diff --git a/src/js/crypto/pgp.js b/src/js/crypto/pgp.js index c566511..9c2dcb1 100644 --- a/src/js/crypto/pgp.js +++ b/src/js/crypto/pgp.js @@ -5,8 +5,7 @@ define(function(require) { 'use strict'; var openpgp = require('openpgp').openpgp, - openpgpUtil = require('openpgp').util, - util = require('cryptoLib/util'); + util = require('openpgp').util; var PGP = function() { openpgp.init(); @@ -18,7 +17,7 @@ define(function(require) { PGP.prototype.generateKeys = function(options, callback) { var userId, keys; - if (!util.validateEmailAddress(options.emailAddress) || !options.keySize || typeof options.passphrase !== 'string') { + if (!util.emailRegEx.test(options.emailAddress) || !options.keySize || typeof options.passphrase !== 'string') { callback({ errMsg: 'Crypto init failed. Not all options set!' }); @@ -30,7 +29,7 @@ define(function(require) { keys = openpgp.generate_key_pair(1, options.keySize, userId, options.passphrase); callback(null, { - keyId: openpgpUtil.hexstrdump(keys.privateKey.getKeyId()).toUpperCase(), + keyId: util.hexstrdump(keys.privateKey.getKeyId()).toUpperCase(), privateKeyArmored: keys.privateKeyArmored, publicKeyArmored: keys.publicKeyArmored }); @@ -40,6 +39,8 @@ define(function(require) { * Import the user's key pair */ PGP.prototype.importKeys = function(options, callback) { + var publicKey, privateKey; + // check passphrase if (typeof options.passphrase !== 'string' || !options.privateKeyArmored || !options.publicKeyArmored) { callback({ @@ -57,6 +58,19 @@ define(function(require) { } // import public key openpgp.keyring.importPublicKey(options.publicKeyArmored); + + // check if keys have the same id + privateKey = openpgp.keyring.exportPrivateKey(0); + publicKey = openpgp.keyring.getPublicKeysForKeyId(privateKey.keyId)[0]; + if (!privateKey || !privateKey.armored || !publicKey || !publicKey.armored || privateKey.keyId !== publicKey.keyId) { + // reset keyring + openpgp.keyring.init(); + callback({ + errMsg: 'Key IDs dont match!' + }); + return; + } + callback(); }; @@ -71,7 +85,7 @@ define(function(require) { if (privateKey && privateKey.keyId && privateKey.armored && publicKey && publicKey.armored) { callback(null, { - keyId: openpgpUtil.hexstrdump(privateKey.keyId).toUpperCase(), + keyId: util.hexstrdump(privateKey.keyId).toUpperCase(), privateKeyArmored: privateKey.armored, publicKeyArmored: publicKey.armored }); diff --git a/test/new-unit/pgp-test.js b/test/new-unit/pgp-test.js index 4af5aad..0eb12ee 100644 --- a/test/new-unit/pgp-test.js +++ b/test/new-unit/pgp-test.js @@ -6,7 +6,7 @@ define(function(require) { describe('PGP Crypto Api unit tests', function() { var pgp, - user = "whiteout.test@t-online.de", + user = 'whiteout.test@t-online.de', passphrase = 'asdf', keySize = 512, keyId = 'F6F60E9B42CDFF4C', @@ -45,6 +45,28 @@ define(function(require) { afterEach(function() {}); describe('Generate key pair', function() { + it('should fail', function(done) { + pgp.generateKeys({ + emailAddress: 'whiteout.test@t-onlinede', + keySize: keySize, + passphrase: passphrase + }, function(err, keys) { + expect(err).to.exist; + expect(keys).to.not.exist; + done(); + }); + }); + it('should fail', function(done) { + pgp.generateKeys({ + emailAddress: 'whiteout.testt-online.de', + keySize: keySize, + passphrase: passphrase + }, function(err, keys) { + expect(err).to.exist; + expect(keys).to.not.exist; + done(); + }); + }); it('should work', function(done) { pgp.generateKeys({ emailAddress: user,