suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix array index in verify() with multiple pubkeys.

Browse Source 
The log message was showing the Ith userId of the Ith pubkey,
which may not exist. All other code paths use the 0th userid
of the Ith pubkey, do that too.
This commit is contained in:
Brian Bloniarz 2013-02-06 08:31:06 -08:00
parent b128e2c521
commit a2f343995a
3 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
resources/openpgp.js
View File

@ -9679,7 +9679,7 @@ function openpgp_msg_message() {
for (var i = 0 ; i < pubkey.length; i++) {
var tohash = this.text.replace(/\r\n/g,"\n").replace(/\n/g,"\r\n");
if (this.signature.verify(tohash, pubkey[i])) {
util.print_info("Found Good Signature from "+pubkey[i].obj.userIds[i].text+" (0x"+util.hexstrdump(pubkey[i].obj.getKeyId()).substring(8)+")");
util.print_info("Found Good Signature from "+pubkey[i].obj.userIds[0].text+" (0x"+util.hexstrdump(pubkey[i].obj.getKeyId()).substring(8)+")");
result = true;
} else {
util.print_error("Signature verification failed: Bad Signature from "+pubkey[i].obj.userIds[0].text+" (0x"+util.hexstrdump(pubkey[0].obj.getKeyId()).substring(8)+")");

2
resources/openpgp.min.js vendored
View File

@ -363,7 +363,7 @@ this.subKeys.length;a++)b+=" "+this.subKeys[a].toString();return b};this.vali
this.getKeyId();for(b=0;b<this.userIds.length;b++)for(var c=0;c<this.userIds[b].certificationRevocationSignatures.length;c++)if(this.userIds[b].certificationSignatures[c].getIssuer==a&&4!=this.userIds[b].certificationSignatures[c].verifyBasic(this.publicKeyPacket))return!1;return!0}}
function openpgp_msg_message(){this.text="";this.type=this.messagePacket=null;this.decrypt=function(b,a){return this.decryptAndVerifySignature(b,a).text};this.decryptAndVerifySignature=function(b,a,c){if(null==b||null==a||""==a)return null;a=a.decrypt(this,b.keymaterial);if(null==a)return null;b=[];util.print_debug_hexstr_dump("openpgp.msg.messge decrypt:\n",a);var a=openpgp.read_messages_dearmored({text:a,openpgp:a}),d;for(d in a){if(a[d].data)this.text=a[d].data;a[d].signature&&b.push(a[d].verifySignature(c))}return{text:this.text,
validSignatures:b}};this.verifySignature=function(b){var a=!1;if(2==this.signature.tagType){if(!b||0==b.length)if(4==this.signature.version)b=openpgp.keyring.getPublicKeysForKeyId(this.signature.issuerKeyId);else if(3==this.signature.version)b=openpgp.keyring.getPublicKeysForKeyId(this.signature.keyId);else return util.print_error("unknown signature type on message!"),!1;if(0==b.length)util.print_warning("Unable to verify signature of issuer: "+util.hexstrdump(this.signature.issuerKeyId)+". Public key not found in keyring.");
else for(var c=0;c<b.length;c++)this.signature.verify(this.text.replace(/\r\n/g,"\n").replace(/\n/g,"\r\n"),b[c])?(util.print_info("Found Good Signature from "+b[c].obj.userIds[c].text+" (0x"+util.hexstrdump(b[c].obj.getKeyId()).substring(8)+")"),a=!0):util.print_error("Signature verification failed: Bad Signature from "+b[c].obj.userIds[0].text+" (0x"+util.hexstrdump(b[0].obj.getKeyId()).substring(8)+")")}return a};this.toString=function(){var b="Session Keys:\n";if(null!=this.sessionKeys)for(var a=
else for(var c=0;c<b.length;c++)this.signature.verify(this.text.replace(/\r\n/g,"\n").replace(/\n/g,"\r\n"),b[c])?(util.print_info("Found Good Signature from "+b[c].obj.userIds[0].text+" (0x"+util.hexstrdump(b[c].obj.getKeyId()).substring(8)+")"),a=!0):util.print_error("Signature verification failed: Bad Signature from "+b[c].obj.userIds[0].text+" (0x"+util.hexstrdump(b[0].obj.getKeyId()).substring(8)+")")}return a};this.toString=function(){var b="Session Keys:\n";if(null!=this.sessionKeys)for(var a=
0;a<this.sessionKeys.length;a++)b+=this.sessionKeys[a].toString();b+="\n\n EncryptedData:\n";null!=this.encryptedData&&(b+=this.encryptedData.toString());b+="\n\n Signature:\n";null!=this.signature&&(b+=this.signature.toString());b+="\n\n Text:\n";null!=this.signature&&(b+=this.text);return b}}
function openpgp_packet_encrypteddata(){this.tagType=9;this.decryptedData=this.encryptedData=this.packetLength=null;this.decrypt_sym=function(b,a){this.decryptedData=openpgp_crypto_symmetricDecrypt(b,a,this.encryptedData,!0);util.print_debug("openpgp.packet.encryptedintegrityprotecteddata.js\ndata: "+util.hexstrdump(this.decryptedData));return this.decryptedData};this.toString=function(){return"5.7. Symmetrically Encrypted Data Packet (Tag 9)\n length: "+this.packetLength+"\n Used symmetric algorithm: "+
this.algorithmType+"\n encrypted data: Bytes ["+util.hexstrdump(this.encryptedData)+"]\n"};this.read_packet=function(b,a,c){this.packetLength=c;this.encryptedData=b.substring(a,a+c);return this};this.write_packet=function(b,a,c){b=""+openpgp_crypto_symmetricEncrypt(openpgp_crypto_getPrefixRandom(b),b,a,c,!0);return b=openpgp_packet.write_packet_header(9,b.length)+b}}

2
src/openpgp.msg.message.js
View File

@ -99,7 +99,7 @@ function openpgp_msg_message() {
for (var i = 0 ; i < pubkey.length; i++) {
var tohash = this.text.replace(/\r\n/g,"\n").replace(/\n/g,"\r\n");
if (this.signature.verify(tohash, pubkey[i])) {
util.print_info("Found Good Signature from "+pubkey[i].obj.userIds[i].text+" (0x"+util.hexstrdump(pubkey[i].obj.getKeyId()).substring(8)+")");
util.print_info("Found Good Signature from "+pubkey[i].obj.userIds[0].text+" (0x"+util.hexstrdump(pubkey[i].obj.getKeyId()).substring(8)+")");
result = true;
} else {
util.print_error("Signature verification failed: Bad Signature from "+pubkey[i].obj.userIds[0].text+" (0x"+util.hexstrdump(pubkey[0].obj.getKeyId()).substring(8)+")");