do not echo data back to caller for detached signing

2017-12-05 11:44:01 -08:00 · 2017-12-05 11:44:01 -08:00 · 81a59b76b1
commit 81a59b76b1
parent 2ffa221b21
2 changed files with 8 additions and 8 deletions
--- a/src/openpgp.js
+++ b/src/openpgp.js
@ -314,13 +314,13 @@ export function sign({ data, privateKeys, armor=true, detached=false}) {
      }
    } else {
      message = message.sign(privateKeys);
+      if (armor) {
+        result.data = message.armor();
+      } else {
+        result.message = message;
+      }
    }

-    if (armor) {
-      result.data = message.armor();
-    } else {
-      result.message = message;
-    }
    return result;

  }, 'Error signing cleartext message');
--- a/test/general/openpgp.js
+++ b/test/general/openpgp.js
@ -969,7 +969,7 @@ describe('OpenPGP.js public api tests', function() {
            publicKeys: publicKey.keys
          };
          return openpgp.sign(signOpt).then(function(signed) {
-            verifyOpt.message = openpgp.cleartext.readArmored(signed.data);
+            verifyOpt.message = new openpgp.cleartext.CleartextMessage(plaintext);
            verifyOpt.signature = openpgp.signature.readArmored(signed.signature);
            return openpgp.verify(verifyOpt);
          }).then(function(verified) {
@ -1009,7 +1009,7 @@ describe('OpenPGP.js public api tests', function() {
            publicKeys: openpgp.key.readArmored(wrong_pubkey).keys
          };
          return openpgp.sign(signOpt).then(function(signed) {
-            verifyOpt.message = openpgp.cleartext.readArmored(signed.data);
+            verifyOpt.message = new openpgp.cleartext.CleartextMessage(plaintext);
            verifyOpt.signature = openpgp.signature.readArmored(signed.signature);
            return openpgp.verify(verifyOpt);
          }).then(function(verified) {
@ -1051,7 +1051,7 @@ describe('OpenPGP.js public api tests', function() {
            publicKeys: publicKey.keys
          };
          return openpgp.sign(signOpt).then(function(signed) {
-            verifyOpt.message = signed.message;
+            verifyOpt.message = new openpgp.cleartext.CleartextMessage(plaintext);
            verifyOpt.signature = signed.signature;
            return openpgp.verify(verifyOpt);
          }).then(function(verified) {