mirror of
https://github.com/moparisthebest/mail
synced 2024-11-25 10:22:18 -05:00
Refactor pgp service to use promises
This commit is contained in:
parent
f9f086d622
commit
01e0529854
@ -10,7 +10,9 @@ var util = openpgp.util,
|
||||
/**
|
||||
* High level crypto api that handles all calls to OpenPGP.js
|
||||
*/
|
||||
function PGP() {
|
||||
function PGP($q) {
|
||||
this._q = $q;
|
||||
|
||||
openpgp.config.prefer_hash_algorithm = openpgp.enums.hash.sha256;
|
||||
openpgp.initWorker(config.workerPath + '/openpgp.worker.min.js');
|
||||
}
|
||||
@ -18,29 +20,31 @@ function PGP() {
|
||||
/**
|
||||
* Generate a key pair for the user
|
||||
*/
|
||||
PGP.prototype.generateKeys = function(options, callback) {
|
||||
PGP.prototype.generateKeys = function(options) {
|
||||
var userId, passphrase;
|
||||
|
||||
if (!util.emailRegEx.test(options.emailAddress) || !options.keySize) {
|
||||
callback(new Error('Crypto init failed. Not all options set!'));
|
||||
return;
|
||||
return this._q(function(resolve, reject) {
|
||||
reject(new Error('Crypto init failed. Not all options set!'));
|
||||
});
|
||||
}
|
||||
|
||||
// generate keypair
|
||||
userId = 'Whiteout User <' + options.emailAddress + '>';
|
||||
passphrase = (options.passphrase) ? options.passphrase : undefined;
|
||||
openpgp.generateKeyPair({
|
||||
|
||||
return openpgp.generateKeyPair({
|
||||
keyType: 1, // (keytype 1=RSA)
|
||||
numBits: options.keySize,
|
||||
userId: userId,
|
||||
passphrase: passphrase
|
||||
}).then(function(keys) {
|
||||
callback(null, {
|
||||
return {
|
||||
keyId: keys.key.primaryKey.getKeyId().toHex().toUpperCase(),
|
||||
privateKeyArmored: keys.privateKeyArmored,
|
||||
publicKeyArmored: keys.publicKeyArmored
|
||||
});
|
||||
}).catch(callback);
|
||||
};
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
@ -142,152 +146,164 @@ PGP.prototype.extractPublicKey = function(privateKeyArmored) {
|
||||
/**
|
||||
* Import the user's key pair
|
||||
*/
|
||||
PGP.prototype.importKeys = function(options, callback) {
|
||||
var pubKeyId, privKeyId, self = this;
|
||||
PGP.prototype.importKeys = function(options) {
|
||||
var self = this;
|
||||
return self._q(function(resolve, reject) {
|
||||
var pubKeyId, privKeyId;
|
||||
|
||||
// check options
|
||||
if (!options.privateKeyArmored || !options.publicKeyArmored) {
|
||||
callback(new Error('Importing keys failed. Not all options set!'));
|
||||
return;
|
||||
}
|
||||
// check options
|
||||
if (!options.privateKeyArmored || !options.publicKeyArmored) {
|
||||
reject(new Error('Importing keys failed. Not all options set!'));
|
||||
return;
|
||||
}
|
||||
|
||||
function resetKeys() {
|
||||
self._publicKey = undefined;
|
||||
self._privateKey = undefined;
|
||||
}
|
||||
function resetKeys() {
|
||||
self._publicKey = undefined;
|
||||
self._privateKey = undefined;
|
||||
}
|
||||
|
||||
// read armored keys
|
||||
try {
|
||||
this._publicKey = openpgp.key.readArmored(options.publicKeyArmored).keys[0];
|
||||
this._privateKey = openpgp.key.readArmored(options.privateKeyArmored).keys[0];
|
||||
} catch (e) {
|
||||
resetKeys();
|
||||
callback(new Error('Importing keys failed. Parsing error!'));
|
||||
return;
|
||||
}
|
||||
// read armored keys
|
||||
try {
|
||||
self._publicKey = openpgp.key.readArmored(options.publicKeyArmored).keys[0];
|
||||
self._privateKey = openpgp.key.readArmored(options.privateKeyArmored).keys[0];
|
||||
} catch (e) {
|
||||
resetKeys();
|
||||
reject(new Error('Importing keys failed. Parsing error!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// decrypt private key with passphrase
|
||||
if (!this._privateKey.decrypt(options.passphrase)) {
|
||||
resetKeys();
|
||||
callback(new Error('Incorrect passphrase!'));
|
||||
return;
|
||||
}
|
||||
// decrypt private key with passphrase
|
||||
if (!self._privateKey.decrypt(options.passphrase)) {
|
||||
resetKeys();
|
||||
reject(new Error('Incorrect passphrase!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// check if keys have the same id
|
||||
pubKeyId = this._publicKey.primaryKey.getKeyId().toHex();
|
||||
privKeyId = this._privateKey.primaryKey.getKeyId().toHex();
|
||||
if (!pubKeyId || !privKeyId || pubKeyId !== privKeyId) {
|
||||
resetKeys();
|
||||
callback(new Error('Key IDs dont match!'));
|
||||
return;
|
||||
}
|
||||
// check if keys have the same id
|
||||
pubKeyId = self._publicKey.primaryKey.getKeyId().toHex();
|
||||
privKeyId = self._privateKey.primaryKey.getKeyId().toHex();
|
||||
if (!pubKeyId || !privKeyId || pubKeyId !== privKeyId) {
|
||||
resetKeys();
|
||||
reject(new Error('Key IDs dont match!'));
|
||||
return;
|
||||
}
|
||||
|
||||
callback();
|
||||
resolve();
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
* Export the user's key pair
|
||||
*/
|
||||
PGP.prototype.exportKeys = function(callback) {
|
||||
if (!this._publicKey || !this._privateKey) {
|
||||
callback(new Error('Could not export keys!'));
|
||||
return;
|
||||
}
|
||||
PGP.prototype.exportKeys = function() {
|
||||
var self = this;
|
||||
return self._q(function(resolve, reject) {
|
||||
if (!self._publicKey || !self._privateKey) {
|
||||
reject(new Error('Could not export keys!'));
|
||||
return;
|
||||
}
|
||||
|
||||
callback(null, {
|
||||
keyId: this._publicKey.primaryKey.getKeyId().toHex().toUpperCase(),
|
||||
privateKeyArmored: this._privateKey.armor(),
|
||||
publicKeyArmored: this._publicKey.armor()
|
||||
resolve({
|
||||
keyId: self._publicKey.primaryKey.getKeyId().toHex().toUpperCase(),
|
||||
privateKeyArmored: self._privateKey.armor(),
|
||||
publicKeyArmored: self._publicKey.armor()
|
||||
});
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
* Change the passphrase of an ascii armored private key.
|
||||
*/
|
||||
PGP.prototype.changePassphrase = function(options, callback) {
|
||||
var privKey, packets, newPassphrase, newKeyArmored;
|
||||
PGP.prototype.changePassphrase = function(options) {
|
||||
return this._q(function(resolve, reject) {
|
||||
var privKey, packets, newPassphrase, newKeyArmored;
|
||||
|
||||
// set undefined instead of empty string as passphrase
|
||||
newPassphrase = (options.newPassphrase) ? options.newPassphrase : undefined;
|
||||
// set undefined instead of empty string as passphrase
|
||||
newPassphrase = (options.newPassphrase) ? options.newPassphrase : undefined;
|
||||
|
||||
if (!options.privateKeyArmored) {
|
||||
callback(new Error('Private key must be specified to change passphrase!'));
|
||||
return;
|
||||
}
|
||||
|
||||
if (options.oldPassphrase === newPassphrase ||
|
||||
(!options.oldPassphrase && !newPassphrase)) {
|
||||
callback(new Error('New and old passphrase are the same!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// read armored key
|
||||
try {
|
||||
privKey = openpgp.key.readArmored(options.privateKeyArmored).keys[0];
|
||||
} catch (e) {
|
||||
callback(new Error('Importing key failed. Parsing error!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// decrypt private key with passphrase
|
||||
if (!privKey.decrypt(options.oldPassphrase)) {
|
||||
callback(new Error('Old passphrase incorrect!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// encrypt key with new passphrase
|
||||
try {
|
||||
packets = privKey.getAllKeyPackets();
|
||||
for (var i = 0; i < packets.length; i++) {
|
||||
packets[i].encrypt(newPassphrase);
|
||||
if (!options.privateKeyArmored) {
|
||||
reject(new Error('Private key must be specified to change passphrase!'));
|
||||
return;
|
||||
}
|
||||
newKeyArmored = privKey.armor();
|
||||
} catch (e) {
|
||||
callback(new Error('Setting new passphrase failed!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// check if new passphrase really works
|
||||
if (!privKey.decrypt(newPassphrase)) {
|
||||
callback(new Error('Decrypting key with new passphrase failed!'));
|
||||
return;
|
||||
}
|
||||
if (options.oldPassphrase === newPassphrase ||
|
||||
(!options.oldPassphrase && !newPassphrase)) {
|
||||
reject(new Error('New and old passphrase are the same!'));
|
||||
return;
|
||||
}
|
||||
|
||||
callback(null, newKeyArmored);
|
||||
// read armored key
|
||||
try {
|
||||
privKey = openpgp.key.readArmored(options.privateKeyArmored).keys[0];
|
||||
} catch (e) {
|
||||
reject(new Error('Importing key failed. Parsing error!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// decrypt private key with passphrase
|
||||
if (!privKey.decrypt(options.oldPassphrase)) {
|
||||
reject(new Error('Old passphrase incorrect!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// encrypt key with new passphrase
|
||||
try {
|
||||
packets = privKey.getAllKeyPackets();
|
||||
for (var i = 0; i < packets.length; i++) {
|
||||
packets[i].encrypt(newPassphrase);
|
||||
}
|
||||
newKeyArmored = privKey.armor();
|
||||
} catch (e) {
|
||||
reject(new Error('Setting new passphrase failed!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// check if new passphrase really works
|
||||
if (!privKey.decrypt(newPassphrase)) {
|
||||
reject(new Error('Decrypting key with new passphrase failed!'));
|
||||
return;
|
||||
}
|
||||
|
||||
resolve(newKeyArmored);
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
* Encrypt and sign a pgp message for a list of receivers
|
||||
*/
|
||||
PGP.prototype.encrypt = function(plaintext, publicKeysArmored, callback) {
|
||||
var publicKeys;
|
||||
PGP.prototype.encrypt = function(plaintext, publicKeysArmored) {
|
||||
var self = this;
|
||||
return self._q(function(resolve, reject) {
|
||||
var publicKeys;
|
||||
|
||||
// check keys
|
||||
if (!this._privateKey) {
|
||||
callback(new Error('Error encrypting. Keys must be set!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// parse armored public keys
|
||||
try {
|
||||
if (publicKeysArmored && publicKeysArmored.length) {
|
||||
publicKeys = [];
|
||||
publicKeysArmored.forEach(function(pubkeyArmored) {
|
||||
publicKeys = publicKeys.concat(openpgp.key.readArmored(pubkeyArmored).keys);
|
||||
});
|
||||
// check keys
|
||||
if (!self._privateKey) {
|
||||
reject(new Error('Error encrypting. Keys must be set!'));
|
||||
return;
|
||||
}
|
||||
} catch (err) {
|
||||
callback(new Error('Error encrypting plaintext!'));
|
||||
return;
|
||||
}
|
||||
// parse armored public keys
|
||||
try {
|
||||
if (publicKeysArmored && publicKeysArmored.length) {
|
||||
publicKeys = [];
|
||||
publicKeysArmored.forEach(function(pubkeyArmored) {
|
||||
publicKeys = publicKeys.concat(openpgp.key.readArmored(pubkeyArmored).keys);
|
||||
});
|
||||
}
|
||||
} catch (err) {
|
||||
reject(new Error('Error encrypting plaintext!'));
|
||||
return;
|
||||
}
|
||||
resolve(publicKeys);
|
||||
|
||||
if (publicKeys) {
|
||||
// encrypt and sign the plaintext
|
||||
openpgp.signAndEncryptMessage(publicKeys, this._privateKey, plaintext).then(callback.bind(null, null)).catch(callback);
|
||||
} else {
|
||||
// if no public keys are available encrypt for myself
|
||||
openpgp.signAndEncryptMessage([this._publicKey], this._privateKey, plaintext).then(callback.bind(null, null)).catch(callback);
|
||||
}
|
||||
}).then(function(publicKeys) {
|
||||
if (publicKeys) {
|
||||
// encrypt and sign the plaintext
|
||||
return openpgp.signAndEncryptMessage(publicKeys, self._privateKey, plaintext);
|
||||
} else {
|
||||
// if no public keys are available encrypt for myself
|
||||
return openpgp.signAndEncryptMessage([self._publicKey], self._privateKey, plaintext);
|
||||
}
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
@ -296,35 +312,42 @@ PGP.prototype.encrypt = function(plaintext, publicKeysArmored, callback) {
|
||||
* @param {String} publicKeyArmored The public key used to sign the message
|
||||
* @param {Function} callback(error, plaintext, signaturesValid) signaturesValid is undefined in case there are no signature, null in case there are signatures but the wrong public key or no key was used to verify, true if the signature was successfully verified, or false if the signataure verification failed.
|
||||
*/
|
||||
PGP.prototype.decrypt = function(ciphertext, publicKeyArmored, callback) {
|
||||
var publicKeys, message;
|
||||
PGP.prototype.decrypt = function(ciphertext, publicKeyArmored) {
|
||||
var self = this;
|
||||
return self._q(function(resolve, reject) {
|
||||
var publicKeys, message;
|
||||
|
||||
// check keys
|
||||
if (!this._privateKey) {
|
||||
callback(new Error('Error decrypting. Keys must be set!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// read keys and ciphertext message
|
||||
try {
|
||||
if (publicKeyArmored) {
|
||||
// parse public keys if available ...
|
||||
publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
|
||||
} else {
|
||||
// use own public key to know if signatures are available
|
||||
publicKeys = [this._publicKey];
|
||||
// check keys
|
||||
if (!self._privateKey) {
|
||||
reject(new Error('Error decrypting. Keys must be set!'));
|
||||
return;
|
||||
}
|
||||
message = openpgp.message.readArmored(ciphertext);
|
||||
} catch (err) {
|
||||
callback(new Error('Error parsing encrypted PGP message!'));
|
||||
return;
|
||||
}
|
||||
// read keys and ciphertext message
|
||||
try {
|
||||
if (publicKeyArmored) {
|
||||
// parse public keys if available ...
|
||||
publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
|
||||
} else {
|
||||
// use own public key to know if signatures are available
|
||||
publicKeys = [self._publicKey];
|
||||
}
|
||||
message = openpgp.message.readArmored(ciphertext);
|
||||
} catch (err) {
|
||||
reject(new Error('Error parsing encrypted PGP message!'));
|
||||
return;
|
||||
}
|
||||
resolve(publicKeys, message);
|
||||
|
||||
// decrypt and verify pgp message
|
||||
openpgp.decryptAndVerifyMessage(this._privateKey, publicKeys, message).then(function(decrypted) {
|
||||
}).then(function(publicKeys, message) {
|
||||
// decrypt and verify pgp message
|
||||
return openpgp.decryptAndVerifyMessage(self._privateKey, publicKeys, message);
|
||||
}).then(function(decrypted) {
|
||||
// return decrypted plaintext
|
||||
callback(null, decrypted.text, checkSignatureValidity(decrypted.signatures));
|
||||
}).catch(callback);
|
||||
return {
|
||||
decrypted: decrypted.text,
|
||||
signaturesValid: checkSignatureValidity(decrypted.signatures)
|
||||
};
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
@ -333,34 +356,37 @@ PGP.prototype.decrypt = function(ciphertext, publicKeyArmored, callback) {
|
||||
* @param {String} publicKeyArmored The public key used to signed the message
|
||||
* @param {Function} callback(error, signaturesValid) signaturesValid is undefined in case there are no signature, null in case there are signatures but the wrong public key or no key was used to verify, true if the signature was successfully verified, or false if the signataure verification failed.
|
||||
*/
|
||||
PGP.prototype.verifyClearSignedMessage = function(clearSignedText, publicKeyArmored, callback) {
|
||||
var publicKeys,
|
||||
message;
|
||||
PGP.prototype.verifyClearSignedMessage = function(clearSignedText, publicKeyArmored) {
|
||||
var self = this;
|
||||
return self._q(function(resolve, reject) {
|
||||
var publicKeys, message;
|
||||
|
||||
// check keys
|
||||
if (!this._privateKey) {
|
||||
callback(new Error('Error verifying signed PGP message. Keys must be set!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// read keys and ciphertext message
|
||||
try {
|
||||
if (publicKeyArmored) {
|
||||
// parse public keys if available ...
|
||||
publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
|
||||
} else {
|
||||
// use own public key to know if signatures are available
|
||||
publicKeys = [this._publicKey];
|
||||
// check keys
|
||||
if (!self._privateKey) {
|
||||
reject(new Error('Error verifying signed PGP message. Keys must be set!'));
|
||||
return;
|
||||
}
|
||||
message = openpgp.cleartext.readArmored(clearSignedText);
|
||||
} catch (err) {
|
||||
callback(new Error('Error verifying signed PGP message!'));
|
||||
return;
|
||||
}
|
||||
// read keys and ciphertext message
|
||||
try {
|
||||
if (publicKeyArmored) {
|
||||
// parse public keys if available ...
|
||||
publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
|
||||
} else {
|
||||
// use own public key to know if signatures are available
|
||||
publicKeys = [self._publicKey];
|
||||
}
|
||||
message = openpgp.cleartext.readArmored(clearSignedText);
|
||||
} catch (err) {
|
||||
reject(new Error('Error verifying signed PGP message!'));
|
||||
return;
|
||||
}
|
||||
resolve(publicKeys, message);
|
||||
|
||||
openpgp.verifyClearSignedMessage(publicKeys, message).then(function(result) {
|
||||
callback(null, checkSignatureValidity(result.signatures));
|
||||
}).catch(callback);
|
||||
}).then(function(publicKeys, message) {
|
||||
return openpgp.verifyClearSignedMessage(publicKeys, message);
|
||||
}).then(function(result) {
|
||||
return checkSignatureValidity(result.signatures);
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
@ -370,39 +396,40 @@ PGP.prototype.verifyClearSignedMessage = function(clearSignedText, publicKeyArmo
|
||||
* @param {String} publicKeyArmored The public key used to signed the message
|
||||
* @param {Function} callback(error, signaturesValid) signaturesValid is undefined in case there are no signature, null in case there are signatures but the wrong public key or no key was used to verify, true if the signature was successfully verified, or false if the signataure verification failed.
|
||||
*/
|
||||
PGP.prototype.verifySignedMessage = function(message, pgpSignature, publicKeyArmored, callback) {
|
||||
var publicKeys;
|
||||
PGP.prototype.verifySignedMessage = function(message, pgpSignature, publicKeyArmored) {
|
||||
var self = this;
|
||||
return self._q(function(resolve, reject) {
|
||||
var publicKeys, signatures;
|
||||
|
||||
// check keys
|
||||
if (!this._privateKey) {
|
||||
callback(new Error('Error verifying signed PGP message. Keys must be set!'));
|
||||
return;
|
||||
}
|
||||
|
||||
// read keys and ciphertext message
|
||||
try {
|
||||
if (publicKeyArmored) {
|
||||
// parse public keys if available ...
|
||||
publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
|
||||
} else {
|
||||
// use own public key to know if signatures are available
|
||||
publicKeys = [this._publicKey];
|
||||
// check keys
|
||||
if (!self._privateKey) {
|
||||
reject(new Error('Error verifying signed PGP message. Keys must be set!'));
|
||||
return;
|
||||
}
|
||||
// read keys and ciphertext message
|
||||
try {
|
||||
if (publicKeyArmored) {
|
||||
// parse public keys if available ...
|
||||
publicKeys = openpgp.key.readArmored(publicKeyArmored).keys;
|
||||
} else {
|
||||
// use own public key to know if signatures are available
|
||||
publicKeys = [self._publicKey];
|
||||
}
|
||||
} catch (err) {
|
||||
reject(new Error('Error verifying signed PGP message!'));
|
||||
return;
|
||||
}
|
||||
// check signatures
|
||||
try {
|
||||
var msg = openpgp.message.readSignedContent(message, pgpSignature);
|
||||
signatures = msg.verify(publicKeys);
|
||||
} catch (err) {
|
||||
reject(new Error('Error verifying signed PGP message!'));
|
||||
return;
|
||||
}
|
||||
} catch (err) {
|
||||
callback(new Error('Error verifying signed PGP message!'));
|
||||
return;
|
||||
}
|
||||
|
||||
var signatures;
|
||||
try {
|
||||
var msg = openpgp.message.readSignedContent(message, pgpSignature);
|
||||
signatures = msg.verify(publicKeys);
|
||||
} catch (err) {
|
||||
callback(new Error('Error verifying signed PGP message!'));
|
||||
return;
|
||||
}
|
||||
|
||||
callback(null, checkSignatureValidity(signatures));
|
||||
resolve(checkSignatureValidity(signatures));
|
||||
});
|
||||
};
|
||||
|
||||
/**
|
||||
|
Loading…
Reference in New Issue
Block a user