suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove top-level streaming options

Browse Source 
Only return a stream if a stream was passed.
This commit is contained in:
Daniel Huigens 2021-03-25 21:28:39 +01:00
parent 91bd9e2c15
commit e599cee6c8
10 changed files with 68 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
openpgp.d.ts vendored
View File

@ -149,16 +149,6 @@ export function readMessage<T extends MaybeStream<Uint8Array>>(options: { binary
export function createMessage<T extends MaybeStream<string>>(options: { text: T, filename?: string, date?: Date, type?: DataPacketType }): Message<T>;
export function createMessage<T extends MaybeStream<Uint8Array>>(options: { bytes: T, filename?: string, date?: Date, type?: DataPacketType }): Message<T>;
export function encrypt<T extends 'web' | 'node' | false>(options: EncryptOptions & { streaming: T, armor: false }): Promise<
T extends 'web' ? WebStream<Uint8Array> :
T extends 'node' ? NodeStream<Uint8Array> :
Uint8Array
>;
export function encrypt<T extends 'web' | 'node' | false>(options: EncryptOptions & { streaming: T }): Promise<
T extends 'web' ? WebStream<string> :
T extends 'node' ? NodeStream<string> :
string
>;
export function encrypt<T extends MaybeStream<Data>>(options: EncryptOptions & { message: Message<T>, armor: false }): Promise<
T extends WebStream<infer X> ? WebStream<Uint8Array> :
T extends NodeStream<infer X> ? NodeStream<Uint8Array> :
@ -170,16 +160,6 @@ export function encrypt<T extends MaybeStream<Data>>(options: EncryptOptions & {
string
>;
export function sign<T extends 'web' | 'node' | false>(options: SignOptions & { streaming: T, armor: false }): Promise<
T extends 'web' ? WebStream<Uint8Array> :
T extends 'node' ? NodeStream<Uint8Array> :
Uint8Array
>;
export function sign<T extends 'web' | 'node' | false>(options: SignOptions & { streaming: T }): Promise<
T extends 'web' ? WebStream<string> :
T extends 'node' ? NodeStream<string> :
string
>;
export function sign<T extends MaybeStream<Data>>(options: SignOptions & { message: Message<T>, armor: false }): Promise<
T extends WebStream<infer X> ? WebStream<Uint8Array> :
T extends NodeStream<infer X> ? NodeStream<Uint8Array> :
@ -192,18 +172,6 @@ export function sign<T extends MaybeStream<Data>>(options: SignOptions & { messa
>;
export function sign(options: SignOptions & { message: CleartextMessage }): Promise<string>;
export function decrypt<T extends 'web' | 'node' | false>(options: DecryptOptions & { streaming: T, format: 'binary' }): Promise<DecryptMessageResult & {
data:
T extends 'web' ? WebStream<Uint8Array> :
T extends 'node' ? NodeStream<Uint8Array> :
Uint8Array
}>;
export function decrypt<T extends 'web' | 'node' | false>(options: DecryptOptions & { streaming: T }): Promise<DecryptMessageResult & {
data:
T extends 'web' ? WebStream<string> :
T extends 'node' ? NodeStream<string> :
string
}>;
export function decrypt<T extends MaybeStream<Data>>(options: DecryptOptions & { message: Message<T>, format: 'binary' }): Promise<DecryptMessageResult & {
data:
T extends WebStream<infer X> ? WebStream<Uint8Array> :
@ -217,18 +185,6 @@ export function decrypt<T extends MaybeStream<Data>>(options: DecryptOptions & {
string
}>;
export function verify<T extends 'web' | 'node' | false>(options: VerifyOptions & { streaming: T, format: 'binary' }): Promise<VerifyMessageResult & {
data:
T extends 'web' ? WebStream<Uint8Array> :
T extends 'node' ? NodeStream<Uint8Array> :
Uint8Array
}>;
export function verify<T extends 'web' | 'node' | false>(options: VerifyOptions & { streaming: T }): Promise<VerifyMessageResult & {
data:
T extends 'web' ? WebStream<string> :
T extends 'node' ? NodeStream<string> :
string
}>;
export function verify<T extends MaybeStream<Data>>(options: VerifyOptions & { message: Message<T>, format: 'binary' }): Promise<VerifyMessageResult & {
data:
T extends WebStream<infer X> ? WebStream<Uint8Array> :
@ -260,12 +216,12 @@ export class Message<T extends MaybeStream<Data>> {
/** Decrypt the message
@param privateKey private key with decrypted secret data
*/
public decrypt(privateKeys?: Key[], passwords?: string[], sessionKeys?: SessionKey[], streaming?: boolean, config?: Config): Promise<Message<MaybeStream<Data>>>;
public decrypt(privateKeys?: Key[], passwords?: string[], sessionKeys?: SessionKey[], config?: Config): Promise<Message<MaybeStream<Data>>>;
/** Encrypt the message
@param keys array of keys, used to encrypt the message
*/
public encrypt(keys?: Key[], passwords?: string[], sessionKeys?: SessionKey[], wildcard?: boolean, encryptionKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], streaming?: boolean, config?: Config): Promise<Message<MaybeStream<Data>>>;
public encrypt(keys?: Key[], passwords?: string[], sessionKeys?: SessionKey[], wildcard?: boolean, encryptionKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], config?: Config): Promise<Message<MaybeStream<Data>>>;
/** Returns the key IDs of the keys to which the session key is encrypted
*/
@ -288,7 +244,7 @@ export class Message<T extends MaybeStream<Data>> {
/** Sign the message (the literal data packet of the message)
@param privateKey private keys with decrypted secret key data for signing
*/
public sign(privateKey: Key[], signature?: Signature, signingKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], streaming?: boolean, config?: Config): Promise<Message<T>>;
public sign(privateKey: Key[], signature?: Signature, signingKeyIDs?: KeyID[], date?: Date, userIDs?: UserID[], config?: Config): Promise<Message<T>>;
/** Unwrap compressed message
*/
@ -297,7 +253,7 @@ export class Message<T extends MaybeStream<Data>> {
/** Verify message signatures
@param keys array of keys to verify signatures
*/
public verify(keys: Key[], date?: Date, streaming?: boolean, config?: Config): Promise<VerificationResult[]>;
public verify(keys: Key[], date?: Date, config?: Config): Promise<VerificationResult[]>;
/**
* Append signature to unencrypted message object
@ -482,8 +438,8 @@ export class SignaturePacket extends BasePacket {
public preferredAEADAlgorithms: enums.aead[] | null;
public verified: null | boolean;
public revoked: null | boolean;
public sign(key: AnySecretKeyPacket, data: Uint8Array, detached?: boolean, streaming?: boolean): Promise<void>;
public verify(key: AnyKeyPacket, signatureType: enums.signature, data: Uint8Array, detached?: boolean, streaming?: boolean, config?: Config): Promise<void>; // throws on error
public sign(key: AnySecretKeyPacket, data: Uint8Array, detached?: boolean): Promise<void>;
public verify(key: AnyKeyPacket, signatureType: enums.signature, data: Uint8Array, detached?: boolean, config?: Config): Promise<void>; // throws on error
public isExpired(date?: Date): boolean;
public getExpirationTime(): Date | typeof Infinity;
}
@ -502,7 +458,7 @@ type DataPacketType = 'utf8' | 'binary' | 'text' | 'mime';
export class PacketList<PACKET_TYPE> extends Array<PACKET_TYPE> {
[index: number]: PACKET_TYPE;
public length: number;
public read(bytes: Uint8Array, allowedPackets?: object, streaming?: boolean, config?: Config): void;
public read(bytes: Uint8Array, allowedPackets?: object, config?: Config): void;
public write(): Uint8Array;
public push(...packet: PACKET_TYPE[]): number;
public pop(): PACKET_TYPE;
@ -563,8 +519,6 @@ interface EncryptOptions {
sessionKey?: SessionKey;
/** if the return values should be ascii armored or the message/signature objects */
armor?: boolean;
/** (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any. */
streaming?: 'web' | 'node' | false;
/** (optional) if the signature should be detached (if true, signature will be added to returned object) */
signature?: Signature;
/** (optional) encrypt as of a certain date */
@ -591,8 +545,6 @@ interface DecryptOptions {
publicKeys?: Key | Key[];
/** (optional) whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. */
format?: 'utf8' | 'binary';
/** (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any. */
streaming?: 'web' | 'node' | false;
/** (optional) detached signature for verification */
signature?: Signature;
/** (optional) use the given date for verification instead of the current time */
@ -604,7 +556,6 @@ interface SignOptions {
message: CleartextMessage | Message<MaybeStream<Data>>;
privateKeys?: Key | Key[];
armor?: boolean;
streaming?: 'web' | 'node' | false;
dataType?: DataPacketType;
detached?: boolean;
date?: Date;
@ -619,8 +570,6 @@ interface VerifyOptions {
message: CleartextMessage | Message<MaybeStream<Data>>;
/** (optional) whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines. */
format?: 'utf8' | 'binary';
/** (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any. */
streaming?: 'web' | 'node' | false;
/** (optional) detached signature for verification */
signature?: Signature;
/** (optional) use the given date for verification instead of the current time */

6
package-lock.json generated
View File

@ -261,9 +261,9 @@
"dev": true
},
"@openpgp/web-stream-tools": {
"version": "0.0.3",
"resolved": "https://registry.npmjs.org/@openpgp/web-stream-tools/-/web-stream-tools-0.0.3.tgz",
"integrity": "sha512-AEcTCwFZSl6LMpFdDbOX1fv+9GwHpkF3h3DZagdFLPNE2yqx6ol6Rb/OnuMiKnpoGm09smCmNb+gHpcqp3Oz0Q==",
"version": "0.0.4",
"resolved": "https://registry.npmjs.org/@openpgp/web-stream-tools/-/web-stream-tools-0.0.4.tgz",
"integrity": "sha512-u6KEn/J4A2ojBkQ0qc9Jgs4nNVK+u7snY3h/SlvwdE8+STh/R3vVXJgkIgsAmWfweE0Ng4TjakrNY9tBI31VJQ==",
"dev": true,
"requires": {
"@mattiasbuelens/web-streams-adapter": "0.1.0-alpha.5",

3
package.json
View File

@ -51,14 +51,13 @@
"postversion": "git push && git push --tags && npm publish"
},
"devDependencies": {
"@mattiasbuelens/web-streams-adapter": "0.1.0-alpha.5",
"@openpgp/asmcrypto.js": "^2.3.2",
"@openpgp/elliptic": "^6.5.1",
"@openpgp/jsdoc": "^3.6.4",
"@openpgp/pako": "^1.0.11",
"@openpgp/seek-bzip": "^1.0.5-git",
"@openpgp/tweetnacl": "^1.0.3",
"@openpgp/web-stream-tools": "0.0.3",
"@openpgp/web-stream-tools": "0.0.4",
"@rollup/plugin-commonjs": "^11.1.0",
"@rollup/plugin-node-resolve": "^7.1.3",
"@rollup/plugin-replace": "^2.3.2",

8
src/message.js
View File

@ -801,9 +801,7 @@ export async function readMessage({ armoredMessage, binaryMessage, config }) {
const streamType = util.isStream(input);
if (streamType) {
await stream.loadStreamsPonyfill();
}
if (streamType === 'node') {
input = stream.nodeToWeb(input);
input = stream.toStream(input);
}
if (armoredMessage) {
const { type, data } = await unarmor(input, config);
@ -839,9 +837,7 @@ export async function createMessage({ text, binary, filename, date = new Date(),
const streamType = util.isStream(input);
if (streamType) {
await stream.loadStreamsPonyfill();
}
if (streamType === 'node') {
input = stream.nodeToWeb(input);
input = stream.toStream(input);
}
const literalDataPacket = new LiteralDataPacket(date);
if (text !== undefined) {

56
src/openpgp.js
View File

@ -16,19 +16,12 @@
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
import * as stream from '@openpgp/web-stream-tools';
import { createReadableStreamWrapper } from '@mattiasbuelens/web-streams-adapter';
import { Message } from './message';
import { CleartextMessage } from './cleartext';
import { generate, reformat, getPreferredAlgo } from './key';
import defaultConfig from './config';
import util from './util';
let toNativeReadable;
if (globalThis.ReadableStream) {
try {
toNativeReadable = createReadableStreamWrapper(globalThis.ReadableStream);
} catch (e) {}
}
//////////////////////
// //
@ -237,7 +230,6 @@ export async function encryptKey({ privateKey, passphrase, config }) {
* @param {String|Array<String>} [options.passwords] - Array of passwords or a single password to encrypt the message
* @param {Object} [options.sessionKey] - Session key in the form: `{ data:Uint8Array, algorithm:String }`
* @param {Boolean} [options.armor=true] - Whether the return values should be ascii armored (true, the default) or binary (false)
* @param {'web'|'ponyfill'|'node'|false} [options.streaming=type of stream `message` was created from, if any] - Whether to return data as a stream
* @param {Signature} [options.signature] - A detached signature to add to the encrypted message
* @param {Boolean} [options.wildcard=false] - Use a key ID of 0 instead of the public key IDs
* @param {Array<module:type/keyid~KeyID>} [options.signingKeyIDs=latest-created valid signing (sub)keys] - Array of key IDs to use for signing. Each `signingKeyIDs[i]` corresponds to `privateKeys[i]`
@ -250,7 +242,7 @@ export async function encryptKey({ privateKey, passphrase, config }) {
* @async
* @static
*/
export function encrypt({ message, publicKeys, privateKeys, passwords, sessionKey, armor = true, streaming = message && message.fromStream, detached = false, signature = null, wildcard = false, signingKeyIDs = [], encryptionKeyIDs = [], date = new Date(), fromUserIDs = [], toUserIDs = [], config }) {
export function encrypt({ message, publicKeys, privateKeys, passwords, sessionKey, armor = true, detached = false, signature = null, wildcard = false, signingKeyIDs = [], encryptionKeyIDs = [], date = new Date(), fromUserIDs = [], toUserIDs = [], config }) {
config = { ...defaultConfig, ...config };
checkMessage(message); publicKeys = toArray(publicKeys); privateKeys = toArray(privateKeys); passwords = toArray(passwords); fromUserIDs = toArray(fromUserIDs); toUserIDs = toArray(toUserIDs);
if (detached) {
@ -258,6 +250,7 @@ export function encrypt({ message, publicKeys, privateKeys, passwords, sessionKe
}
return Promise.resolve().then(async function() {
const streaming = message.fromStream;
if (!privateKeys) {
privateKeys = [];
}
@ -284,7 +277,6 @@ export function encrypt({ message, publicKeys, privateKeys, passwords, sessionKe
* @param {Object|Array<Object>} [options.sessionKeys] - Session keys in the form: { data:Uint8Array, algorithm:String }
* @param {Key|Array<Key>} [options.publicKeys] - Array of public keys or single key, to verify signatures
* @param {'utf8'|'binary'} [options.format='utf8'] - Whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines.
* @param {'web'|'ponyfill'|'node'|false} [options.streaming=type of stream `message` was created from, if any] - Whether to return data as a stream. Defaults to the type of stream `message` was created from, if any.
* @param {Signature} [options.signature] - Detached signature for verification
* @param {Date} [options.date=current date] - Use the given date for verification instead of the current time
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
@ -298,14 +290,14 @@ export function encrypt({ message, publicKeys, privateKeys, passwords, sessionKe
* {
* keyID: module:type/keyid~KeyID,
* verified: Promise<Boolean>,
* valid: Boolean (if streaming was false)
* valid: Boolean (if `message` was not created from a stream)
* }, ...
* ]
* }
* @async
* @static
*/
export function decrypt({ message, privateKeys, passwords, sessionKeys, publicKeys, format = 'utf8', streaming = message && message.fromStream, signature = null, date = new Date(), config }) {
export function decrypt({ message, privateKeys, passwords, sessionKeys, publicKeys, format = 'utf8', signature = null, date = new Date(), config }) {
config = { ...defaultConfig, ...config };
checkMessage(message); publicKeys = toArray(publicKeys); privateKeys = toArray(privateKeys); passwords = toArray(passwords); sessionKeys = toArray(sessionKeys);
@ -319,8 +311,8 @@ export function decrypt({ message, privateKeys, passwords, sessionKeys, publicKe
result.data = format === 'binary' ? decrypted.getLiteralData() : decrypted.getText();
result.filename = decrypted.getFilename();
linkStreams(result, message);
result.data = await convertStream(result.data, streaming, format);
if (!streaming) await prepareSignatures(result.signatures);
result.data = await convertStream(result.data, message.fromStream, format);
if (!message.fromStream) await prepareSignatures(result.signatures);
return result;
}).catch(onError.bind(null, 'Error decrypting message'));
}
@ -339,7 +331,6 @@ export function decrypt({ message, privateKeys, passwords, sessionKeys, publicKe
* @param {CleartextMessage|Message} options.message - (cleartext) message to be signed
* @param {Key|Array<Key>} options.privateKeys - Array of keys or single key with decrypted secret key data to sign cleartext
* @param {Boolean} [options.armor=true] - Whether the return values should be ascii armored (true, the default) or binary (false)
* @param {'web'|'ponyfill'|'node'|false} [options.streaming=type of stream `message` was created from, if any] - Whether to return data as a stream. Defaults to the type of stream `message` was created from, if any.
* @param {Boolean} [options.detached=false] - If the return value should contain a detached signature
* @param {Array<module:type/keyid~KeyID>} [options.signingKeyIDs=latest-created valid signing (sub)keys] - Array of key IDs to use for signing. Each signingKeyIDs[i] corresponds to privateKeys[i]
* @param {Date} [options.date=current date] - Override the creation date of the signature
@ -349,7 +340,7 @@ export function decrypt({ message, privateKeys, passwords, sessionKeys, publicKe
* @async
* @static
*/
export function sign({ message, privateKeys, armor = true, streaming = message && message.fromStream, detached = false, signingKeyIDs = [], date = new Date(), fromUserIDs = [], config }) {
export function sign({ message, privateKeys, armor = true, detached = false, signingKeyIDs = [], date = new Date(), fromUserIDs = [], config }) {
config = { ...defaultConfig, ...config };
checkCleartextOrMessage(message);
if (message instanceof CleartextMessage && !armor) throw new Error("Can't sign non-armored cleartext message");
@ -372,7 +363,7 @@ export function sign({ message, privateKeys, armor = true, streaming = message &
]);
});
}
return convertStream(signature, streaming, armor ? 'utf8' : 'binary');
return convertStream(signature, message.fromStream, armor ? 'utf8' : 'binary');
}).catch(onError.bind(null, 'Error signing message'));
}
@ -382,7 +373,6 @@ export function sign({ message, privateKeys, armor = true, streaming = message &
* @param {Key|Array<Key>} options.publicKeys - Array of publicKeys or single key, to verify signatures
* @param {CleartextMessage|Message} options.message - (cleartext) message object with signatures
* @param {'utf8'|'binary'} [options.format='utf8'] - Whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines.
* @param {'web'|'ponyfill'|'node'|false} [options.streaming=type of stream `message` was created from, if any] - Whether to return data as a stream. Defaults to the type of stream `message` was created from, if any.
* @param {Signature} [options.signature] - Detached signature for verification
* @param {Date} [options.date=current date] - Use the given date for verification instead of the current time
* @param {Object} [options.config] - Custom configuration settings to overwrite those in [config]{@link module:config}
@ -395,14 +385,14 @@ export function sign({ message, privateKeys, armor = true, streaming = message &
* {
* keyID: module:type/keyid~KeyID,
* verified: Promise<Boolean>,
* valid: Boolean (if `streaming` was false)
* valid: Boolean (if `message` was not created from a stream)
* }, ...
* ]
* }
* @async
* @static
*/
export function verify({ message, publicKeys, format = 'utf8', streaming = message && message.fromStream, signature = null, date = new Date(), config }) {
export function verify({ message, publicKeys, format = 'utf8', signature = null, date = new Date(), config }) {
config = { ...defaultConfig, ...config };
checkCleartextOrMessage(message);
if (message instanceof CleartextMessage && format === 'binary') throw new Error("Can't return cleartext message data as binary");
@ -417,9 +407,9 @@ export function verify({ message, publicKeys, format = 'utf8', streaming = messa
result.signatures = await message.verify(publicKeys, date, config);
}
result.data = format === 'binary' ? message.getLiteralData() : message.getText();
if (streaming) linkStreams(result, message);
result.data = await convertStream(result.data, streaming, format);
if (!streaming) await prepareSignatures(result.signatures);
if (message.fromStream) linkStreams(result, message);
result.data = await convertStream(result.data, message.fromStream, format);
if (!message.fromStream) await prepareSignatures(result.signatures);
return result;
}).catch(onError.bind(null, 'Error verifying signed message'));
}
@ -558,31 +548,23 @@ function toArray(param) {
/**
* Convert data to or from Stream
* @param {Object} data - the data to convert
* @param {'web'|'ponyfill'|'node'|false} [options.streaming] - Whether to return a ReadableStream, and of what type
* @param {'utf8'|'binary'} [options.encoding] - How to return data in Node Readable streams
* @param {'web'|'ponyfill'|'node'|false} streaming - Whether to return a ReadableStream, and of what type
* @param {'utf8'|'binary'} [encoding] - How to return data in Node Readable streams
* @returns {Object} The data in the respective format.
* @private
*/
async function convertStream(data, streaming, encoding = 'utf8') {
let streamType = util.isStream(data);
if (!streaming && streamType) {
return stream.readToEnd(data);
}
const streamType = util.isStream(data);
if (streamType === 'array') {
data = await stream.readToEnd(data);
streamType = false;
}
if (streaming && !streamType) {
data = stream.toStream(data);
streamType = util.isStream(data);
return stream.readToEnd(data);
}
if (streaming === 'node') {
data = stream.webToNode(data);
if (encoding !== 'binary') data.setEncoding(encoding);
return data;
}
if (streaming === 'web' && streamType === 'ponyfill' && toNativeReadable) {
return toNativeReadable(data);
if (streaming === 'web' && streamType === 'ponyfill') {
return stream.toNativeReadable(data);
}
return data;
}

8
src/packet/compressed_data.js
View File

@ -79,7 +79,7 @@ class CompressedDataPacket {
* Parsing function for the packet.
* @param {Uint8Array | ReadableStream<Uint8Array>} bytes - Payload of a tag 8 packet
*/
async read(bytes, config, streaming) {
async read(bytes) {
await stream.parse(bytes, async reader => {
// One octet that gives the algorithm used to compress the packet.
@ -88,7 +88,7 @@ class CompressedDataPacket {
// Compressed data, which makes up the remainder of the packet.
this.compressed = reader.remainder();
await this.decompress(streaming);
await this.decompress();
});
}
@ -110,13 +110,13 @@ class CompressedDataPacket {
* Decompression method for decompressing the compressed data
* read by read_packet
*/
async decompress(streaming) {
async decompress() {
if (!decompress_fns[this.algorithm]) {
throw new Error(this.algorithm + ' decompression not supported');
}
await this.packets.read(decompress_fns[this.algorithm](this.compressed), allowedPackets, streaming);
await this.packets.read(decompress_fns[this.algorithm](this.compressed), allowedPackets);
}
/**

28
test/general/openpgp.js
View File

@ -2361,29 +2361,41 @@ module.exports = () => describe('OpenPGP.js public api tests', function() {
it('should streaming sign and verify binary data without one-pass signature', async function () {
const data = new Uint8Array([3, 14, 15, 92, 65, 35, 59]);
const dataStream = global.ReadableStream ? new global.ReadableStream({
start(controller) {
controller.enqueue(data);
controller.close();
}
}) : new (require('stream').Readable)({
read() {
this.push(data);
this.push(null);
}
});
const signOpt = {
message: await openpgp.createMessage({ binary: data }),
message: await openpgp.createMessage({ binary: dataStream }),
privateKeys: privateKey,
armor: false,
streaming: 'web'
armor: false
};
const verifyOpt = {
publicKeys: publicKey,
streaming: 'web',
format: 'binary'
};
const useNativeStream = (() => { try { new global.ReadableStream(); return true; } catch (e) { return false; } })(); // eslint-disable-line no-new
return openpgp.sign(signOpt).then(async function (signed) {
expect(openpgp.stream.isStream(signed)).to.equal(useNativeStream ? 'web' : 'ponyfill');
expect(openpgp.stream.isStream(signed)).to.equal(global.ReadableStream ? 'web' : 'node');
const message = await openpgp.readMessage({ binaryMessage: signed });
message.packets.concat(await openpgp.stream.readToEnd(message.packets.stream, _ => _));
const packets = new openpgp.PacketList();
packets.push(message.packets.findPacket(openpgp.enums.packet.signature));
packets.push(message.packets.findPacket(openpgp.enums.packet.literalData));
verifyOpt.message = await openpgp.readMessage({ binaryMessage: packets.write() });
verifyOpt.message = await openpgp.readMessage({
binaryMessage: openpgp.stream[
global.ReadableStream ? (global.ReadableStream === openpgp.stream.ReadableStream ? 'toStream' : 'toNativeReadable') : 'webToNode'
](packets.write())
});
return openpgp.verify(verifyOpt);
}).then(async function (verified) {
expect(openpgp.stream.isStream(verified.data)).to.equal(useNativeStream ? 'web' : 'ponyfill');
expect(openpgp.stream.isStream(verified.data)).to.equal(global.ReadableStream ? 'web' : 'node');
expect([].slice.call(await openpgp.stream.readToEnd(verified.data))).to.deep.equal([].slice.call(data));
expect(await verified.signatures[0].verified).to.be.true;
expect(await privateKey.getSigningKey(verified.signatures[0].keyID))

64
test/general/streaming.js
View File

@ -418,18 +418,17 @@ function tests() {
expect(openpgp.stream.isStream(encrypted)).to.equal(expectedType);
const message = await openpgp.readMessage({
armoredMessage: openpgp.stream.transform(encrypted, value => {
armoredMessage: openpgp.stream[expectedType === 'node' ? 'webToNode' : global.ReadableStream === openpgp.stream.ReadableStream ? 'toStream' : 'toNativeReadable'](openpgp.stream.transform(encrypted, value => {
value += '';
if (value === '=' || value.length === 5) return; // Remove checksum
const newlineIndex = value.indexOf('\n', 500);
if (value.length > 1000) return value.slice(0, newlineIndex - 1) + (value[newlineIndex - 1] === 'a' ? 'b' : 'a') + value.slice(newlineIndex);
return value;
})
}), { encoding: 'utf8' })
});
const decrypted = await openpgp.decrypt({
passwords: ['test'],
message,
streaming: expectedType,
format: 'binary'
});
expect(openpgp.stream.isStream(decrypted.data)).to.equal(expectedType);
@ -457,18 +456,17 @@ function tests() {
expect(openpgp.stream.isStream(encrypted)).to.equal(expectedType);
const message = await openpgp.readMessage({
armoredMessage: openpgp.stream.transform(encrypted, value => {
armoredMessage: openpgp.stream[expectedType === 'node' ? 'webToNode' : global.ReadableStream === openpgp.stream.ReadableStream ? 'toStream' : 'toNativeReadable'](openpgp.stream.transform(encrypted, value => {
value += '';
const newlineIndex = value.indexOf('\n', 500);
if (value.length > 1000) return value.slice(0, newlineIndex - 1) + (value[newlineIndex - 1] === 'a' ? 'b' : 'a') + value.slice(newlineIndex);
return value;
})
}), { encoding: 'utf8' })
});
const decrypted = await openpgp.decrypt({
publicKeys: pubKey,
privateKeys: privKey,
message,
streaming: expectedType,
format: 'binary'
});
expect(openpgp.stream.isStream(decrypted.data)).to.equal(expectedType);
@ -495,17 +493,16 @@ function tests() {
expect(openpgp.stream.isStream(encrypted)).to.equal(expectedType);
const message = await openpgp.readMessage({
armoredMessage: openpgp.stream.transform(encrypted, value => {
armoredMessage: openpgp.stream[expectedType === 'node' ? 'webToNode' : global.ReadableStream === openpgp.stream.ReadableStream ? 'toStream' : 'toNativeReadable'](openpgp.stream.transform(encrypted, value => {
value += '';
const newlineIndex = value.indexOf('\n', 500);
if (value.length > 1000) return value.slice(0, newlineIndex - 1) + (value[newlineIndex - 1] === 'a' ? 'b' : 'a') + value.slice(newlineIndex);
return value;
})
}), { encoding: 'utf8' })
});
const decrypted = await openpgp.decrypt({
privateKeys: privKey,
message,
streaming: expectedType,
format: 'binary'
});
expect(openpgp.stream.isStream(decrypted.data)).to.equal(expectedType);
@ -529,17 +526,16 @@ function tests() {
expect(openpgp.stream.isStream(signed)).to.equal(expectedType);
const message = await openpgp.readMessage({
armoredMessage: openpgp.stream.transform(signed, value => {
armoredMessage: openpgp.stream[expectedType === 'node' ? 'webToNode' : global.ReadableStream === openpgp.stream.ReadableStream ? 'toStream' : 'toNativeReadable'](openpgp.stream.transform(signed, value => {
value += '';
const newlineIndex = value.indexOf('\n', 500);
if (value.length > 1000) return value.slice(0, newlineIndex - 1) + (value[newlineIndex - 1] === 'a' ? 'b' : 'a') + value.slice(newlineIndex);
return value;
})
}), { encoding: 'utf8' })
});
const verified = await openpgp.verify({
publicKeys: pubKey,
message,
streaming: expectedType,
format: 'binary',
config: { minRSABits: 1024 }
});
@ -671,7 +667,6 @@ function tests() {
message: await openpgp.createMessage({ binary: data }),
privateKeys: privKey,
detached: true,
streaming: expectedType,
config: { minRSABits: 1024 }
});
expect(openpgp.stream.isStream(signed)).to.equal(expectedType);
@ -688,42 +683,6 @@ function tests() {
expect(verified.signatures[0].valid).to.be.true;
});
it('Detached sign small message (not streaming)', async function() {
dataArrived(); // Do not wait until data arrived.
const data = ReadableStream ? new ReadableStream({
start(controller) {
controller.enqueue(util.stringToUint8Array('hello '));
controller.enqueue(util.stringToUint8Array('world'));
controller.close();
}
}) : new NodeReadableStream({
read() {
this.push(util.stringToUint8Array('hello '));
this.push(util.stringToUint8Array('world'));
this.push(null);
}
});
const signed = await openpgp.sign({
message: await openpgp.createMessage({ binary: data }),
privateKeys: privKey,
detached: true,
streaming: false,
armor: false,
config: { minRSABits: 1024 }
});
expect(openpgp.stream.isStream(signed)).to.be.false;
const signature = await openpgp.readMessage({ binaryMessage: signed });
const verified = await openpgp.verify({
signature,
publicKeys: pubKey,
message: await openpgp.createMessage({ text: 'hello world' }),
config: { minRSABits: 1024 }
});
expect(verified.data).to.equal('hello world');
expect(verified.signatures).to.exist.and.have.length(1);
expect(verified.signatures[0].valid).to.be.true;
});
it('Detached sign small message using brainpool curve keys', async function() {
dataArrived(); // Do not wait until data arrived.
const data = ReadableStream ? new ReadableStream({
@ -745,8 +704,7 @@ function tests() {
const signed = await openpgp.sign({
message: await openpgp.createMessage({ binary: data }),
privateKeys: priv,
detached: true,
streaming: expectedType
detached: true
});
expect(openpgp.stream.isStream(signed)).to.equal(expectedType);
const armoredSignature = await openpgp.stream.readToEnd(signed);
@ -782,8 +740,7 @@ function tests() {
const signed = await openpgp.sign({
message: await openpgp.createMessage({ binary: data }),
privateKeys: priv,
detached: true,
streaming: expectedType
detached: true
});
expect(openpgp.stream.isStream(signed)).to.equal(expectedType);
const armoredSignature = await openpgp.stream.readToEnd(signed);
@ -898,7 +855,6 @@ function tests() {
});
const encrypted = await openpgp.encrypt({
message: await openpgp.createMessage({ text: data }),
streaming: expectedType,
passwords: ['test']
});
expect(openpgp.stream.isStream(encrypted)).to.equal(expectedType);

3
test/security/message_signature_bypass.js
View File

@ -97,8 +97,7 @@ async function fakeSignature() {
// faked message now verifies correctly
const res = await openpgp.verify({
message: fake,
publicKeys: await getOtherPubKey(),
streaming: false
publicKeys: await getOtherPubKey()
});
const { signatures } = res;
expect(signatures).to.have.length(0);

4
test/security/subkey_trust.js
View File

@ -29,7 +29,6 @@ async function generateTestData() {
const signed = await openpgp.sign({
message: await createCleartextMessage({ text: 'I am batman' }),
privateKeys: victimPrivKey,
streaming: false,
armor: true
});
return {
@ -68,8 +67,7 @@ async function testSubkeyTrust() {
fakeKey = await readKey({ armoredKey: await fakeKey.toPublic().armor() });
const verifyAttackerIsBatman = await openpgp.verify({
message: await readCleartextMessage({ cleartextMessage: signed }),
publicKeys: fakeKey,
streaming: false
publicKeys: fakeKey
});
expect(verifyAttackerIsBatman.signatures[0].keyID.equals(victimPubKey.subKeys[0].getKeyID())).to.be.true;
expect(verifyAttackerIsBatman.signatures[0].valid).to.be.false;