openpgp.verify: fix bug preventing verification of detached signature over streamed data

When given a streamed `message` and a detached `signature` in input,
the function would return an empty array as `data` instead of
the input stream, meaning it was not possible to pull it, causing
the `verified` promise to hang indefinitely.

The above issue was introduced v5.0.0-2, and thus affects all v5 releases
up to v5.11.1.

src/openpgp.js

@@ -480,7 +480,7 @@ export async function verify({ message, verificationKeys, expectSigned = false,
       result.signatures = await message.verify(verificationKeys, date, config);
     }
     result.data = format === 'binary' ? message.getLiteralData() : message.getText();
-    if (message.fromStream) linkStreams(result, message);
+    if (message.fromStream && !signature) linkStreams(result, message);
     if (expectSigned) {
       if (result.signatures.length === 0) {
         throw new Error('Message is not signed');

test/general/streaming.js

@@ -653,6 +653,57 @@ function tests() {
     expect(i).to.be.lessThan(expectedType === 'web' ? 50 : 250);
   });
 
+  it('Detached sign/verify: support streamed input', async function() {
+    dataArrived();
+    const signed = await openpgp.sign({
+      message: await openpgp.createMessage({ binary: stream.clone(data) }),
+      signingKeys: privKey,
+      config: { minRSABits: 1024 },
+      detached: true
+    });
+    const armoredSignature = await stream.readToEnd(signed);
+
+    const message = await openpgp.createMessage({ binary: data });
+    const verified = await openpgp.verify({
+      message,
+      signature: await openpgp.readSignature({ armoredSignature }),
+      verificationKeys: pubKey,
+      format: 'binary',
+      config: { minRSABits: 1024 }
+    });
+    expect(await stream.readToEnd(verified.data)).to.deep.equal(util.concatUint8Array(plaintext));
+    expect(verified.signatures).to.exist.and.have.length(1);
+    expect(await verified.signatures[0].verified).to.be.true;
+  });
+
+  it('Detached verify: Input stream should be canceled when canceling verified stream', async function() {
+    const armoredSignature = await openpgp.sign({
+      message: await openpgp.createMessage({ binary: util.concatUint8Array(plaintext) }),
+      signingKeys: privKey,
+      config: { minRSABits: 1024 },
+      detached: true
+    });
+
+    const message = await openpgp.createMessage({ binary: data });
+    const verified = await openpgp.verify({
+      message,
+      signature: await openpgp.readSignature({ armoredSignature }),
+      verificationKeys: pubKey,
+      format: 'binary',
+      config: { minRSABits: 1024 }
+    });
+    expect(stream.isStream(verified.data)).to.equal(expectedType);
+    const reader = stream.getReader(verified.data);
+    expect(await reader.readBytes(1024)).to.deep.equal(plaintext[0]);
+    dataArrived();
+    reader.releaseLock();
+    await stream.cancel(verified.data, new Error('canceled by test'));
+    expect(canceled).to.be.true;
+    expect(verified.signatures).to.exist.and.have.length(1);
+    await expect(verified.signatures[0].verified).to.be.rejectedWith('canceled');
+  });
+
+
   it('Detached sign small message', async function() {
     dataArrived(); // Do not wait until data arrived.
     const data = global.ReadableStream ? new global.ReadableStream({