equal(1); + done(); + }); + }); + + it('should fail to encrypt and decrypt/verify with detached signature as input and detached flag not set for encryption with wrong public key', function(done) { + var signOpt = { + data: plaintext, + privateKeys: privateKey.keys, + detached: true + }; + + var encOpt = { + data: plaintext, + publicKeys: publicKey.keys + }; + + var decOpt = { + privateKey: privateKey.keys[0], + publicKeys: openpgp.key.readArmored(wrong_pubkey).keys + }; + + openpgp.sign(signOpt).then(function(signed) { + encOpt.signature = openpgp.signature.readArmored(signed.signature); + return openpgp.encrypt(encOpt); + }).then(function(encrypted) { + decOpt.message = openpgp.message.readArmored(encrypted.data); + return openpgp.decrypt(decOpt); + }).then(function(decrypted) { + expect(decrypted.data).to.equal(plaintext); + expect(decrypted.signatures[0].valid).to.be.null; + expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex()); + expect(decrypted.signatures[0].signature.packets.length).to.equal(1); + done(); + }); + }); + it('should fail to verify decrypted data with wrong public pgp key', function(done) { var encOpt = { data: plaintext,