Rename config.unsafe_stream to allow_unauthenticated_stream
This commit is contained in:
Daniel Huigens
parent
2b30ab9c8f
commit
e66d44e42d
|
|
@ -93,6 +93,11 @@ export default {
|
|||
* @property {Boolean} ignore_mdc_error Fail on decrypt if message is not integrity protected
|
||||
*/
|
||||
ignore_mdc_error: false,
|
||||
/**
|
||||
* @memberof module:config
|
||||
* @property {Boolean} allow_unauthenticated_stream Stream unauthenticated data before integrity has been checked
|
||||
*/
|
||||
allow_unauthenticated_stream: false,
|
||||
/**
|
||||
* @memberof module:config
|
||||
* @property {Boolean} checksum_required Do not throw error when armor is missing a checksum
|
||||
|
|
|
|||
|
|
@ -148,7 +148,7 @@ SymEncryptedIntegrityProtected.prototype.decrypt = async function (sessionKeyAlg
|
|||
});
|
||||
let packetbytes = stream.slice(bytes, 0, -2);
|
||||
packetbytes = stream.concat([packetbytes, stream.fromAsync(() => verifyHash)]);
|
||||
if (!util.isStream(encrypted) || !config.unsafe_stream) {
|
||||
if (!util.isStream(encrypted) || !config.allow_unauthenticated_stream) {
|
||||
packetbytes = await stream.readToEnd(packetbytes);
|
||||
}
|
||||
await this.packets.read(packetbytes);
|
||||
|
|
|
|||
|
|
@ -226,9 +226,9 @@ describe('Streaming', function() {
|
|||
expect(await openpgp.stream.readToEnd(decrypted.data)).to.deep.equal(util.concatUint8Array(plaintext));
|
||||
});
|
||||
|
||||
it('Encrypt and decrypt larger message roundtrip (unsafe_stream=true)', async function() {
|
||||
let unsafe_streamValue = openpgp.config.unsafe_stream;
|
||||
openpgp.config.unsafe_stream = true;
|
||||
it('Encrypt and decrypt larger message roundtrip (allow_unauthenticated_stream=true)', async function() {
|
||||
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
|
||||
openpgp.config.allow_unauthenticated_stream = true;
|
||||
try {
|
||||
let plaintext = [];
|
||||
let i = 0;
|
||||
|
|
@ -263,13 +263,13 @@ describe('Streaming', function() {
|
|||
expect(await openpgp.stream.readToEnd(decrypted.data)).to.deep.equal(util.concatUint8Array(plaintext));
|
||||
expect(decrypted.signatures).to.exist.and.have.length(0);
|
||||
} finally {
|
||||
openpgp.config.unsafe_stream = unsafe_streamValue;
|
||||
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
|
||||
}
|
||||
});
|
||||
|
||||
it('Encrypt and decrypt larger message roundtrip using public keys (unsafe_stream=true)', async function() {
|
||||
let unsafe_streamValue = openpgp.config.unsafe_stream;
|
||||
openpgp.config.unsafe_stream = true;
|
||||
it('Encrypt and decrypt larger message roundtrip using public keys (allow_unauthenticated_stream=true)', async function() {
|
||||
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
|
||||
openpgp.config.allow_unauthenticated_stream = true;
|
||||
try {
|
||||
const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
|
||||
const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
|
||||
|
|
@ -308,13 +308,13 @@ describe('Streaming', function() {
|
|||
if (i > 10) throw new Error('Data did not arrive early.');
|
||||
expect(await openpgp.stream.readToEnd(decrypted.data)).to.deep.equal(util.concatUint8Array(plaintext));
|
||||
} finally {
|
||||
openpgp.config.unsafe_stream = unsafe_streamValue;
|
||||
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
|
||||
}
|
||||
});
|
||||
|
||||
it('Detect MDC modifications (unsafe_stream=true)', async function() {
|
||||
let unsafe_streamValue = openpgp.config.unsafe_stream;
|
||||
openpgp.config.unsafe_stream = true;
|
||||
it('Detect MDC modifications (allow_unauthenticated_stream=true)', async function() {
|
||||
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
|
||||
openpgp.config.allow_unauthenticated_stream = true;
|
||||
try {
|
||||
let plaintext = [];
|
||||
let i = 0;
|
||||
|
|
@ -352,13 +352,13 @@ describe('Streaming', function() {
|
|||
await expect(openpgp.stream.readToEnd(decrypted.data)).to.be.rejectedWith('Modification detected.');
|
||||
expect(decrypted.signatures).to.exist.and.have.length(0);
|
||||
} finally {
|
||||
openpgp.config.unsafe_stream = unsafe_streamValue;
|
||||
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
|
||||
}
|
||||
});
|
||||
|
||||
it('Detect armor checksum error (unsafe_stream=true)', async function() {
|
||||
let unsafe_streamValue = openpgp.config.unsafe_stream;
|
||||
openpgp.config.unsafe_stream = true;
|
||||
it('Detect armor checksum error (allow_unauthenticated_stream=true)', async function() {
|
||||
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
|
||||
openpgp.config.allow_unauthenticated_stream = true;
|
||||
try {
|
||||
const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
|
||||
const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
|
||||
|
|
@ -401,13 +401,13 @@ describe('Streaming', function() {
|
|||
await expect(openpgp.stream.readToEnd(decrypted.data)).to.be.rejectedWith('Ascii armor integrity check on message failed');
|
||||
expect(decrypted.signatures).to.exist.and.have.length(1);
|
||||
} finally {
|
||||
openpgp.config.unsafe_stream = unsafe_streamValue;
|
||||
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
|
||||
}
|
||||
});
|
||||
|
||||
it('Detect armor checksum error when not passing public keys (unsafe_stream=true)', async function() {
|
||||
let unsafe_streamValue = openpgp.config.unsafe_stream;
|
||||
openpgp.config.unsafe_stream = true;
|
||||
it('Detect armor checksum error when not passing public keys (allow_unauthenticated_stream=true)', async function() {
|
||||
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
|
||||
openpgp.config.allow_unauthenticated_stream = true;
|
||||
try {
|
||||
const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
|
||||
const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
|
||||
|
|
@ -450,13 +450,13 @@ describe('Streaming', function() {
|
|||
expect(decrypted.signatures).to.exist.and.have.length(1);
|
||||
expect(await decrypted.signatures[0].verified).to.be.null;
|
||||
} finally {
|
||||
openpgp.config.unsafe_stream = unsafe_streamValue;
|
||||
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
|
||||
}
|
||||
});
|
||||
|
||||
it('Sign/verify: Detect armor checksum error (unsafe_stream=true)', async function() {
|
||||
let unsafe_streamValue = openpgp.config.unsafe_stream;
|
||||
openpgp.config.unsafe_stream = true;
|
||||
it('Sign/verify: Detect armor checksum error (allow_unauthenticated_stream=true)', async function() {
|
||||
let allow_unauthenticated_streamValue = openpgp.config.allow_unauthenticated_stream;
|
||||
openpgp.config.allow_unauthenticated_stream = true;
|
||||
try {
|
||||
const pubKey = (await openpgp.key.readArmored(pub_key)).keys[0];
|
||||
const privKey = (await openpgp.key.readArmored(priv_key)).keys[0];
|
||||
|
|
@ -496,7 +496,7 @@ describe('Streaming', function() {
|
|||
await expect(openpgp.stream.readToEnd(decrypted.data)).to.be.rejectedWith('Ascii armor integrity check on message failed');
|
||||
expect(decrypted.signatures).to.exist.and.have.length(1);
|
||||
} finally {
|
||||
openpgp.config.unsafe_stream = unsafe_streamValue;
|
||||
openpgp.config.allow_unauthenticated_stream = allow_unauthenticated_streamValue;
|
||||
}
|
||||
});
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user