diff --git a/src/js/crypto/pgp.js b/src/js/crypto/pgp.js index 36e9587..e6ecd5d 100644 --- a/src/js/crypto/pgp.js +++ b/src/js/crypto/pgp.js @@ -153,7 +153,16 @@ define(function(require) { receiverKeys[i] = openpgp.read_publicKey(receiverKeys[i])[0]; } - ct = openpgp.write_signed_and_encrypted_message(privateKey, receiverKeys, plaintext); + // encrypt and sign the plaintext + try { + ct = openpgp.write_signed_and_encrypted_message(privateKey, receiverKeys, plaintext); + } catch (err) { + callback({ + errMsg: 'Error encrypting plaintext!', + err: err + }); + return; + } callback(null, ct); }; @@ -162,12 +171,20 @@ define(function(require) { * Decrypt and verify a pgp message for a single sender */ PGP.prototype.decrypt = function(ciphertext, senderKey, callback) { - var privateKey = openpgp.keyring.exportPrivateKey(0).obj; + var privateKey, msg, keymat, sesskey, decrypted; + + privateKey = openpgp.keyring.exportPrivateKey(0).obj; senderKey = openpgp.read_publicKey(senderKey)[0]; - var msg = openpgp.read_message(ciphertext)[0]; - var keymat = null; - var sesskey = null; + try { + msg = openpgp.read_message(ciphertext)[0]; + } catch (err) { + callback({ + errMsg: 'Error decrypting PGP message!', + err: err + }); + return; + } // Find the private (sub)key for the session key of the message for (var i = 0; i < msg.sessionKeys.length; i++) { @@ -190,15 +207,26 @@ define(function(require) { } } } - if (keymat !== null) { - var decrypted = msg.decryptAndVerifySignature(keymat, sesskey, senderKey); - callback(null, decrypted.text); - } else { + if (!keymat) { callback({ errMsg: 'No private key found!' }); + return; } + + // decrypt and verify ciphertext + try { + decrypted = msg.decryptAndVerifySignature(keymat, sesskey, senderKey); + } catch (err) { + callback({ + errMsg: 'Error decrypting PGP message!', + err: err + }); + return; + } + + callback(null, decrypted.text); }; return PGP; diff --git a/src/js/dao/email-dao.js b/src/js/dao/email-dao.js index 9d8dcee..65b5997 100644 --- a/src/js/dao/email-dao.js +++ b/src/js/dao/email-dao.js @@ -296,8 +296,7 @@ define(function(require) { // decrypt and verfiy signatures self._crypto.decrypt(email.body, senderPubkey.publicKey, function(err, decrypted) { if (err) { - callback(err); - return; + decrypted = err.errMsg; } email.body = decrypted; diff --git a/test/new-unit/pgp-test.js b/test/new-unit/pgp-test.js index 62fa570..3cb7387 100644 --- a/test/new-unit/pgp-test.js +++ b/test/new-unit/pgp-test.js @@ -147,6 +147,16 @@ define(function(require) { }); describe('Encrypt', function() { + it('should fail', function(done) { + var input = null; + + pgp.encrypt(input, [pubkey], function(err, ct) { + expect(err).to.exist; + expect(ct).to.not.exist; + done(); + }); + }); + it('should work', function(done) { pgp.encrypt(message, [pubkey], function(err, ct) { expect(err).to.not.exist; @@ -158,6 +168,16 @@ define(function(require) { }); describe('Decrypt', function() { + it('should fail', function(done) { + var input = 'asdfa\rsdf'; + + pgp.decrypt(input, pubkey, function(err, pt) { + expect(err).to.exist; + expect(pt).to.not.exist; + done(); + }); + }); + it('should work', function(done) { pgp.decrypt(ciphertext, pubkey, function(err, pt) { expect(err).to.not.exist;