1
0
mirror of https://github.com/moparisthebest/mail synced 2024-12-22 15:28:49 -05:00

fix signature bug in openpgp.js and integrate into pgp module

This commit is contained in:
Tankred Hase 2013-12-05 23:23:32 +01:00
parent c31435dc59
commit 544fae4aad
3 changed files with 12 additions and 16 deletions

View File

@ -160,8 +160,6 @@ define(function(require) {
} }
try { try {
// format: \n -> \r\n
plaintext = plaintext.replace(/\r\n/g, '\n').replace(/[\t ]+\n/g, "\n").replace(/\n/g, '\r\n');
// encrypt and sign the plaintext // encrypt and sign the plaintext
ct = openpgp.write_signed_and_encrypted_message(privateKey, receiverKeys, plaintext); ct = openpgp.write_signed_and_encrypted_message(privateKey, receiverKeys, plaintext);
} catch (err) { } catch (err) {

View File

@ -7598,7 +7598,7 @@ function openpgp_encoding_deArmor(text) {
// splittedtext[indexBase] - the message // splittedtext[indexBase] - the message
// splittedtext[indexBase + 1] - the signature and checksum // splittedtext[indexBase + 1] - the signature and checksum
var msg = openpgp_encoding_split_headers(splittedtext[indexBase].replace(/^- /mg, '')); var msg = openpgp_encoding_split_headers(splittedtext[indexBase].replace(/^- /mg, '').replace(/[\t ]+\n/g, "\n"));
var sig = openpgp_encoding_split_headers(splittedtext[indexBase + 1].replace(/^- /mg, '')); var sig = openpgp_encoding_split_headers(splittedtext[indexBase + 1].replace(/^- /mg, ''));
var sig_sum = openpgp_encoding_split_checksum(sig.body); var sig_sum = openpgp_encoding_split_checksum(sig.body);
@ -8310,7 +8310,7 @@ function _openpgp () {
*/ */
function write_signed_and_encrypted_message(privatekey, publickeys, messagetext) { function write_signed_and_encrypted_message(privatekey, publickeys, messagetext) {
var result = ""; var result = "";
var literal = new openpgp_packet_literaldata().write_packet(messagetext.replace(/\r\n/g,"\n").replace(/\n/g,"\r\n")); var literal = new openpgp_packet_literaldata().write_packet(messagetext.replace(/\r/g,'').replace(/\n/g,"\r\n"));
util.print_debug_hexstr_dump("literal_packet: |"+literal+"|\n",literal); util.print_debug_hexstr_dump("literal_packet: |"+literal+"|\n",literal);
for (var i = 0; i < publickeys.length; i++) { for (var i = 0; i < publickeys.length; i++) {
var onepasssignature = new openpgp_packet_onepasssignature(); var onepasssignature = new openpgp_packet_onepasssignature();
@ -8367,7 +8367,7 @@ function _openpgp () {
*/ */
function write_encrypted_message(publickeys, messagetext) { function write_encrypted_message(publickeys, messagetext) {
var result = ""; var result = "";
var literal = new openpgp_packet_literaldata().write_packet(messagetext.replace(/\r\n/g,"\n").replace(/\n/g,"\r\n")); var literal = new openpgp_packet_literaldata().write_packet(messagetext.replace(/\r/g,'').replace(/\n/g,"\r\n"));
util.print_debug_hexstr_dump("literal_packet: |"+literal+"|\n",literal); util.print_debug_hexstr_dump("literal_packet: |"+literal+"|\n",literal);
result = literal; result = literal;
@ -8410,9 +8410,10 @@ function _openpgp () {
* This can be directly used to OpenPGP armor the message * This can be directly used to OpenPGP armor the message
*/ */
function write_signed_message(privatekey, messagetext) { function write_signed_message(privatekey, messagetext) {
var sig = new openpgp_packet_signature().write_message_signature(1, messagetext.replace(/\r\n/g,"\n").replace(/\n/g,"\r\n"), privatekey); var canonicalMsgText = messagetext.replace(/\r/g,'').replace(/[\t ]+\n/g, "\n").replace(/\n/g,"\r\n");
var result = {text: messagetext.replace(/\r\n/g,"\n").replace(/\n/g,"\r\n"), openpgp: sig.openpgp, hash: sig.hash}; var sig = new openpgp_packet_signature().write_message_signature(1, canonicalMsgText, privatekey);
return openpgp_encoding_armor(2,result, null, null) var result = {text: canonicalMsgText, openpgp: sig.openpgp, hash: sig.hash};
return openpgp_encoding_armor(2, result, null, null)
} }
/** /**
@ -12130,21 +12131,18 @@ function openpgp_packet_signature() {
break; break;
case 1: // 0x01: Signature of a canonical text document. case 1: // 0x01: Signature of a canonical text document.
var tohash = data var canonicalMsgText = data.replace(/\r/g,'').replace(/\n/g,"\r\n");
.replace(/\r\n/g,"\n")
.replace(/[\t ]+\n/g, "\n")
.replace(/\n/g,"\r\n");
if (openpgp.config.debug) { if (openpgp.config.debug) {
util.print_debug('tohash: '+util.hexdump(tohash)); util.print_debug('canonicalMsgText: '+util.hexdump(canonicalMsgText));
util.print_debug('signatureData: '+util.hexdump(this.signatureData)); util.print_debug('signatureData: '+util.hexdump(this.signatureData));
util.print_debug('trailer: '+util.hexdump(trailer)); util.print_debug('trailer: '+util.hexdump(trailer));
} }
if (this.version == 4) { if (this.version == 4) {
this.verified = openpgp_crypto_verifySignature(this.publicKeyAlgorithm, this.hashAlgorithm, this.verified = openpgp_crypto_verifySignature(this.publicKeyAlgorithm, this.hashAlgorithm,
this.MPIs, key.obj.publicKeyPacket.MPIs, tohash+this.signatureData+trailer); this.MPIs, key.obj.publicKeyPacket.MPIs, canonicalMsgText+this.signatureData+trailer);
} else if (this.version == 3) { } else if (this.version == 3) {
this.verified = openpgp_crypto_verifySignature(this.publicKeyAlgorithm, this.hashAlgorithm, this.verified = openpgp_crypto_verifySignature(this.publicKeyAlgorithm, this.hashAlgorithm,
this.MPIs, key.obj.publicKeyPacket.MPIs, tohash+this.signatureData); this.MPIs, key.obj.publicKeyPacket.MPIs, canonicalMsgText+this.signatureData);
} else { } else {
this.verified = false; this.verified = false;
} }

View File

@ -199,7 +199,7 @@ define(function(require) {
it('should work', function(done) { it('should work', function(done) {
pgp.decrypt(ciphertext, pubkey, function(err, pt) { pgp.decrypt(ciphertext, pubkey, function(err, pt) {
expect(err).to.not.exist; expect(err).to.not.exist;
expect(pt).to.equal(message.replace(/\r\n/g, '\n').replace(/[\t ]+\n/g, "\n").replace(/\n/g, '\r\n')); expect(pt).to.equal(message.replace(/\r\n/g, '\n').replace(/\n/g, '\r\n'));
done(); done();
}); });
}); });