Don't keep entire decrypted message in memory while streaming

(When config.allow_unauthenticated_stream is set or the message is AEAD-encrypted.) The issue was that, when hashing the data for verification, we would only start hashing at the very end (and keep the message in memory) because nobody was "pulling" the stream containing the hash yet, so backpressure was keeping the data from being hashed. Note that, of the two patches in this commit, only the onePassSig.hashed property actually mattered, for some reason. Also, the minimum highWaterMark of 1 should have pulled the hashed stream anyway, I think. I'm not sure why that didn't happen.
2020-01-15 19:27:05 +01:00 · 2020-01-15 19:27:05 +01:00 · 9bdeaa927a
commit 9bdeaa927a
parent 6e13604a64
4 changed files with 5 additions and 4 deletions
--- a/src/encoding/armor.js
+++ b/src/encoding/armor.js
@ -312,13 +312,13 @@ function dearmor(input) {
        }
      }));
      data = stream.transformPair(data, async (readable, writable) => {
-        const checksumVerified = getCheckSum(stream.passiveClone(readable));
+        const checksumVerified = stream.readToEnd(getCheckSum(stream.passiveClone(readable)));
        await stream.pipe(readable, writable, {
          preventClose: true
        });
        const writer = stream.getWriter(writable);
        try {
-          const checksumVerifiedString = await stream.readToEnd(checksumVerified);
+          const checksumVerifiedString = await checksumVerified;
          if (checksum !== checksumVerifiedString && (checksum || config.checksum_required)) {
            throw new Error("Ascii armor integrity check on message failed: '" + checksum + "' should be '" +
                    checksumVerifiedString + "'");
--- a/src/message.js
+++ b/src/message.js
@ -585,7 +585,7 @@ Message.prototype.verify = async function(keys, date = new Date(), streaming) {
        onePassSig.correspondingSigReject = reject;
      });
      onePassSig.signatureData = stream.fromAsync(async () => (await onePassSig.correspondingSig).signatureData);
-      onePassSig.hashed = await onePassSig.hash(onePassSig.signatureType, literalDataList[0], undefined, false, streaming);
+      onePassSig.hashed = stream.readToEnd(await onePassSig.hash(onePassSig.signatureType, literalDataList[0], undefined, false, streaming));
    }));
    msg.packets.stream = stream.transformPair(msg.packets.stream, async (readable, writable) => {
      const reader = stream.getReader(readable);
--- a/src/packet/clone.js
+++ b/src/packet/clone.js
@ -87,6 +87,7 @@ function verificationObjectToClone(verObject) {
      try {
        await verified;
        delete packets[0].signature;
+        delete packets[0].hashed;
      } catch (e) {}
      return packets;
    });
--- a/src/packet/signature.js
+++ b/src/packet/signature.js
@ -699,7 +699,7 @@ Signature.prototype.verify = async function (key, signatureType, data, detached
  let toHash;
  let hash;
  if (this.hashed) {
-    hash = this.hashed;
+    hash = await this.hashed;
  } else {
    toHash = this.toHash(signatureType, data, detached);
    if (!streaming) toHash = await stream.readToEnd(toHash);