[WO-74, WO-80] handle error when decrypting PGP messages

2024-11-26 02:42:17 -05:00 · 2013-11-14 13:57:52 +01:00 · 2013-11-14 13:57:52 +01:00 · 3a57172358
commit 3a57172358
parent 4bb271c406
3 changed files with 58 additions and 11 deletions
--- a/src/js/crypto/pgp.js
+++ b/src/js/crypto/pgp.js
@ -153,7 +153,16 @@ define(function(require) {
            receiverKeys[i] = openpgp.read_publicKey(receiverKeys[i])[0];
        }

-        ct = openpgp.write_signed_and_encrypted_message(privateKey, receiverKeys, plaintext);
+        // encrypt and sign the plaintext
+        try {
+            ct = openpgp.write_signed_and_encrypted_message(privateKey, receiverKeys, plaintext);
+        } catch (err) {
+            callback({
+                errMsg: 'Error encrypting plaintext!',
+                err: err
+            });
+            return;
+        }

        callback(null, ct);
    };
@ -162,12 +171,20 @@ define(function(require) {
     * Decrypt and verify a pgp message for a single sender
     */
    PGP.prototype.decrypt = function(ciphertext, senderKey, callback) {
-        var privateKey = openpgp.keyring.exportPrivateKey(0).obj;
+        var privateKey, msg, keymat, sesskey, decrypted;
+
+        privateKey = openpgp.keyring.exportPrivateKey(0).obj;
        senderKey = openpgp.read_publicKey(senderKey)[0];

-        var msg = openpgp.read_message(ciphertext)[0];
-        var keymat = null;
-        var sesskey = null;
+        try {
+            msg = openpgp.read_message(ciphertext)[0];
+        } catch (err) {
+            callback({
+                errMsg: 'Error decrypting PGP message!',
+                err: err
+            });
+            return;
+        }

        // Find the private (sub)key for the session key of the message
        for (var i = 0; i < msg.sessionKeys.length; i++) {
@ -190,15 +207,26 @@ define(function(require) {
                }
            }
        }
-        if (keymat !== null) {
-            var decrypted = msg.decryptAndVerifySignature(keymat, sesskey, senderKey);
-            callback(null, decrypted.text);

-        } else {
+        if (!keymat) {
            callback({
                errMsg: 'No private key found!'
            });
+            return;
        }
+
+        // decrypt and verify ciphertext
+        try {
+            decrypted = msg.decryptAndVerifySignature(keymat, sesskey, senderKey);
+        } catch (err) {
+            callback({
+                errMsg: 'Error decrypting PGP message!',
+                err: err
+            });
+            return;
+        }
+
+        callback(null, decrypted.text);
    };

    return PGP;
--- a/src/js/dao/email-dao.js
+++ b/src/js/dao/email-dao.js
@ -296,8 +296,7 @@ define(function(require) {
                // decrypt and verfiy signatures
                self._crypto.decrypt(email.body, senderPubkey.publicKey, function(err, decrypted) {
                    if (err) {
-                        callback(err);
-                        return;
+                        decrypted = err.errMsg;
                    }

                    email.body = decrypted;
--- a/test/new-unit/pgp-test.js
+++ b/test/new-unit/pgp-test.js
@ -147,6 +147,16 @@ define(function(require) {
            });

            describe('Encrypt', function() {
+                it('should fail', function(done) {
+                    var input = null;
+
+                    pgp.encrypt(input, [pubkey], function(err, ct) {
+                        expect(err).to.exist;
+                        expect(ct).to.not.exist;
+                        done();
+                    });
+                });
+
                it('should work', function(done) {
                    pgp.encrypt(message, [pubkey], function(err, ct) {
                        expect(err).to.not.exist;
@ -158,6 +168,16 @@ define(function(require) {
            });

            describe('Decrypt', function() {
+                it('should fail', function(done) {
+                    var input = 'asdfa\rsdf';
+
+                    pgp.decrypt(input, pubkey, function(err, pt) {
+                        expect(err).to.exist;
+                        expect(pt).to.not.exist;
+                        done();
+                    });
+                });
+
                it('should work', function(done) {
                    pgp.decrypt(ciphertext, pubkey, function(err, pt) {
                        expect(err).to.not.exist;