suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disallow passing streams to readKey[s], readSignature and readCleartextMessage

Browse Source
This commit is contained in:
Daniel Huigens 2021-03-25 23:16:34 +01:00
parent e7594f7d6a
commit e1fc91958c
5 changed files with 44 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/cleartext.js
View File

@ -124,7 +124,7 @@ export class CleartextMessage {
/** /**
* Reads an OpenPGP cleartext signed message and returns a CleartextMessage object * Reads an OpenPGP cleartext signed message and returns a CleartextMessage object
* @param {Object} options * @param {Object} options
* @param {String | ReadableStream<String>} options.cleartextMessage - Text to be parsed * @param {String} options.cleartextMessage - Text to be parsed
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config} * @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
* @returns {CleartextMessage} New cleartext message object. * @returns {CleartextMessage} New cleartext message object.
* @async * @async
@ -135,6 +135,9 @@ export async function readCleartextMessage({ cleartextMessage, config }) {
if (!cleartextMessage) { if (!cleartextMessage) {
throw new Error('readCleartextMessage: must pass options object containing `cleartextMessage`'); throw new Error('readCleartextMessage: must pass options object containing `cleartextMessage`');
} }
if (!util.isString(cleartextMessage)) {
throw new Error('readCleartextMessage: options.cleartextMessage must be a string');
}
const input = await unarmor(cleartextMessage); const input = await unarmor(cleartextMessage);
if (input.type !== enums.armor.signed) { if (input.type !== enums.armor.signed) {
throw new Error('No cleartext signed message.'); throw new Error('No cleartext signed message.');
@ -203,5 +206,8 @@ export async function createCleartextMessage({ text }) {
if (!text) { if (!text) {
throw new Error('createCleartextMessage: must pass options object containing `text`'); throw new Error('createCleartextMessage: must pass options object containing `text`');
} }
if (!util.isString(text)) {
throw new Error('createCleartextMessage: options.text must be a string');
}
return new CleartextMessage(text); return new CleartextMessage(text);
} }

20
src/key/factory.js
View File

@ -253,8 +253,8 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options, conf
/** /**
* Reads an (optionally armored) OpenPGP key and returns a key object * Reads an (optionally armored) OpenPGP key and returns a key object
* @param {Object} options * @param {Object} options
* @param {String | ReadableStream<String>} [options.armoredKey] - Armored key to be parsed * @param {String} [options.armoredKey] - Armored key to be parsed
* @param {Uint8Array | ReadableStream<Uint8Array>} [options.binaryKey] - Binary key to be parsed * @param {Uint8Array} [options.binaryKey] - Binary key to be parsed
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config} * @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
* @returns {Key} Key object. * @returns {Key} Key object.
* @async * @async
@ -265,6 +265,12 @@ export async function readKey({ armoredKey, binaryKey, config }) {
if (!armoredKey && !binaryKey) { if (!armoredKey && !binaryKey) {
throw new Error('readKey: must pass options object containing `armoredKey` or `binaryKey`'); throw new Error('readKey: must pass options object containing `armoredKey` or `binaryKey`');
} }
if (armoredKey && !util.isString(armoredKey)) {
throw new Error('readKey: options.armoredKey must be a string');
}
if (binaryKey && !util.isUint8Array(binaryKey)) {
throw new Error('readKey: options.binaryKey must be a Uint8Array');
}
let input; let input;
if (armoredKey) { if (armoredKey) {
const { type, data } = await unarmor(armoredKey, config); const { type, data } = await unarmor(armoredKey, config);
@ -283,8 +289,8 @@ export async function readKey({ armoredKey, binaryKey, config }) {
/** /**
* Reads an (optionally armored) OpenPGP key block and returns a list of key objects * Reads an (optionally armored) OpenPGP key block and returns a list of key objects
* @param {Object} options * @param {Object} options
* @param {String | ReadableStream<String>} [options.armoredKeys] - Armored keys to be parsed * @param {String} [options.armoredKeys] - Armored keys to be parsed
* @param {Uint8Array | ReadableStream<Uint8Array>} [options.binaryKeys] - Binary keys to be parsed * @param {Uint8Array} [options.binaryKeys] - Binary keys to be parsed
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config} * @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
* @returns {Array<Key>} Key objects. * @returns {Array<Key>} Key objects.
* @async * @async
@ -296,6 +302,12 @@ export async function readKeys({ armoredKeys, binaryKeys, config }) {
if (!input) { if (!input) {
throw new Error('readKeys: must pass options object containing `armoredKeys` or `binaryKeys`'); throw new Error('readKeys: must pass options object containing `armoredKeys` or `binaryKeys`');
} }
if (armoredKeys && !util.isString(armoredKeys)) {
throw new Error('readKeys: options.armoredKeys must be a string');
}
if (binaryKeys && !util.isUint8Array(binaryKeys)) {
throw new Error('readKeys: options.binaryKeys must be a Uint8Array');
}
if (armoredKeys) { if (armoredKeys) {
const { type, data } = await unarmor(armoredKeys, config); const { type, data } = await unarmor(armoredKeys, config);
if (type !== enums.armor.publicKey && type !== enums.armor.privateKey) { if (type !== enums.armor.publicKey && type !== enums.armor.privateKey) {

12
src/message.js
View File

@ -798,6 +798,12 @@ export async function readMessage({ armoredMessage, binaryMessage, config }) {
if (!input) { if (!input) {
throw new Error('readMessage: must pass options object containing `armoredMessage` or `binaryMessage`'); throw new Error('readMessage: must pass options object containing `armoredMessage` or `binaryMessage`');
} }
if (armoredMessage && !util.isString(armoredMessage) && !util.isStream(armoredMessage)) {
throw new Error('readMessage: options.armoredMessage must be a string or stream');
}
if (binaryMessage && !util.isUint8Array(binaryMessage) && !util.isStream(binaryMessage)) {
throw new Error('readMessage: options.binaryMessage must be a Uint8Array or stream');
}
const streamType = util.isStream(input); const streamType = util.isStream(input);
if (streamType) { if (streamType) {
await stream.loadStreamsPonyfill(); await stream.loadStreamsPonyfill();
@ -834,6 +840,12 @@ export async function createMessage({ text, binary, filename, date = new Date(),
if (input === undefined) { if (input === undefined) {
throw new Error('createMessage: must pass options object containing `text` or `binary`'); throw new Error('createMessage: must pass options object containing `text` or `binary`');
} }
if (text && !util.isString(text) && !util.isStream(text)) {
throw new Error('createMessage: options.text must be a string or stream');
}
if (binary && !util.isUint8Array(binary) && !util.isStream(binary)) {
throw new Error('createMessage: options.binary must be a Uint8Array or stream');
}
const streamType = util.isStream(input); const streamType = util.isStream(input);
if (streamType) { if (streamType) {
await stream.loadStreamsPonyfill(); await stream.loadStreamsPonyfill();

10
src/signature.js
View File

@ -56,8 +56,8 @@ export class Signature {
/** /**
* reads an (optionally armored) OpenPGP signature and returns a signature object * reads an (optionally armored) OpenPGP signature and returns a signature object
* @param {Object} options * @param {Object} options
* @param {String | ReadableStream<String>} [options.armoredSignature] - Armored signature to be parsed * @param {String} [options.armoredSignature] - Armored signature to be parsed
* @param {Uint8Array | ReadableStream<Uint8Array>} [options.binarySignature] - Binary signature to be parsed * @param {Uint8Array} [options.binarySignature] - Binary signature to be parsed
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config} * @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
* @returns {Signature} New signature object. * @returns {Signature} New signature object.
* @async * @async
@ -69,6 +69,12 @@ export async function readSignature({ armoredSignature, binarySignature, config
if (!input) { if (!input) {
throw new Error('readSignature: must pass options object containing `armoredSignature` or `binarySignature`'); throw new Error('readSignature: must pass options object containing `armoredSignature` or `binarySignature`');
} }
if (armoredSignature && !util.isString(armoredSignature)) {
throw new Error('readSignature: options.armoredSignature must be a string');
}
if (binarySignature && !util.isUint8Array(binarySignature)) {
throw new Error('readSignature: options.binarySignature must be a Uint8Array');
}
if (armoredSignature) { if (armoredSignature) {
const { type, data } = await unarmor(input, config); const { type, data } = await unarmor(input, config);
if (type !== enums.armor.signature) { if (type !== enums.armor.signature) {

2
test/general/signature.js
View File

@ -1434,7 +1434,7 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA
}); });
it('Should verify cleartext message correctly when using a detached binary signature and text literal data', async function () { it('Should verify cleartext message correctly when using a detached binary signature and text literal data', async function () {
const plaintext = util.encodeUTF8('short message\nnext line \n한국어/조선말'); const plaintext = 'short message\nnext line \n한국어/조선말';
const binaryPlaintext = util.encodeUTF8(plaintext); const binaryPlaintext = util.encodeUTF8(plaintext);
const pubKey = await openpgp.readKey({ armoredKey: pub_key_arm2 }); const pubKey = await openpgp.readKey({ armoredKey: pub_key_arm2 });
const privKey = await openpgp.readKey({ armoredKey: priv_key_arm2 }); const privKey = await openpgp.readKey({ armoredKey: priv_key_arm2 });