From cddc0988b7971ffc9664d8df1c9b8a41cd472b21 Mon Sep 17 00:00:00 2001 From: Tankred Hase Date: Fri, 19 Dec 2014 11:21:57 +0100 Subject: [PATCH] Fix bug for password decrypt in auth service --- src/js/service/auth.js | 8 ++++++-- test/unit/service/auth-test.js | 5 ++++- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/js/service/auth.js b/src/js/service/auth.js index ec7f875..b4f9041 100644 --- a/src/js/service/auth.js +++ b/src/js/service/auth.js @@ -76,9 +76,13 @@ Auth.prototype.getCredentials = function() { if (self.passwordNeedsDecryption) { // decrypt password - return self._pgp.decrypt(self.password, undefined).then(function(cleartext) { + return self._pgp.decrypt(self.password, undefined).then(function(pt) { + if (!pt.signaturesValid) { + throw new Error('Verifying PGP signature of encrypted password failed!'); + } + self.passwordNeedsDecryption = false; - self.password = cleartext; + self.password = pt.decrypted; }).then(done); } diff --git a/test/unit/service/auth-test.js b/test/unit/service/auth-test.js index b7f70f3..9c57655 100644 --- a/test/unit/service/auth-test.js +++ b/test/unit/service/auth-test.js @@ -74,7 +74,10 @@ describe('Auth unit tests', function() { storageStub.listItems.withArgs(REALNAME_DB_KEY, 0, null).returns(resolves([realname])); storageStub.listItems.withArgs(IMAP_DB_KEY, 0, null).returns(resolves([imap])); storageStub.listItems.withArgs(SMTP_DB_KEY, 0, null).returns(resolves([smtp])); - pgpStub.decrypt.withArgs(encryptedPassword, undefined).returns(resolves(password)); + pgpStub.decrypt.withArgs(encryptedPassword, undefined).returns(resolves({ + decrypted: password, + signaturesValid: true + })); auth.getCredentials().then(function(cred) { expect(auth.emailAddress).to.equal(emailAddress);