suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #660 from openpgpjs/bug/subkey-revocations

Browse Source 
Renovates revocationSignature handling, removes hacks around getPrimaryUser
This commit is contained in:
Sanjana Rajan 2018-03-08 10:44:53 +01:00 committed by GitHub
commit 843d94fd60
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 813 additions and 830 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/cleartext.js
View File

@ -155,8 +155,7 @@ export function readArmored(armoredText) {
packetlist.read(input.data);
verifyHeaders(input.headers, packetlist);
const signature = new Signature(packetlist);
const newMessage = new CleartextMessage(input.text, signature);
return newMessage;
return new CleartextMessage(input.text, signature);
}
/**

2
src/config/config.js
View File

@ -53,6 +53,8 @@ export default {
* @property {Boolean} password_collision_check
*/
password_collision_check: false,
/** @property {Boolean} revocations_expire If true, expired revocation signatures are ignored */
revocations_expire: false,
/** @property {Boolean} use_native Use native Node.js crypto/zlib and WebCrypto APIs when available */
use_native: true,

7
src/crypto/public_key/elliptic/key.js
View File

@ -234,13 +234,6 @@ const ECDSASignature = nodeCrypto ?
);
}) : undefined;
const ECParameters = nodeCrypto ?
asn1.define('ECParameters', function() {
this.choice({
namedCurve: this.objid()
});
}) : undefined;
const ECPrivateKey = nodeCrypto ?
asn1.define('ECPrivateKey', function() {
this.seq().obj(

904
src/key.js
View File

File diff suppressed because it is too large Load Diff

2
src/keyring/keyring.js
View File

@ -161,7 +161,7 @@ KeyArray.prototype.getForId = function (keyId, deep) {
if (keyIdCheck(keyId, this.keys[i].primaryKey)) {
return this.keys[i];
}
if (deep && this.keys[i].subKeys) {
if (deep && this.keys[i].subKeys.length) {
for (let j = 0; j < this.keys[i].subKeys.length; j++) {
if (keyIdCheck(keyId, this.keys[i].subKeys[j].subKey)) {
return this.keys[i];

55
src/message.js
View File

@ -138,7 +138,8 @@ Message.prototype.decrypt = async function(privateKeys, passwords, sessionKeys)
* Decrypt encrypted session keys either with private keys or passwords.
* @param {Array<Key>} privateKeys (optional) private keys with decrypted secret data
* @param {Array<String>} passwords (optional) passwords used to decrypt
* @returns {Promise{Array<{ data:Uint8Array, algorithm:String }>}} array of object with potential sessionKey, algorithm pairs
* @returns {Promise<Array<{ data: Uint8Array,
algorithm: String }>>} array of object with potential sessionKey, algorithm pairs
*/
Message.prototype.decryptSessionKeys = async function(privateKeys, passwords) {
let keyPackets = [];
@ -148,24 +149,24 @@ Message.prototype.decryptSessionKeys = async function(privateKeys, passwords) {
if (!symESKeyPacketlist) {
throw new Error('No symmetrically encrypted session key packet found.');
}
await Promise.all(symESKeyPacketlist.map(async function(packet) {
await Promise.all(symESKeyPacketlist.map(async function(keyPacket) {
await Promise.all(passwords.map(async function(password) {
try {
await packet.decrypt(password);
keyPackets.push(packet);
await keyPacket.decrypt(password);
keyPackets.push(keyPacket);
} catch (err) {}
}));
}));
} else if (privateKeys) {
const pkESKeyPacketlist = this.packets.filterByTag(enums.packet.publicKeyEncryptedSessionKey);
if (!pkESKeyPacketlist) {
throw new Error('No public key encrypted session key packet found.');
}
await Promise.all(pkESKeyPacketlist.map(async function(packet) {
await Promise.all(pkESKeyPacketlist.map(async function(keyPacket) {
// TODO improve this
const privateKeyPackets = privateKeys.reduce(function(acc, privateKey) {
return acc.concat(privateKey.getKeyPackets(packet.publicKeyId));
}, []);
return acc.concat(privateKey.getKeyPackets(keyPacket.publicKeyId));
}, new packet.List());
await Promise.all(privateKeyPackets.map(async function(privateKeyPacket) {
if (!privateKeyPacket) {
return;
@ -174,8 +175,8 @@ Message.prototype.decryptSessionKeys = async function(privateKeys, passwords) {
throw new Error('Private key is not decrypted.');
}
try {
await packet.decrypt(privateKeyPacket);
keyPackets.push(packet);
await keyPacket.decrypt(privateKeyPacket);
keyPackets.push(keyPacket);
} catch (err) {}
}));
}));
@ -252,7 +253,7 @@ Message.prototype.encrypt = async function(keys, passwords, sessionKey, wildcard
symAlgo = sessionKey.algorithm;
sessionKey = sessionKey.data;
} else if (keys && keys.length) {
symAlgo = enums.read(enums.symmetric, getPreferredSymAlgo(keys));
symAlgo = enums.read(enums.symmetric, await getPreferredSymAlgo(keys));
} else if (passwords && passwords.length) {
symAlgo = enums.read(enums.symmetric, config.encryption_cipher);
} else {
@ -301,11 +302,11 @@ export async function encryptSessionKey(sessionKey, symAlgo, publicKeys, passwor
const packetlist = new packet.List();
if (publicKeys) {
const results = await Promise.all(publicKeys.map(async function(key) {
await key.verifyPrimaryUser();
const encryptionKeyPacket = key.getEncryptionKeyPacket(undefined, date);
const results = await Promise.all(publicKeys.map(async function(publicKey) {
const encryptionKeyPacket = await publicKey.getEncryptionKeyPacket(undefined, date);
if (!encryptionKeyPacket) {
throw new Error('Could not find valid key packet for encryption in key ' + key.primaryKey.getKeyId().toHex());
throw new Error('Could not find valid key packet for encryption in key ' +
publicKey.primaryKey.getKeyId().toHex());
}
const pkESKeyPacket = new packet.PublicKeyEncryptedSessionKey();
pkESKeyPacket.publicKeyId = wildcard ? type_keyid.wildcard() : encryptionKeyPacket.getKeyId();
@ -318,7 +319,6 @@ export async function encryptSessionKey(sessionKey, symAlgo, publicKeys, passwor
}));
packetlist.concat(results);
}
if (passwords) {
const testDecrypt = async function(keyPacket, password) {
try {
@ -396,15 +396,14 @@ Message.prototype.sign = async function(privateKeys=[], signature=null, date=new
if (privateKey.isPublic()) {
throw new Error('Need private key for signing');
}
await privateKey.verifyPrimaryUser();
const signingKeyPacket = privateKey.getSigningKeyPacket(undefined, date);
const signingKeyPacket = await privateKey.getSigningKeyPacket(undefined, date);
if (!signingKeyPacket) {
throw new Error('Could not find valid key packet for signing in key ' +
privateKey.primaryKey.getKeyId().toHex());
}
const onePassSig = new packet.OnePassSignature();
onePassSig.type = signatureType;
onePassSig.hashAlgorithm = getPreferredHashAlgo(privateKey);
onePassSig.hashAlgorithm = await getPreferredHashAlgo(privateKey);
onePassSig.publicKeyAlgorithm = signingKeyPacket.algorithm;
onePassSig.signingKeyId = signingKeyPacket.getKeyId();
if (i === privateKeys.length - 1) {
@ -475,10 +474,10 @@ export async function createSignaturePackets(literalDataPacket, privateKeys, sig
if (privateKey.isPublic()) {
throw new Error('Need private key for signing');
}
await privateKey.verifyPrimaryUser();
const signingKeyPacket = privateKey.getSigningKeyPacket(undefined, date);
const signingKeyPacket = await privateKey.getSigningKeyPacket(undefined, date);
if (!signingKeyPacket) {
throw new Error('Could not find valid key packet for signing in key ' + privateKey.primaryKey.getKeyId().toHex());
throw new Error('Could not find valid key packet for signing in key ' +
privateKey.primaryKey.getKeyId().toHex());
}
if (!signingKeyPacket.isDecrypted) {
throw new Error('Private key is not decrypted.');
@ -486,7 +485,7 @@ export async function createSignaturePackets(literalDataPacket, privateKeys, sig
const signaturePacket = new packet.Signature(date);
signaturePacket.signatureType = signatureType;
signaturePacket.publicKeyAlgorithm = signingKeyPacket.algorithm;
signaturePacket.hashAlgorithm = getPreferredHashAlgo(privateKey);
signaturePacket.hashAlgorithm = await getPreferredHashAlgo(privateKey);
await signaturePacket.sign(signingKeyPacket, literalDataPacket);
return signaturePacket;
})).then(signatureList => {
@ -538,22 +537,22 @@ Message.prototype.verifyDetached = function(signature, keys, date=new Date()) {
* @param {Array<module:packet/signature>} signatureList array of signature packets
* @param {Array<module:packet/literal>} literalDataList array of literal data packets
* @param {Array<module:key~Key>} keys array of keys to verify signatures
* @param {Date} date Verify the signature against the given date, i.e. check signature creation time < date < expiration time
* @returns {Promise{Array<({keyid: module:type/keyid, valid: Boolean})>}} list of signer's keyid and validity of signature
* @param {Date} date Verify the signature against the given date,
* i.e. check signature creation time < date < expiration time
* @returns {Promise<Array<{keyid: module:type/keyid,
* valid: Boolean}>>} list of signer's keyid and validity of signature
*/
export async function createVerificationObjects(signatureList, literalDataList, keys, date=new Date()) {
return Promise.all(signatureList.map(async function(signature) {
let keyPacket = null;
await Promise.all(keys.map(async function(key) {
await key.verifyPrimaryUser();
// Look for the unique key packet that matches issuerKeyId of signature
const result = key.getSigningKeyPacket(signature.issuerKeyId, date);
const result = await key.getSigningKeyPacket(signature.issuerKeyId, date);
if (result) {
keyPacket = result;
}
}));
// Look for the unique key packet that matches issuerKeyId of signature
const verifiedSig = {
keyid: signature.issuerKeyId,
valid: keyPacket ? await signature.verify(keyPacket, literalDataList[0]) : null

10
src/openpgp.js
View File

@ -371,8 +371,10 @@ export function verify({ message, publicKeys, signature=null, date=new Date() })
return Promise.resolve().then(async function() {
const result = {};
result.data = CleartextMessage.prototype.isPrototypeOf(message) ? message.getText() : message.getLiteralData();
result.signatures = signature ? await message.verifyDetached(signature, publicKeys, date) : await message.verify(publicKeys, date);
result.data = message instanceof CleartextMessage ? message.getText() : message.getLiteralData();
result.signatures = signature ?
await message.verifyDetached(signature, publicKeys, date) :
await message.verify(publicKeys, date);
return result;
}).catch(onError.bind(null, 'Error verifying cleartext signed message'));
}
@ -462,12 +464,12 @@ function checkData(data, name) {
}
}
function checkMessage(message) {
if (!messageLib.Message.prototype.isPrototypeOf(message)) {
if (!(message instanceof messageLib.Message)) {
throw new Error('Parameter [message] needs to be of type Message');
}
}
function checkCleartextOrMessage(message) {
if (!CleartextMessage.prototype.isPrototypeOf(message) && !messageLib.Message.prototype.isPrototypeOf(message)) {
if (!(message instanceof CleartextMessage) && !(message instanceof messageLib.Message)) {
throw new Error('Parameter [message] needs to be of type Message or CleartextMessage');
}
}

14
src/packet/packetlist.js
View File

@ -177,6 +177,19 @@ Packetlist.prototype.some = async function (callback) {
return false;
};
/**
* Executes the callback function once for each element,
* returns true if all callbacks returns a truthy value
*/
Packetlist.prototype.every = function (callback) {
for (let i = 0; i < this.length; i++) {
if (!callback(this[i], i, this)) {
return false;
}
}
return true;
};
/**
* Traverses packet tree and returns first matching packet
* @param {module:enums.packet} type The packet type
@ -240,6 +253,7 @@ Packetlist.prototype.concat = function (packetlist) {
this.push(packetlist[i]);
}
}
return this;
};
/**

2
src/packet/secret_key.js
View File

@ -216,7 +216,7 @@ function produceEncryptionKey(s2k, passphrase, algorithm) {
*/
SecretKey.prototype.decrypt = async function (passphrase) {
if (this.isDecrypted) {
return true;
throw new Error('Key packet is already decrypted.');
}
let i = 0;

5
src/packet/signature.js
View File

@ -86,6 +86,7 @@ export default function Signature(date=new Date()) {
this.embeddedSignature = null;
this.verified = null;
this.revoked = null;
}
/**
@ -666,9 +667,9 @@ Signature.prototype.verify = async function (key, data) {
* @return {Boolean} true if expired
*/
Signature.prototype.isExpired = function (date=new Date()) {
if (date !== null) {
const normDate = util.normalizeDate(date);
if (normDate !== null) {
const expirationTime = !this.signatureNeverExpires ? this.created.getTime() + this.signatureExpirationTime*1000 : Infinity;
const normDate = util.normalizeDate(date);
return !(this.created <= normDate && normDate < expirationTime);
}
return false;

4
src/packet/sym_encrypted_session_key.js
View File

@ -104,7 +104,7 @@ SymEncryptedSessionKey.prototype.write = function() {
/**
* Decrypts the session key
* @param {String} passphrase The passphrase in string form
* @return {Promise<Boolean}
* @return {Promise<Boolean>}
*/
SymEncryptedSessionKey.prototype.decrypt = async function(passphrase) {
const algo = this.sessionKeyEncryptionAlgorithm !== null ?
@ -128,7 +128,7 @@ SymEncryptedSessionKey.prototype.decrypt = async function(passphrase) {
/**
* Encrypts the session key
* @param {String} passphrase The passphrase in string form
* @return {Promise<Boolean}
* @return {Promise<Boolean>}
*/
SymEncryptedSessionKey.prototype.encrypt = async function(passphrase) {
const algo = this.sessionKeyEncryptionAlgorithm !== null ?

9
src/type/keyid.js
View File

@ -52,8 +52,13 @@ Keyid.prototype.toHex = function() {
return util.str_to_hex(this.bytes);
};
Keyid.prototype.equals = function(keyid) {
return this.bytes === keyid.bytes;
/**
* Checks equality of Key ID's
* @param {Keyid} keyid
* @param {Boolean} matchWildcard Indicates whether to check if either keyid is a wildcard
*/
Keyid.prototype.equals = function(keyid, matchWildcard=false) {
return (matchWildcard && (keyid.isWildcard() || this.isWildcard())) || this.bytes === keyid.bytes;
};
Keyid.prototype.isNull = function() {

8
test/crypto/elliptic.js
View File

@ -192,9 +192,9 @@ describe('Elliptic Curve Cryptography', function () {
it('Signature generation', function () {
const curve = new elliptic_curves.Curve('p256');
let key = curve.keyFromPrivate(key_data.p256.priv);
return key.sign(signature_data.message, 8).then(signature => {
return key.sign(signature_data.message, 8).then(async signature => {
key = curve.keyFromPublic(key_data.p256.pub);
expect(
await expect(
key.verify(signature_data.message, signature, 8)
).to.eventually.be.true;
});
@ -302,8 +302,8 @@ describe('Elliptic Curve Cryptography', function () {
const keyPrivate = new Uint8Array(keyPair.getPrivate());
const oid = curve.oid;
const message = p384_message;
return elliptic_curves.ecdsa.sign(oid, 10, message, keyPrivate).then(signature => {
expect(elliptic_curves.ecdsa.verify(oid, 10, signature, message, keyPublic))
return elliptic_curves.ecdsa.sign(oid, 10, message, keyPrivate).then(async signature => {
await expect(elliptic_curves.ecdsa.verify(oid, 10, signature, message, keyPublic))
.to.eventually.be.true;
});
});

1
test/general/ecc_nist.js
View File

@ -202,7 +202,6 @@ describe('Elliptic Curve Cryptography', function () {
it('Encrypt and sign message', async function () {
const romeoPrivate = await load_priv_key('romeo');
const julietPublic = load_pub_key('juliet');
expect(await romeoPrivate.decrypt(data.romeo.pass)).to.be.true;
const encrypted = await openpgp.encrypt({publicKeys: [julietPublic], privateKeys: [romeoPrivate], data: data.romeo.message + "\n"});
const message = openpgp.message.readArmored(encrypted.data);

308
test/general/key.js
View File

@ -761,7 +761,7 @@ describe('Key', function() {
)).to.eventually.equal(openpgp.enums.keyStatus.revoked).notify(done);
});
it('Evaluate key flags to find valid encryption key packet', function() {
it('Evaluate key flags to find valid encryption key packet', async function() {
const pubKeys = openpgp.key.readArmored(pub_sig_test);
expect(pubKeys).to.exist;
expect(pubKeys.err).to.not.exist;
@ -769,26 +769,27 @@ describe('Key', function() {
const pubKey = pubKeys.keys[0];
// remove subkeys
pubKey.subKeys = null;
pubKey.subKeys = [];
// primary key has only key flags for signing
const keyPacket = pubKey.getEncryptionKeyPacket();
await pubKey.verifyKeyPackets();
const keyPacket = await pubKey.getEncryptionKeyPacket();
expect(keyPacket).to.not.exist;
});
it('Method getExpirationTime V4 Key', function() {
it('Method getExpirationTime V4 Key', async function() {
const pubKey = openpgp.key.readArmored(twoKeys).keys[1];
expect(pubKey).to.exist;
expect(pubKey).to.be.an.instanceof(openpgp.key.Key);
return pubKey.verifyPrimaryUser().then(() => {
expect(pubKey.getExpirationTime().toISOString()).to.be.equal('2018-11-26T10:58:29.000Z');
});
const expirationTime = await pubKey.getExpirationTime();
expect(expirationTime.toISOString()).to.be.equal('2018-11-26T10:58:29.000Z');
});
it('Method getExpirationTime V4 SubKey', function() {
it('Method getExpirationTime V4 SubKey', async function() {
const pubKey = openpgp.key.readArmored(twoKeys).keys[1];
expect(pubKey).to.exist;
expect(pubKey).to.be.an.instanceof(openpgp.key.Key);
expect(pubKey.subKeys[0].getExpirationTime().toISOString()).to.be.equal('2018-11-26T10:58:29.000Z');
const expirationTime = await pubKey.subKeys[0].getExpirationTime();
expect(expirationTime.toISOString()).to.be.equal('2018-11-26T10:58:29.000Z');
});
it('update() - throw error if fingerprints not equal', function(done) {
@ -798,41 +799,40 @@ describe('Key', function() {
)()).to.be.rejectedWith('Key update method: fingerprints of keys not equal').notify(done);
});
it('update() - merge revocation signature', function(done) {
it('update() - merge revocation signatures', function(done) {
const source = openpgp.key.readArmored(pub_revoked).keys[0];
const dest = openpgp.key.readArmored(pub_revoked).keys[0];
expect(source.revocationSignature).to.exist;
dest.revocationSignature = null;
expect(source.revocationSignatures).to.exist;
dest.revocationSignatures = [];
dest.update(source).then(() => {
expect(dest.revocationSignature).to.exist.and.be.an.instanceof(openpgp.packet.Signature);
expect(dest.revocationSignatures[0]).to.exist.and.be.an.instanceof(openpgp.packet.Signature);
done();
});
});
it('update() - merge user', function(done) {
it('update() - merge user', function() {
const source = openpgp.key.readArmored(pub_sig_test).keys[0];
const dest = openpgp.key.readArmored(pub_sig_test).keys[0];
expect(source.users[1]).to.exist;
dest.users.pop();
dest.update(source).then(() => {
return dest.update(source).then(() => {
expect(dest.users[1]).to.exist;
expect(dest.users[1].userId).to.equal(source.users[1].userId);
done();
});
});
it('update() - merge user - other and revocation certification', function(done) {
it('update() - merge user - other and certification revocation signatures', function(done) {
const source = openpgp.key.readArmored(pub_sig_test).keys[0];
const dest = openpgp.key.readArmored(pub_sig_test).keys[0];
expect(source.users[1].otherCertifications).to.exist;
expect(source.users[1].revocationCertifications).to.exist;
dest.users[1].otherCertifications = null;
dest.users[1].revocationCertifications.pop();
expect(source.users[1].revocationSignatures).to.exist;
dest.users[1].otherCertifications = [];
dest.users[1].revocationSignatures.pop();
dest.update(source).then(() => {
expect(dest.users[1].otherCertifications).to.exist.and.to.have.length(1);
expect(dest.users[1].otherCertifications[0].signature).to.equal(source.users[1].otherCertifications[0].signature);
expect(dest.users[1].revocationCertifications).to.exist.and.to.have.length(2);
expect(dest.users[1].revocationCertifications[1].signature).to.equal(source.users[1].revocationCertifications[1].signature);
expect(dest.users[1].revocationSignatures).to.exist.and.to.have.length(2);
expect(dest.users[1].revocationSignatures[1].signature).to.equal(source.users[1].revocationSignatures[1].signature);
done();
});
});
@ -851,15 +851,14 @@ describe('Key', function() {
});
});
it('update() - merge subkey - revocation signature', function(done) {
it('update() - merge subkey - revocation signature', function() {
const source = openpgp.key.readArmored(pub_sig_test).keys[0];
const dest = openpgp.key.readArmored(pub_sig_test).keys[0];
expect(source.subKeys[0].revocationSignature).to.exist;
dest.subKeys[0].revocationSignature = null;
dest.update(source).then(() => {
expect(dest.subKeys[0].revocationSignature).to.exist;
expect(dest.subKeys[0].revocationSignature.signature).to.equal(dest.subKeys[0].revocationSignature.signature);
done();
expect(source.subKeys[0].revocationSignatures).to.exist;
dest.subKeys[0].revocationSignatures = [];
return dest.update(source).then(() => {
expect(dest.subKeys[0].revocationSignatures).to.exist;
expect(dest.subKeys[0].revocationSignatures[0].signature).to.equal(dest.subKeys[0].revocationSignatures[0].signature);
});
});
@ -886,8 +885,8 @@ describe('Key', function() {
it('update() - merge private key into public key - no subkeys', function() {
const source = openpgp.key.readArmored(priv_key_rsa).keys[0];
const dest = openpgp.key.readArmored(twoKeys).keys[0];
source.subKeys = null;
dest.subKeys = null;
source.subKeys = [];
dest.subKeys = [];
expect(dest.isPublic()).to.be.true;
return dest.update(source).then(() => {
expect(dest.isPrivate()).to.be.true;
@ -905,56 +904,51 @@ describe('Key', function() {
it('update() - merge private key into public key - mismatch throws error', function(done) {
const source = openpgp.key.readArmored(priv_key_rsa).keys[0];
const dest = openpgp.key.readArmored(twoKeys).keys[0];
source.subKeys = null;
source.subKeys = [];
expect(dest.subKeys).to.exist;
expect(dest.isPublic()).to.be.true;
expect(dest.update.bind(dest, source)())
.to.be.rejectedWith('Cannot update public key with private key if subkey mismatch').notify(done);
});
it('update() - merge subkey binding signatures', function(done) {
it('update() - merge subkey binding signatures', async function() {
const source = openpgp.key.readArmored(pgp_desktop_pub).keys[0];
const dest = openpgp.key.readArmored(pgp_desktop_priv).keys[0];
expect(source.subKeys[0].bindingSignatures[0]).to.exist;
expect(source.subKeys[0].verify(source.primaryKey))
await expect(source.subKeys[0].verify(source.primaryKey))
.to.eventually.equal(openpgp.enums.keyStatus.valid);
expect(dest.subKeys[0].bindingSignatures[0]).to.not.exist;
dest.update(source).then(() => {
return dest.update(source).then(async () => {
expect(dest.subKeys[0].bindingSignatures[0]).to.exist;
expect(dest.subKeys[0].verify(source.primaryKey))
await expect(dest.subKeys[0].verify(source.primaryKey))
.to.eventually.equal(openpgp.enums.keyStatus.valid);
done();
});
});
it('getPreferredSymAlgo() - one key - AES256', function() {
it('getPreferredSymAlgo() - one key - AES256', async function() {
const key1 = openpgp.key.readArmored(twoKeys).keys[0];
return key1.verifyPrimaryUser().then(() => {
const prefAlgo = openpgp.key.getPreferredSymAlgo([key1]);
expect(prefAlgo).to.equal(openpgp.enums.symmetric.aes256);
});
const prefAlgo = await openpgp.key.getPreferredSymAlgo([key1]);
expect(prefAlgo).to.equal(openpgp.enums.symmetric.aes256);
});
it('getPreferredSymAlgo() - two key - AES128', function() {
it('getPreferredSymAlgo() - two key - AES128', async function() {
const keys = openpgp.key.readArmored(twoKeys).keys;
const key1 = keys[0];
const key2 = keys[1];
return Promise.all([key1.verifyPrimaryUser(), key2.verifyPrimaryUser()]).then(() => {
key2.getPrimaryUser().selfCertificate.preferredSymmetricAlgorithms = [6,7,3];
const prefAlgo = openpgp.key.getPreferredSymAlgo([key1, key2]);
expect(prefAlgo).to.equal(openpgp.enums.symmetric.aes128);
});
const primaryUser = await key2.getPrimaryUser();
primaryUser.selfCertification.preferredSymmetricAlgorithms = [6,7,3];
const prefAlgo = await openpgp.key.getPreferredSymAlgo([key1, key2]);
expect(prefAlgo).to.equal(openpgp.enums.symmetric.aes128);
});
it('getPreferredSymAlgo() - two key - one without pref', function() {
it('getPreferredSymAlgo() - two key - one without pref', async function() {
const keys = openpgp.key.readArmored(twoKeys).keys;
const key1 = keys[0];
const key2 = keys[1];
return Promise.all([key1.verifyPrimaryUser(), key2.verifyPrimaryUser()]).then(() => {
key2.getPrimaryUser().selfCertificate.preferredSymmetricAlgorithms = null;
const prefAlgo = openpgp.key.getPreferredSymAlgo([key1, key2]);
expect(prefAlgo).to.equal(openpgp.config.encryption_cipher);
});
const primaryUser = await key2.getPrimaryUser();
primaryUser.selfCertification.preferredSymmetricAlgorithms = null;
const prefAlgo = await openpgp.key.getPreferredSymAlgo([key1, key2]);
expect(prefAlgo).to.equal(openpgp.config.encryption_cipher);
});
it('Preferences of generated key', function() {
@ -987,14 +981,12 @@ describe('Key', function() {
expect(key.users[1].userAttribute).eql(key2.users[1].userAttribute);
});
it('getPrimaryUser()', function() {
it('getPrimaryUser()', async function() {
const key = openpgp.key.readArmored(pub_sig_test).keys[0];
return key.verifyPrimaryUser().then(() => {
const primUser = key.getPrimaryUser();
expect(primUser).to.exist;
expect(primUser.user.userId.userid).to.equal('Signature Test <signature@test.com>');
expect(primUser.selfCertificate).to.be.an.instanceof(openpgp.packet.Signature);
});
const primUser = await key.getPrimaryUser();
expect(primUser).to.exist;
expect(primUser.user.userId.userid).to.equal('Signature Test <signature@test.com>');
expect(primUser.selfCertification).to.be.an.instanceof(openpgp.packet.Signature);
});
it('Generated key is not unlocked by default', function() {
@ -1002,10 +994,10 @@ describe('Key', function() {
if (openpgp.util.getWebCryptoAll()) { opt.numBits = 2048; } // webkit webcrypto accepts minimum 2048 bit keys
let key;
return openpgp.generateKey(opt).then(function(newKey) {
key = newKey;
return openpgp.message.fromText('hello').encrypt([key.key]);
key = newKey.key;
return openpgp.message.fromText('hello').encrypt([key]);
}).then(function(msg) {
return msg.message.decrypt([key.key]);
return msg.message.decrypt([key]);
}).catch(function(err) {
expect(err.message).to.equal('Private key is not decrypted.');
});
@ -1062,113 +1054,99 @@ describe('Key', function() {
const userId = 'test <a@b.com>';
const opt = {numBits: 512, userIds: userId, passphrase: '123', keyExpirationTime: expect_delta};
if (openpgp.util.getWebCryptoAll()) { opt.numBits = 2048; } // webkit webcrypto accepts minimum 2048 bit keys
return openpgp.generateKey(opt).then(function(key) {
return openpgp.generateKey(opt).then(async function(key) {
key = key.key;
return key.verifyPrimaryUser().then(() => {
const expiration = key.getExpirationTime();
expect(expiration).to.exist;
const expiration = await key.getExpirationTime();
expect(expiration).to.exist;
const actual_delta = (new Date(expiration) - new Date()) / 1000;
expect(Math.abs(actual_delta - expect_delta)).to.be.below(60);
const actual_delta = (new Date(expiration) - new Date()) / 1000;
expect(Math.abs(actual_delta - expect_delta)).to.be.below(60);
const subKeyExpiration = key.subKeys[0].getExpirationTime();
expect(subKeyExpiration).to.exist;
const subKeyExpiration = await key.subKeys[0].getExpirationTime();
expect(subKeyExpiration).to.exist;
const actual_subKeyDelta = (new Date(subKeyExpiration) - new Date()) / 1000;
expect(Math.abs(actual_subKeyDelta - expect_delta)).to.be.below(60);
});
const actual_subKeyDelta = (new Date(subKeyExpiration) - new Date()) / 1000;
expect(Math.abs(actual_subKeyDelta - expect_delta)).to.be.below(60);
});
});
it('Sign and verify key - primary user', function() {
const key = openpgp.key.readArmored(pub_sig_test).keys[0];
it('Sign and verify key - primary user', async function() {
let publicKey = openpgp.key.readArmored(pub_sig_test).keys[0];
const privateKey = openpgp.key.readArmored(priv_key_rsa).keys[0];
privateKey.decrypt('hello world');
return key.signPrimaryUser([privateKey]).then(key => {
return Promise.all(
[key.verifyPrimaryUser([privateKey]), privateKey.verifyPrimaryUser()]
).then(results => {
const signatures = results[0];
expect(signatures.length).to.equal(2);
expect(signatures[0].keyid.toHex()).to.equal(key.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[0].valid).to.be.null;
expect(signatures[1].keyid.toHex()).to.equal(privateKey.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[1].valid).to.be.true;
});
});
await privateKey.decrypt('hello world');
publicKey = await publicKey.signPrimaryUser([privateKey]);
const signatures = await publicKey.verifyPrimaryUser([privateKey]);
const publicKeyPacket = await publicKey.getSigningKeyPacket();
const privateKeyPacket = await privateKey.getSigningKeyPacket();
expect(signatures.length).to.equal(2);
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
expect(signatures[0].valid).to.be.null;
expect(signatures[1].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
expect(signatures[1].valid).to.be.true;
});
it('Sign key and verify with wrong key - primary user', function() {
const key = openpgp.key.readArmored(pub_sig_test).keys[0];
it('Sign key and verify with wrong key - primary user', async function() {
let publicKey = openpgp.key.readArmored(pub_sig_test).keys[0];
const privateKey = openpgp.key.readArmored(priv_key_rsa).keys[0];
const wrongKey = openpgp.key.readArmored(wrong_key).keys[0];
privateKey.decrypt('hello world');
return key.signPrimaryUser([privateKey]).then(key => {
return Promise.all(
[key.verifyPrimaryUser([wrongKey]), privateKey.verifyPrimaryUser()]
).then(results => {
const signatures = results[0];
expect(signatures.length).to.equal(2);
expect(signatures[0].keyid.toHex()).to.equal(key.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[0].valid).to.be.null;
expect(signatures[1].keyid.toHex()).to.equal(privateKey.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[1].valid).to.be.null;
});
});
await privateKey.decrypt('hello world');
publicKey = await publicKey.signPrimaryUser([privateKey]);
const signatures = await publicKey.verifyPrimaryUser([wrongKey]);
const publicKeyPacket = await publicKey.getSigningKeyPacket();
const privateKeyPacket = await privateKey.getSigningKeyPacket();
expect(signatures.length).to.equal(2);
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
expect(signatures[0].valid).to.be.null;
expect(signatures[1].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
expect(signatures[1].valid).to.be.null;
});
it('Sign and verify key - all users', function() {
const key = openpgp.key.readArmored(multi_uid_key).keys[0];
it('Sign and verify key - all users', async function() {
let publicKey = openpgp.key.readArmored(multi_uid_key).keys[0];
const privateKey = openpgp.key.readArmored(priv_key_rsa).keys[0];
privateKey.decrypt('hello world');
return key.signAllUsers([privateKey]).then(key => {
return Promise.all(
[key.verifyAllUsers([privateKey]), key.verifyPrimaryUser(), privateKey.verifyPrimaryUser()]
).then(results => {
const signatures = results[0];
expect(signatures.length).to.equal(4);
expect(signatures[0].userid).to.equal(key.users[0].userId.userid);
expect(signatures[0].keyid.toHex()).to.equal(key.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[0].valid).to.be.null;
expect(signatures[1].userid).to.equal(key.users[0].userId.userid);
expect(signatures[1].keyid.toHex()).to.equal(privateKey.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[1].valid).to.be.true;
expect(signatures[2].userid).to.equal(key.users[1].userId.userid);
expect(signatures[2].keyid.toHex()).to.equal(key.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[2].valid).to.be.null;
expect(signatures[3].userid).to.equal(key.users[1].userId.userid);
expect(signatures[3].keyid.toHex()).to.equal(privateKey.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[3].valid).to.be.true;
});
});
await privateKey.decrypt('hello world');
publicKey = await publicKey.signAllUsers([privateKey]);
const signatures = await publicKey.verifyAllUsers([privateKey]);
const publicKeyPacket = await publicKey.getSigningKeyPacket();
const privateKeyPacket = await privateKey.getSigningKeyPacket();
expect(signatures.length).to.equal(4);
expect(signatures[0].userid).to.equal(publicKey.users[0].userId.userid);
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
expect(signatures[0].valid).to.be.null;
expect(signatures[1].userid).to.equal(publicKey.users[0].userId.userid);
expect(signatures[1].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
expect(signatures[1].valid).to.be.true;
expect(signatures[2].userid).to.equal(publicKey.users[1].userId.userid);
expect(signatures[2].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
expect(signatures[2].valid).to.be.null;
expect(signatures[3].userid).to.equal(publicKey.users[1].userId.userid);
expect(signatures[3].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
expect(signatures[3].valid).to.be.true;
});
it('Sign key and verify with wrong key - all users', function() {
const key = openpgp.key.readArmored(multi_uid_key).keys[0];
it('Sign key and verify with wrong key - all users', async function() {
let publicKey = openpgp.key.readArmored(multi_uid_key).keys[0];
const privateKey = openpgp.key.readArmored(priv_key_rsa).keys[0];
const wrongKey = openpgp.key.readArmored(wrong_key).keys[0];
privateKey.decrypt('hello world');
return key.signAllUsers([privateKey]).then(key => {
return Promise.all(
[key.verifyAllUsers([wrongKey]), key.verifyPrimaryUser(), privateKey.verifyPrimaryUser()]
).then(results => {
const signatures = results[0];
expect(signatures.length).to.equal(4);
expect(signatures[0].userid).to.equal(key.users[0].userId.userid);
expect(signatures[0].keyid.toHex()).to.equal(key.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[0].valid).to.be.null;
expect(signatures[1].userid).to.equal(key.users[0].userId.userid);
expect(signatures[1].keyid.toHex()).to.equal(privateKey.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[1].valid).to.be.null;
expect(signatures[2].userid).to.equal(key.users[1].userId.userid);
expect(signatures[2].keyid.toHex()).to.equal(key.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[2].valid).to.be.null;
expect(signatures[3].userid).to.equal(key.users[1].userId.userid);
expect(signatures[3].keyid.toHex()).to.equal(privateKey.getSigningKeyPacket().getKeyId().toHex());
expect(signatures[3].valid).to.be.null;
});
});
await privateKey.decrypt('hello world');
publicKey = await publicKey.signAllUsers([privateKey]);
const signatures = await publicKey.verifyAllUsers([wrongKey]);
const publicKeyPacket = await publicKey.getSigningKeyPacket();
const privateKeyPacket = await privateKey.getSigningKeyPacket()
expect(signatures.length).to.equal(4);
expect(signatures[0].userid).to.equal(publicKey.users[0].userId.userid);
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
expect(signatures[0].valid).to.be.null;
expect(signatures[1].userid).to.equal(publicKey.users[0].userId.userid);
expect(signatures[1].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
expect(signatures[1].valid).to.be.null;
expect(signatures[2].userid).to.equal(publicKey.users[1].userId.userid);
expect(signatures[2].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
expect(signatures[2].valid).to.be.null;
expect(signatures[3].userid).to.equal(publicKey.users[1].userId.userid);
expect(signatures[3].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
expect(signatures[3].valid).to.be.null;
});
it('Reformat key without passphrase', function() {
@ -1214,9 +1192,12 @@ describe('Key', function() {
expect(newKey.users[0].userId.userid).to.equal(userId);
expect(newKey.primaryKey.isDecrypted).to.be.true;
return openpgp.sign({data: 'hello', privateKeys: newKey, armor: true}).then(function(signed) {
return openpgp.verify({message: openpgp.cleartext.readArmored(signed.data), publicKeys: newKey.toPublic()}).then(function(verified) {
return openpgp.verify(
{message: openpgp.cleartext.readArmored(signed.data), publicKeys: newKey.toPublic()}
).then(async function(verified) {
expect(verified.signatures[0].valid).to.be.true;
expect(verified.signatures[0].keyid.toHex()).to.equal(newKey.getSigningKeyPacket().getKeyId().toHex());
const newKeyPacket = await newKey.getSigningKeyPacket();
expect(verified.signatures[0].keyid.toHex()).to.equal(newKeyPacket.getKeyId().toHex());
expect(verified.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1234,12 +1215,12 @@ describe('Key', function() {
opt.privateKey = key;
opt.userIds = [userId2, userId3];
opt.passphrase = '123';
return openpgp.reformatKey(opt).then(function(newKey) {
return openpgp.reformatKey(opt).then(async function(newKey) {
newKey = newKey.key;
expect(newKey.users.length).to.equal(2);
expect(newKey.users[0].userId.userid).to.equal(userId2);
expect(newKey.primaryKey.isDecrypted).to.be.false;
newKey.decrypt('123');
await newKey.decrypt('123');
expect(newKey.primaryKey.isDecrypted).to.be.true;
});
});
@ -1278,10 +1259,19 @@ describe('Key', function() {
});
});
it('Find a valid subkey binding signature among many invalid ones', function(done) {
const k = openpgp.key.readArmored(valid_binding_sig_among_many_expired_sigs_pub).keys[0];
expect(k.getEncryptionKeyPacket()).to.not.be.null;
done();
it('Find a valid subkey binding signature among many invalid ones', async function() {
const key = openpgp.key.readArmored(valid_binding_sig_among_many_expired_sigs_pub).keys[0];
await key.verifyKeyPackets();
expect(await key.getEncryptionKeyPacket()).to.not.be.null;
});
it('Reject encryption with revoked subkey', function() {
const key = openpgp.key.readArmored(pub_revoked).keys[0];
return openpgp.encrypt({publicKeys: [key], data: 'random data'}).then(() => {
throw new Error('encryptSessionKey should not encrypt with revoked public key');
}).catch(function(error) {
expect(error.message).to.equal('Error encrypting message: Could not find valid key packet for encryption in key ' + key.primaryKey.getKeyId().toHex());
});
});
});

169
test/general/openpgp.js
View File

@ -626,7 +626,7 @@ describe('OpenPGP.js public api tests', function() {
zero_copyVal = openpgp.config.zero_copy;
use_nativeVal = openpgp.config.use_native;
aead_protectVal = openpgp.config.aead_protect;
privateKey.keys[0].verifyPrimaryUser().then(() => done());
done();
});
afterEach(function() {
@ -635,8 +635,8 @@ describe('OpenPGP.js public api tests', function() {
openpgp.config.aead_protect = aead_protectVal;
});
it('Decrypting key with wrong passphrase rejected', function () {
expect(privateKey.keys[0].decrypt('wrong passphrase')).to.eventually.be.rejectedWith('Incorrect key passphrase');
it('Decrypting key with wrong passphrase rejected', async function () {
await expect(privateKey.keys[0].decrypt('wrong passphrase')).to.eventually.be.rejectedWith('Incorrect key passphrase');
});
it('Decrypting key with correct passphrase returns true', async function () {
@ -729,7 +729,6 @@ describe('OpenPGP.js public api tests', function() {
beforeEach(async function() {
expect(await privateKey.keys[0].decrypt(passphrase)).to.be.true;
await privateKey.keys[0].verifyPrimaryUser();
return true;
});
@ -868,12 +867,8 @@ describe('OpenPGP.js public api tests', function() {
'=6XMW\r\n' +
'-----END PGP PUBLIC KEY BLOCK-----\r\n\r\n';
beforeEach( async function () {
beforeEach(async function () {
expect(await privateKey.keys[0].decrypt(passphrase)).to.be.true;
await privateKey.keys[0].verifyPrimaryUser();
await privateKey_2000_2008.keys[0].verifyPrimaryUser();
await privateKey_1337.keys[0].verifyPrimaryUser();
await privateKey_2038_2045.keys[0].verifyPrimaryUser();
return true;
});
@ -896,9 +891,9 @@ describe('OpenPGP.js public api tests', function() {
});
});
it('should encrypt then decrypt with multiple private keys', function () {
it('should encrypt then decrypt with multiple private keys', async function () {
const privKeyDE = openpgp.key.readArmored(priv_key_de).keys[0];
privKeyDE.decrypt(passphrase);
await privKeyDE.decrypt(passphrase);
const encOpt = {
data: plaintext,
@ -938,9 +933,9 @@ describe('OpenPGP.js public api tests', function() {
});
});
it('should encrypt then decrypt with wildcard with multiple private keys', function () {
it('should encrypt then decrypt with wildcard with multiple private keys', async function () {
const privKeyDE = openpgp.key.readArmored(priv_key_de).keys[0];
privKeyDE.decrypt(passphrase);
await privKeyDE.decrypt(passphrase);
const encOpt = {
data: plaintext,
@ -1039,10 +1034,11 @@ describe('OpenPGP.js public api tests', function() {
return openpgp.encrypt(encOpt).then(function (encrypted) {
decOpt.message = openpgp.message.readArmored(encrypted.data);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.true;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1060,10 +1056,11 @@ describe('OpenPGP.js public api tests', function() {
return openpgp.encrypt(encOpt).then(function (encrypted) {
decOpt.message = openpgp.message.readArmored(encrypted.data);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.equal('');
expect(decrypted.signatures[0].valid).to.be.true;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1083,10 +1080,11 @@ describe('OpenPGP.js public api tests', function() {
decOpt.message = openpgp.message.readArmored(encrypted.data);
decOpt.signature = openpgp.signature.readArmored(encrypted.signature);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.true;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1116,17 +1114,18 @@ describe('OpenPGP.js public api tests', function() {
decOpt.message = openpgp.message.readArmored(encrypted.data);
decOpt.signature = openpgp.signature.readArmored(encrypted.signature);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.true;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
it('should encrypt and decrypt/verify with detached signature as input and detached flag not set for encryption', function () {
it('should encrypt and decrypt/verify with detached signature as input and detached flag not set for encryption', async function () {
const privKeyDE = openpgp.key.readArmored(priv_key_de).keys[0];
privKeyDE.decrypt(passphrase);
await privKeyDE.decrypt(passphrase);
const pubKeyDE = openpgp.key.readArmored(pub_key_de).keys[0];
@ -1153,16 +1152,17 @@ describe('OpenPGP.js public api tests', function() {
}).then(function (encrypted) {
decOpt.message = openpgp.message.readArmored(encrypted.data);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
let keyPacket;
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.true;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
expect(decrypted.signatures[1].valid).to.be.true;
return privKeyDE.verifyPrimaryUser().then(() => {
expect(decrypted.signatures[1].keyid.toHex()).to.equal(privKeyDE.getSigningKeyPacket().getKeyId().toHex());
expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
});
keyPacket = await privKeyDE.getSigningKeyPacket();
expect(decrypted.signatures[1].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
});
});
@ -1191,10 +1191,11 @@ describe('OpenPGP.js public api tests', function() {
decOpt.message = openpgp.message.readArmored(encrypted.data);
decOpt.signature = openpgp.signature.readArmored(encrypted.signature);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.null;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1222,10 +1223,11 @@ describe('OpenPGP.js public api tests', function() {
}).then(function (encrypted) {
decOpt.message = openpgp.message.readArmored(encrypted.data);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.null;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1243,10 +1245,11 @@ describe('OpenPGP.js public api tests', function() {
return openpgp.encrypt(encOpt).then(function (encrypted) {
decOpt.message = openpgp.message.readArmored(encrypted.data);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.null;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1264,10 +1267,11 @@ describe('OpenPGP.js public api tests', function() {
return openpgp.encrypt(encOpt).then(function (encrypted) {
decOpt.message = openpgp.message.readArmored(encrypted.data);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.equal('');
expect(decrypted.signatures[0].valid).to.be.null;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1284,10 +1288,11 @@ describe('OpenPGP.js public api tests', function() {
return openpgp.encrypt(encOpt).then(function (encrypted) {
decOpt.message = openpgp.message.readArmored(encrypted.data);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.null;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1307,17 +1312,18 @@ describe('OpenPGP.js public api tests', function() {
decOpt.message = openpgp.message.readArmored(encrypted.data);
decOpt.signature = openpgp.signature.readArmored(encrypted.signature);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.null;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
it('should encrypt and decrypt/verify both signatures when signed with two private keys', function () {
it('should encrypt and decrypt/verify both signatures when signed with two private keys', async function () {
const privKeyDE = openpgp.key.readArmored(priv_key_de).keys[0];
privKeyDE.decrypt(passphrase);
await privKeyDE.decrypt(passphrase);
const pubKeyDE = openpgp.key.readArmored(pub_key_de).keys[0];
@ -1335,16 +1341,17 @@ describe('OpenPGP.js public api tests', function() {
return openpgp.encrypt(encOpt).then(function (encrypted) {
decOpt.message = openpgp.message.readArmored(encrypted.data);
return openpgp.decrypt(decOpt);
}).then(function (decrypted) {
}).then(async function (decrypted) {
let keyPacket;
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.true;
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
expect(decrypted.signatures[1].valid).to.be.true;
return privKeyDE.verifyPrimaryUser().then(() => {
expect(decrypted.signatures[1].keyid.toHex()).to.equal(privKeyDE.getSigningKeyPacket().getKeyId().toHex());
expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
});
keyPacket = await privKeyDE.getSigningKeyPacket();
expect(decrypted.signatures[1].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
});
});
@ -1360,17 +1367,18 @@ describe('OpenPGP.js public api tests', function() {
expect(signed.data).to.match(/-----BEGIN PGP SIGNED MESSAGE-----/);
verifyOpt.message = openpgp.cleartext.readArmored(signed.data);
return openpgp.verify(verifyOpt);
}).then(function (verified) {
}).then(async function (verified) {
expect(verified.data).to.equal(plaintext);
expect(verified.signatures[0].valid).to.be.true;
expect(verified.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(verified.signatures[0].signature.packets.length).to.equal(1);
});
});
it('should sign and verify cleartext data with multiple private keys', function () {
it('should sign and verify cleartext data with multiple private keys', async function () {
const privKeyDE = openpgp.key.readArmored(priv_key_de).keys[0];
privKeyDE.decrypt(passphrase);
await privKeyDE.decrypt(passphrase);
const signOpt = {
data: plaintext,
@ -1383,16 +1391,17 @@ describe('OpenPGP.js public api tests', function() {
expect(signed.data).to.match(/-----BEGIN PGP SIGNED MESSAGE-----/);
verifyOpt.message = openpgp.cleartext.readArmored(signed.data);
return openpgp.verify(verifyOpt);
}).then(function (verified) {
}).then(async function (verified) {
let keyPacket;
expect(verified.data).to.equal(plaintext);
expect(verified.signatures[0].valid).to.be.true;
expect(verified.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(verified.signatures[0].signature.packets.length).to.equal(1);
expect(verified.signatures[1].valid).to.be.true;
return privKeyDE.verifyPrimaryUser().then(() => {
expect(verified.signatures[1].keyid.toHex()).to.equal(privKeyDE.getSigningKeyPacket().getKeyId().toHex());
expect(verified.signatures[1].signature.packets.length).to.equal(1);
});
keyPacket = await privKeyDE.getSigningKeyPacket();
expect(verified.signatures[1].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(verified.signatures[1].signature.packets.length).to.equal(1);
});
});
@ -1409,10 +1418,11 @@ describe('OpenPGP.js public api tests', function() {
verifyOpt.message = new openpgp.cleartext.CleartextMessage(plaintext);
verifyOpt.signature = openpgp.signature.readArmored(signed.signature);
return openpgp.verify(verifyOpt);
}).then(function (verified) {
}).then(async function (verified) {
expect(verified.data).to.equal(plaintext);
expect(verified.signatures[0].valid).to.be.true;
expect(verified.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(verified.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1428,10 +1438,11 @@ describe('OpenPGP.js public api tests', function() {
return openpgp.sign(signOpt).then(function (signed) {
verifyOpt.message = openpgp.cleartext.readArmored(signed.data);
return openpgp.verify(verifyOpt);
}).then(function (verified) {
}).then(async function (verified) {
expect(verified.data).to.equal(plaintext);
expect(verified.signatures[0].valid).to.be.null;
expect(verified.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(verified.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1449,10 +1460,11 @@ describe('OpenPGP.js public api tests', function() {
verifyOpt.message = new openpgp.cleartext.CleartextMessage(plaintext);
verifyOpt.signature = openpgp.signature.readArmored(signed.signature);
return openpgp.verify(verifyOpt);
}).then(function (verified) {
}).then(async function (verified) {
expect(verified.data).to.equal(plaintext);
expect(verified.signatures[0].valid).to.be.null;
expect(verified.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(verified.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1469,10 +1481,11 @@ describe('OpenPGP.js public api tests', function() {
return openpgp.sign(signOpt).then(function (signed) {
verifyOpt.message = signed.message;
return openpgp.verify(verifyOpt);
}).then(function (verified) {
}).then(async function (verified) {
expect(verified.data).to.equal(plaintext);
expect(verified.signatures[0].valid).to.be.true;
expect(verified.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(verified.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1492,12 +1505,13 @@ describe('OpenPGP.js public api tests', function() {
verifyOpt.message = new openpgp.cleartext.CleartextMessage(plaintext);
verifyOpt.signature = signed.signature;
return openpgp.verify(verifyOpt);
}).then(function (verified) {
}).then(async function (verified) {
expect(verified.data).to.equal(plaintext);
expect(+verified.signatures[0].signature.packets[0].created).to.be.lte(+openpgp.util.normalizeDate());
expect(+verified.signatures[0].signature.packets[0].created).to.be.gte(+start);
expect(verified.signatures[0].valid).to.be.true;
expect(verified.signatures[0].keyid.toHex()).to.equal(privateKey.keys[0].getSigningKeyPacket().getKeyId().toHex());
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(verified.signatures[0].signature.packets.length).to.equal(1);
});
});
@ -1674,10 +1688,10 @@ describe('OpenPGP.js public api tests', function() {
describe('ELG / DSA encrypt, decrypt, sign, verify', function() {
it('round trip test', function () {
it('round trip test', async function () {
const pubKeyDE = openpgp.key.readArmored(pub_key_de).keys[0];
const privKeyDE = openpgp.key.readArmored(priv_key_de).keys[0];
privKeyDE.decrypt(passphrase);
await privKeyDE.decrypt(passphrase);
return openpgp.encrypt({
publicKeys: pubKeyDE,
privateKeys: privKeyDE,
@ -1688,14 +1702,13 @@ describe('OpenPGP.js public api tests', function() {
publicKeys: pubKeyDE,
message: openpgp.message.readArmored(encrypted.data)
});
}).then(function (decrypted) {
}).then(async function (decrypted) {
expect(decrypted.data).to.exist;
expect(decrypted.data).to.equal(plaintext);
expect(decrypted.signatures[0].valid).to.be.true;
return privKeyDE.verifyPrimaryUser().then(() => {
expect(decrypted.signatures[0].keyid.toHex()).to.equal(privKeyDE.getSigningKeyPacket().getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
const keyPacket = await privKeyDE.getSigningKeyPacket();
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
});
});
});
@ -1752,9 +1765,9 @@ describe('OpenPGP.js public api tests', function() {
'=IkKW',
'-----END PGP PRIVATE KEY BLOCK-----'].join('\n');
it('Decrypt message', function() {
it('Decrypt message', async function() {
const privKey = openpgp.key.readArmored(priv_key).keys[0];
privKey.decrypt('1234');
await privKey.decrypt('1234');
const message = openpgp.message.readArmored(pgp_msg);
return openpgp.decrypt({ privateKeys:privKey, message:message }).then(function(decrypted) {

60
test/general/packet.js
View File

@ -95,7 +95,7 @@ describe("Packet", function() {
const msg2 = new openpgp.packet.List();
msg2.read(message.write());
expect(msg2[0].decrypt(algo, key)).to.eventually.be.rejectedWith('Decryption failed due to missing MDC in combination with modern cipher.');
await expect(msg2[0].decrypt(algo, key)).to.eventually.be.rejectedWith('Decryption failed due to missing MDC in combination with modern cipher.');
});
it('Sym. encrypted integrity protected packet', async function() {
@ -141,7 +141,7 @@ describe("Packet", function() {
});
});
it('Sym encrypted session key with a compressed packet', function(done) {
it('Sym encrypted session key with a compressed packet', async function() {
const msg =
'-----BEGIN PGP MESSAGE-----\n' +
'Version: GnuPG v2.0.19 (GNU/Linux)\n' +
@ -156,16 +156,16 @@ describe("Packet", function() {
const parsed = new openpgp.packet.List();
parsed.read(msgbytes);
parsed[0].decrypt('test');
return parsed[0].decrypt('test').then(() => {
const key = parsed[0].sessionKey;
return parsed[1].decrypt(parsed[0].sessionKeyAlgorithm, key).then(() => {
const compressed = parsed[1].packets[0];
const key = parsed[0].sessionKey;
parsed[1].decrypt(parsed[0].sessionKeyAlgorithm, key);
const compressed = parsed[1].packets[0];
const result = stringify(compressed.packets[0].data);
const result = stringify(compressed.packets[0].data);
expect(result).to.equal('Hello world!\n');
done();
expect(result).to.equal('Hello world!\n');
});
});
});
it('Public key encrypted symmetric key packet', function() {
@ -187,13 +187,13 @@ describe("Packet", function() {
enc.publicKeyAlgorithm = 'rsa_encrypt';
enc.sessionKeyAlgorithm = 'aes256';
enc.publicKeyId.bytes = '12345678';
enc.encrypt({ params: mpi }).then(() => {
return enc.encrypt({ params: mpi }).then(() => {
msg.push(enc);
msg2.read(msg.write());
msg2[0].decrypt({ params: mpi }).then(() => {
return msg2[0].decrypt({ params: mpi }).then(() => {
expect(stringify(msg2[0].sessionKey)).to.equal(stringify(enc.sessionKey));
expect(msg2[0].sessionKeyAlgorithm).to.equal(enc.sessionKeyAlgorithm);
@ -299,8 +299,8 @@ describe("Packet", function() {
const msg = new openpgp.packet.List();
msg.read(openpgp.armor.decode(armored_msg).data);
return msg[0].decrypt(key).then(() => {
return msg[1].decrypt(msg[0].sessionKeyAlgorithm, msg[0].sessionKey);
return msg[0].decrypt(key).then(async () => {
await msg[1].decrypt(msg[0].sessionKeyAlgorithm, msg[0].sessionKey);
const text = stringify(msg[1].packets[0].packets[0].data);
@ -339,7 +339,7 @@ describe("Packet", function() {
expect(stringify(msg2[1].packets[0].data)).to.equal(stringify(literal.data));
});
it('Secret key encryption/decryption test', function() {
it('Secret key encryption/decryption test', async function() {
const armored_msg =
'-----BEGIN PGP MESSAGE-----\n' +
'Version: GnuPG v2.0.19 (GNU/Linux)\n' +
@ -355,13 +355,13 @@ describe("Packet", function() {
let key = new openpgp.packet.List();
key.read(openpgp.armor.decode(armored_key).data);
key = key[3];
key.decrypt('test');
await key.decrypt('test');
const msg = new openpgp.packet.List();
msg.read(openpgp.armor.decode(armored_msg).data);
return msg[0].decrypt(key).then(() => {
return msg[1].decrypt(msg[0].sessionKeyAlgorithm, msg[0].sessionKey);
return msg[0].decrypt(key).then(async () => {
await msg[1].decrypt(msg[0].sessionKeyAlgorithm, msg[0].sessionKey);
const text = stringify(msg[1].packets[0].packets[0].data);
@ -386,7 +386,7 @@ describe("Packet", function() {
]);
});
it('Reading a signed, encrypted message.', function(done) {
it('Reading a signed, encrypted message.', async function() {
const armored_msg =
'-----BEGIN PGP MESSAGE-----\n' +
'Version: GnuPG v2.0.19 (GNU/Linux)\n' +
@ -405,19 +405,19 @@ describe("Packet", function() {
const key = new openpgp.packet.List();
key.read(openpgp.armor.decode(armored_key).data);
key[3].decrypt('test');
await key[3].decrypt('test');
const msg = new openpgp.packet.List();
msg.read(openpgp.armor.decode(armored_msg).data);
msg[0].decrypt(key[3]).then(() => {
msg[1].decrypt(msg[0].sessionKeyAlgorithm, msg[0].sessionKey);
return msg[0].decrypt(key[3]).then(async () => {
await msg[1].decrypt(msg[0].sessionKeyAlgorithm, msg[0].sessionKey);
const payload = msg[1].packets[0].packets;
expect(payload[2].verify(
await expect(payload[2].verify(
key[0], payload[1]
)).to.eventually.be.true.notify(done);
)).to.eventually.be.true;
});
});
@ -428,7 +428,7 @@ describe("Packet", function() {
const rsa = openpgp.crypto.publicKey.rsa;
const keySize = openpgp.util.getWebCryptoAll() ? 2048 : 512; // webkit webcrypto accepts minimum 2048 bit keys
return rsa.generate(keySize, "10001").then(function(mpiGen) {
return rsa.generate(keySize, "10001").then(async function(mpiGen) {
let mpi = [mpiGen.n, mpiGen.e, mpiGen.d, mpiGen.p, mpiGen.q, mpiGen.u];
mpi = mpi.map(function(k) {
return new openpgp.MPI(k);
@ -436,13 +436,13 @@ describe("Packet", function() {
key[0].params = mpi;
key[0].algorithm = "rsa_sign";
key[0].encrypt('hello');
await key[0].encrypt('hello');
const raw = key.write();
const key2 = new openpgp.packet.List();
key2.read(raw);
key2[0].decrypt('hello');
await key2[0].decrypt('hello');
expect(key[0].params.toString()).to.equal(key2[0].params.toString());
});
@ -473,7 +473,7 @@ describe("Packet", function() {
signature.publicKeyAlgorithm = 'rsa_sign';
signature.signatureType = 'binary';
signature.sign(key, literal).then(() => {
signature.sign(key, literal).then(async () => {
signed.push(literal);
signed.push(signature);
@ -483,8 +483,8 @@ describe("Packet", function() {
const signed2 = new openpgp.packet.List();
signed2.read(raw);
expect(signed2[1].verify(key, signed2[0])).to.eventually.be.true;
});
await expect(signed2[1].verify(key, signed2[0])).to.eventually.be.true;
});
});
});
});

44
test/general/signature.js
View File

@ -324,11 +324,11 @@ describe("Signature", function() {
'=Q4tk',
'-----END PGP MESSAGE-----'].join('\n');
it('Testing signature checking on CAST5-enciphered message', function() {
it('Testing signature checking on CAST5-enciphered message', async function() {
const priv_key = openpgp.key.readArmored(priv_key_arm1).keys[0];
const pub_key = openpgp.key.readArmored(pub_key_arm1).keys[0];
const msg = openpgp.message.readArmored(msg_arm1);
priv_key.decrypt("abcd");
await priv_key.decrypt("abcd");
return openpgp.decrypt({ privateKeys: priv_key, publicKeys:[pub_key], message:msg }).then(function(decrypted) {
expect(decrypted.data).to.exist;
expect(decrypted.signatures[0].valid).to.be.true;
@ -336,7 +336,7 @@ describe("Signature", function() {
});
});
it('Testing GnuPG stripped-key extensions', function() {
it('Testing GnuPG stripped-key extensions', async function() {
// exercises the GnuPG s2k type 1001 extension:
// the secrets on the primary key have been stripped.
const priv_key_gnupg_ext = openpgp.key.readArmored(
@ -369,7 +369,7 @@ describe("Signature", function() {
const pub_key = openpgp.key.readArmored(pub_key_arm1).keys[0];
const msg = openpgp.message.readArmored(msg_arm1);
priv_key_gnupg_ext.subKeys[0].subKey.decrypt("abcd");
await priv_key_gnupg_ext.subKeys[0].subKey.decrypt("abcd");
return msg.decrypt([priv_key_gnupg_ext]).then(function(msg) {
return msg.verify([pub_key]).then(verified => {
expect(verified).to.exist;
@ -426,7 +426,7 @@ describe("Signature", function() {
});
});
it('Verify signature of signed and encrypted message from GPG2 with openpgp.decrypt', function() {
it('Verify signature of signed and encrypted message from GPG2 with openpgp.decrypt', async function() {
const msg_armor =
['-----BEGIN PGP MESSAGE-----',
'Version: GnuPG v2.0.19 (GNU/Linux)',
@ -448,8 +448,7 @@ describe("Signature", function() {
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
const keyids = esMsg.getEncryptionKeyIds();
privKey.decryptKeyPacket(keyids, 'hello world');
await Promise.all(esMsg.getEncryptionKeyIds().map(keyId => privKey.decrypt('hello world', keyId)));
return openpgp.decrypt({ privateKeys: privKey, publicKeys:[pubKey], message:esMsg }).then(function(decrypted) {
expect(decrypted.data).to.exist;
@ -460,7 +459,7 @@ describe("Signature", function() {
});
});
it('Verify signature of signed and encrypted message from PGP 10.3.0 with openpgp.decrypt', function() {
it('Verify signature of signed and encrypted message from PGP 10.3.0 with openpgp.decrypt', async function() {
const msg_armor =
['-----BEGIN PGP MESSAGE-----',
'Version: Encryption Desktop 10.3.0 (Build 9307)',
@ -483,8 +482,7 @@ describe("Signature", function() {
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
const keyids = esMsg.getEncryptionKeyIds();
privKey.decryptKeyPacket(keyids, 'hello world');
await Promise.all(esMsg.getEncryptionKeyIds().map(keyId => privKey.decrypt('hello world', keyId)));
return openpgp.decrypt({ privateKeys: privKey, publicKeys:[pubKey], message:esMsg }).then(function(decrypted) {
expect(decrypted.data).to.exist;
@ -582,11 +580,11 @@ describe("Signature", function() {
});
});
it('Sign text with openpgp.sign and verify with openpgp.verify leads to same string cleartext and valid signatures', function() {
it('Sign text with openpgp.sign and verify with openpgp.verify leads to same string cleartext and valid signatures', async function() {
const plaintext = 'short message\nnext line\n한국어/조선말';
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
privKey.primaryKey.decrypt('hello world');
await privKey.primaryKey.decrypt('hello world');
return openpgp.sign({ privateKeys:[privKey], data:plaintext }).then(function(signed) {
@ -602,11 +600,11 @@ describe("Signature", function() {
});
});
it('Sign text with openpgp.sign and verify with openpgp.verify leads to same bytes cleartext and valid signatures - armored', function() {
it('Sign text with openpgp.sign and verify with openpgp.verify leads to same bytes cleartext and valid signatures - armored', async function() {
const plaintext = openpgp.util.str_to_Uint8Array('short message\nnext line\n한국어/조선말');
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
privKey.primaryKey.decrypt('hello world');
await privKey.primaryKey.decrypt('hello world');
return openpgp.sign({ privateKeys:[privKey], data:plaintext }).then(function(signed) {
@ -622,11 +620,11 @@ describe("Signature", function() {
});
});
it('Sign text with openpgp.sign and verify with openpgp.verify leads to same bytes cleartext and valid signatures - not armored', function() {
it('Sign text with openpgp.sign and verify with openpgp.verify leads to same bytes cleartext and valid signatures - not armored', async function() {
const plaintext = openpgp.util.str_to_Uint8Array('short message\nnext line\n한국어/조선말');
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
privKey.primaryKey.decrypt('hello world');
await privKey.primaryKey.decrypt('hello world');
return openpgp.sign({ privateKeys:[privKey], data:plaintext, armor:false }).then(function(signed) {
@ -690,16 +688,18 @@ describe("Signature", function() {
});
it('Verify primary key revocation signature', function(done) {
// TODO add test with multiple revocation signatures
it('Verify primary key revocation signatures', function(done) {
const pubKey = openpgp.key.readArmored(pub_revoked).keys[0];
expect(pubKey.revocationSignature.verify(
expect(pubKey.revocationSignatures[0].verify(
pubKey.primaryKey, {key: pubKey.primaryKey}
)).to.eventually.be.true.notify(done);
});
it('Verify subkey revocation signature', function(done) {
// TODO add test with multiple revocation signatures
it('Verify subkey revocation signatures', function(done) {
const pubKey = openpgp.key.readArmored(pub_revoked).keys[0];
expect(pubKey.subKeys[0].revocationSignature.verify(
expect(pubKey.subKeys[0].revocationSignatures[0].verify(
pubKey.primaryKey, {key: pubKey.primaryKey, bind: pubKey.subKeys[0].subKey}
)).to.eventually.be.true.notify(done);
});
@ -786,11 +786,11 @@ describe("Signature", function() {
});
});
it('Detached signature signing and verification', function() {
it('Detached signature signing and verification', async function() {
const msg = openpgp.message.fromText('hello');
const pubKey2 = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey2 = openpgp.key.readArmored(priv_key_arm2).keys[0];
privKey2.decrypt('hello world');
await privKey2.decrypt('hello world');
const opt = {numBits: 512, userIds: { name:'test', email:'a@b.com' }, passphrase: null};
if (openpgp.util.getWebCryptoAll()) { opt.numBits = 2048; } // webkit webcrypto accepts minimum 2048 bit keys

36
test/general/x25519.js
View File

@ -184,7 +184,6 @@ describe('X25519 Cryptography', function () {
it('Decrypt and verify message', async function () {
const light = load_pub_key('light');
const night = await load_priv_key('night');
expect(await night.decrypt(data.night.pass)).to.be.true;
const msg = openpgp.message.readArmored(data.night.message_encrypted);
const result = await openpgp.decrypt({ privateKeys: night, publicKeys: [light], message: msg });
@ -198,7 +197,6 @@ describe('X25519 Cryptography', function () {
it('Encrypt and sign message', async function () {
const nightPublic = load_pub_key('night');
const lightPrivate = await load_priv_key('light');
expect(await lightPrivate.decrypt(data.light.pass)).to.be.true;
const encrypted = await openpgp.encrypt({ publicKeys: [nightPublic], privateKeys: [lightPrivate], data: data.light.message + "\n" });
const message = openpgp.message.readArmored(encrypted.data);
@ -219,7 +217,7 @@ describe('X25519 Cryptography', function () {
userIds: {name: "Hi", email: "hi@hel.lo"},
curve: "ed25519"
};
return openpgp.generateKey(options).then(function (firstKey) {
return openpgp.generateKey(options).then(async function (firstKey) {
expect(firstKey).to.exist;
expect(firstKey.privateKeyArmored).to.exist;
expect(firstKey.publicKeyArmored).to.exist;
@ -238,10 +236,10 @@ describe('X25519 Cryptography', function () {
// Self Certificate is valid
const user = hi.users[0];
expect(user.selfCertifications[0].verify(
await expect(user.selfCertifications[0].verify(
primaryKey, { userid: user.userId, key: primaryKey }
)).to.eventually.be.true;
expect(user.verifyCertificate(
await expect(user.verifyCertificate(
primaryKey, user.selfCertifications[0], [hi.toPublic()]
)).to.eventually.equal(openpgp.enums.keyStatus.valid);
@ -249,7 +247,7 @@ describe('X25519 Cryptography', function () {
userIds: { name: "Bye", email: "bye@good.bye" },
curve: "curve25519"
};
return openpgp.generateKey(options).then(function (secondKey) {
return openpgp.generateKey(options).then(async function (secondKey) {
const bye = secondKey.key;
expect(bye.primaryKey.params[0].getName()).to.equal('ed25519');
expect(bye.primaryKey.algorithm).to.equal('eddsa');
@ -258,10 +256,10 @@ describe('X25519 Cryptography', function () {
// Self Certificate is valid
const user = bye.users[0];
expect(user.selfCertifications[0].verify(
await expect(user.selfCertifications[0].verify(
bye.primaryKey, { userid: user.userId, key: bye.primaryKey }
)).to.eventually.be.true;
expect(user.verifyCertificate(
await expect(user.verifyCertificate(
bye.primaryKey, user.selfCertifications[0], [bye.toPublic()]
)).to.eventually.equal(openpgp.enums.keyStatus.valid);
@ -533,17 +531,15 @@ describe('X25519 Cryptography', function () {
'=xeG/',
'-----END PGP PUBLIC KEY BLOCK-----'].join('\n');
const hi = openpgp.key.readArmored(pubKey).keys[0];
return hi.verifyPrimaryUser().then(() => {
const results = hi.getPrimaryUser();
expect(results).to.exist;
expect(results.user).to.exist;
const user = results.user;
expect(user.selfCertifications[0].verify(
hi.primaryKey, {userid: user.userId, key: hi.primaryKey}
)).to.eventually.be.true;
expect(user.verifyCertificate(
hi.primaryKey, user.selfCertifications[0], [hi]
)).to.eventually.equal(openpgp.enums.keyStatus.valid);
});
const results = hi.getPrimaryUser();
expect(results).to.exist;
expect(results.user).to.exist;
const user = results.user;
expect(user.selfCertifications[0].verify(
hi.primaryKey, {userid: user.userId, key: hi.primaryKey}
)).to.eventually.be.true;
expect(user.verifyCertificate(
hi.primaryKey, user.selfCertifications[0], [hi]
)).to.eventually.equal(openpgp.enums.keyStatus.valid);
}); */
});