mirror of
				https://github.com/openpgpjs/openpgpjs.git
				synced 2025-10-14 00:59:29 +00:00 
			
		
		
		
	Remove valid and error from the verification result of openpgp.verify and decrypt (#1348)
				
					
				
			This change is to make the code more consistent between the streaming and non-streaming cases. The validity of a signature (or the corresponding verification error) can be determined through the existing `verified` property.
This commit is contained in:
		
							parent
							
								
									ed8db3d31e
								
							
						
					
					
						commit
						3886358592
					
				
							
								
								
									
										51
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										51
									
								
								README.md
									
									
									
									
									
								
							| @ -233,7 +233,13 @@ const openpgp = require('openpgp'); // use as CommonJS, AMD, ES6 module or via w | ||||
|         decryptionKeys: privateKey | ||||
|     }); | ||||
|     console.log(decrypted); // 'Hello, World!' | ||||
|     console.log(signatures[0].valid) // signature validity (signed messages only) | ||||
|     // check signature validity (signed messages only) | ||||
|     try { | ||||
|         await signatures[0].verified; // throws on invalid signature | ||||
|         console.log('Signature is valid'); | ||||
|     } catch (e) { | ||||
|         throw new Error('Signature could not be verified: ' + e.message); | ||||
|     } | ||||
| })(); | ||||
| ``` | ||||
| 
 | ||||
| @ -441,6 +447,7 @@ and a subkey for encryption using Curve25519. | ||||
|         userIDs: [{ name: 'Jon Smith', email: 'jon@example.com' }], // you can pass multiple user IDs | ||||
|         passphrase: 'super long and hard to guess secret', // protects the private key | ||||
|         format: 'armor' // output key format, defaults to 'armor' (other options: 'binary' or 'object') | ||||
|     }); | ||||
| 
 | ||||
|     console.log(privateKey);     // '-----BEGIN PGP PRIVATE KEY BLOCK ... ' | ||||
|     console.log(publicKey);      // '-----BEGIN PGP PUBLIC KEY BLOCK ... ' | ||||
| @ -515,15 +522,16 @@ Using the private key: | ||||
|     const signedMessage = await openpgp.readCleartextMessage({ | ||||
|         cleartextMessage // parse armored message | ||||
|     }); | ||||
|     const verified = await openpgp.verify({ | ||||
|     const verificationResult = await openpgp.verify({ | ||||
|         message: signedMessage, | ||||
|         verificationKeys: publicKey | ||||
|     }); | ||||
|     const { valid } = verified.signatures[0]; | ||||
|     if (valid) { | ||||
|         console.log('signed by key id ' + verified.signatures[0].keyID.toHex()); | ||||
|     } else { | ||||
|         throw new Error('signature could not be verified'); | ||||
|     const { verified, keyID } = verificationResult.signatures[0]; | ||||
|     try { | ||||
|         await verified; // throws on invalid signature | ||||
|         console.log('Signed by key id ' + keyID.toHex()); | ||||
|     } catch (e) { | ||||
|         throw new Error('Signature could not be verified: ' + e.message); | ||||
|     } | ||||
| })(); | ||||
| ``` | ||||
| @ -558,16 +566,17 @@ Using the private key: | ||||
|     const signature = await openpgp.readSignature({ | ||||
|         armoredSignature: detachedSignature // parse detached signature | ||||
|     }); | ||||
|     const verified = await openpgp.verify({ | ||||
|     const verificationResult = await openpgp.verify({ | ||||
|         message, // Message object | ||||
|         signature, | ||||
|         verificationKeys: publicKey | ||||
|     }); | ||||
|     const { valid } = verified.signatures[0]; | ||||
|     if (valid) { | ||||
|         console.log('signed by key id ' + verified.signatures[0].keyID.toHex()); | ||||
|     } else { | ||||
|         throw new Error('signature could not be verified'); | ||||
|     const { verified, keyID } = verificationResult.signatures[0]; | ||||
|     try { | ||||
|         await verified; // throws on invalid signature | ||||
|         console.log('Signed by key id ' + keyID.toHex()); | ||||
|     } catch (e) { | ||||
|         throw new Error('Signature could not be verified: ' + e.message); | ||||
|     } | ||||
| })(); | ||||
| ``` | ||||
| @ -603,21 +612,21 @@ Using the private key: | ||||
|     }); | ||||
|     console.log(signatureArmored); // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----' | ||||
| 
 | ||||
|     const verified = await openpgp.verify({ | ||||
|     const verificationResult = await openpgp.verify({ | ||||
|         message: await openpgp.readMessage({ armoredMessage: signatureArmored }), // parse armored signature | ||||
|         verificationKeys: await openpgp.readKey({ armoredKey: publicKeyArmored }) | ||||
|     }); | ||||
| 
 | ||||
|     for await (const chunk of verified.data) {} | ||||
|     // Note: you *have* to read `verified.data` in some way or other, | ||||
|     for await (const chunk of verificationResult.data) {} | ||||
|     // Note: you *have* to read `verificationResult.data` in some way or other, | ||||
|     // even if you don't need it, as that is what triggers the | ||||
|     // verification of the data. | ||||
| 
 | ||||
|     const valid = await verified.signatures[0].verified; | ||||
|     if (valid) { | ||||
|         console.log('signed by key id ' + verified.signatures[0].keyID.toHex()); | ||||
|     } else { | ||||
|         throw new Error('signature could not be verified'); | ||||
|     try { | ||||
|         await verificationResult.signatures[0].verified; // throws on invalid signature | ||||
|         console.log('Signed by key id ' + verificationResult.signatures[0].keyID.toHex()); | ||||
|      } catch (e) { | ||||
|         throw new Error('Signature could not be verified: ' + e.message); | ||||
|     } | ||||
| })(); | ||||
| ``` | ||||
|  | ||||
							
								
								
									
										14
									
								
								openpgp.d.ts
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										14
									
								
								openpgp.d.ts
									
									
									
									
										vendored
									
									
								
							| @ -38,8 +38,8 @@ export function revokeKey(options: { key: PublicKey, revocationCertificate: stri | ||||
| 
 | ||||
| export abstract class Key { | ||||
|   public readonly keyPacket: PublicKeyPacket | SecretKeyPacket; | ||||
|   public subkeys: Subkey[]; | ||||
|   public users: User[]; | ||||
|   public subkeys: Subkey[]; // do not add/replace users directly
 | ||||
|   public users: User[]; // do not add/replace subkeys directly
 | ||||
|   public revocationSignatures: SignaturePacket[]; | ||||
|   public write(): Uint8Array; | ||||
|   public armor(config?: Config): string; | ||||
| @ -58,7 +58,7 @@ export abstract class Key { | ||||
|   public verifyPrimaryUser(publicKeys: PublicKey[], date?: Date, userIDs?: UserID, config?: Config): Promise<{ keyID: KeyID, valid: boolean | null }[]>; | ||||
|   public verifyAllUsers(publicKeys: PublicKey[], date?: Date, config?: Config): Promise<{ userID: string, keyID: KeyID, valid: boolean | null }[]>; | ||||
|   public isRevoked(signature: SignaturePacket, key?: AnyKeyPacket, date?: Date, config?: Config): Promise<boolean>; | ||||
|   public getRevocationCertificate(date?: Date, config?: Config): Promise<Stream<string> | string | undefined>; | ||||
|   public getRevocationCertificate(date?: Date, config?: Config): Promise<MaybeStream<string> | undefined>; | ||||
|   public getEncryptionKey(keyID?: KeyID, date?: Date | null, userID?: UserID, config?: Config): Promise<this | Subkey>; | ||||
|   public getSigningKey(keyID?: KeyID, date?: Date | null, userID?: UserID, config?: Config): Promise<this | Subkey>; | ||||
|   public getKeys(keyID?: KeyID): (this | Subkey)[]; | ||||
| @ -132,7 +132,7 @@ export class Signature { | ||||
| 
 | ||||
| interface VerificationResult { | ||||
|   keyID: KeyID; | ||||
|   verified: Promise<null | boolean>; | ||||
|   verified: Promise<true>; // throws on invalid signature
 | ||||
|   signature: Promise<Signature>; | ||||
| } | ||||
| 
 | ||||
| @ -265,7 +265,7 @@ export class Message<T extends MaybeStream<Data>> { | ||||
| 
 | ||||
|   /** Get literal data that is the body of the message | ||||
|    */ | ||||
|   public getLiteralData(): Uint8Array | Stream<Uint8Array> | null; | ||||
|   public getLiteralData(): MaybeStream<Uint8Array> | null; | ||||
| 
 | ||||
|   /** Returns the key IDs of the keys that signed the message | ||||
|    */ | ||||
| @ -273,7 +273,7 @@ export class Message<T extends MaybeStream<Data>> { | ||||
| 
 | ||||
|   /** Get literal data as text | ||||
|    */ | ||||
|   public getText(): string | Stream<string> | null; | ||||
|   public getText(): MaybeStream<string> | null; | ||||
| 
 | ||||
|   public getFilename(): string | null; | ||||
| 
 | ||||
| @ -603,7 +603,7 @@ interface DecryptOptions { | ||||
|   /** (optional) passwords to decrypt the message */ | ||||
|   passwords?: MaybeArray<string>; | ||||
|   /** (optional) session keys in the form: { data:Uint8Array, algorithm:String } */ | ||||
|   sessionKeys?: SessionKey | SessionKey[]; | ||||
|   sessionKeys?: MaybeArray<SessionKey>; | ||||
|   /** (optional) array of public keys or single key, to verify signatures */ | ||||
|   verificationKeys?: MaybeArray<PublicKey>; | ||||
|   /** (optional) whether data decryption should fail if the message is not signed with the provided publicKeys */ | ||||
|  | ||||
| @ -83,7 +83,7 @@ export class CleartextMessage { | ||||
|    * @returns {Promise<Array<{ | ||||
|    *   keyID: module:type/keyid~KeyID, | ||||
|    *   signature: Promise<Signature>, | ||||
|    *   verified: Promise<Boolean> | ||||
|    *   verified: Promise<true> | ||||
|    * }>>} List of signer's keyID and validity of signature. | ||||
|    * @async | ||||
|    */ | ||||
|  | ||||
| @ -535,7 +535,7 @@ export class Message { | ||||
|    * @returns {Promise<Array<{ | ||||
|    *   keyID: module:type/keyid~KeyID, | ||||
|    *   signature: Promise<Signature>, | ||||
|    *   verified: Promise<Boolean> | ||||
|    *   verified: Promise<true> | ||||
|    * }>>} List of signer's keyID and validity of signatures. | ||||
|    * @async | ||||
|    */ | ||||
| @ -592,7 +592,7 @@ export class Message { | ||||
|    * @returns {Promise<Array<{ | ||||
|    *   keyID: module:type/keyid~KeyID, | ||||
|    *   signature: Promise<Signature>, | ||||
|    *   verified: Promise<Boolean> | ||||
|    *   verified: Promise<true> | ||||
|    * }>>} List of signer's keyID and validity of signature. | ||||
|    * @async | ||||
|    */ | ||||
| @ -699,7 +699,7 @@ export async function createSignaturePackets(literalDataPacket, signingKeys, sig | ||||
|  * @returns {Promise<{ | ||||
|  *   keyID: module:type/keyid~KeyID, | ||||
|  *   signature: Promise<Signature>, | ||||
|  *   verified: Promise<Boolean> | ||||
|  *   verified: Promise<true> | ||||
|  * }>} signer's keyID and validity of signature | ||||
|  * @async | ||||
|  * @private | ||||
| @ -767,7 +767,7 @@ async function createVerificationObject(signature, literalDataList, verification | ||||
|  * @returns {Promise<Array<{ | ||||
|  *   keyID: module:type/keyid~KeyID, | ||||
|  *   signature: Promise<Signature>, | ||||
|  *   verified: Promise<Boolean> | ||||
|  *   verified: Promise<true> | ||||
|  * }>>} list of signer's keyID and validity of signatures | ||||
|  * @async | ||||
|  * @private | ||||
|  | ||||
| @ -300,8 +300,8 @@ export async function encrypt({ message, encryptionKeys, signingKeys, passwords, | ||||
|  *       signatures: [ | ||||
|  *         { | ||||
|  *           keyID: module:type/keyid~KeyID, | ||||
|  *           verified: Promise<Boolean>, | ||||
|  *           valid: Boolean (if `message` was not created from a stream) | ||||
|  *           verified: Promise<true>, | ||||
|  *           signature: Promise<Signature> | ||||
|  *         }, ... | ||||
|  *       ] | ||||
|  *     } | ||||
| @ -340,7 +340,6 @@ export async function decrypt({ message, decryptionKeys, passwords, sessionKeys, | ||||
|       ]); | ||||
|     } | ||||
|     result.data = await convertStream(result.data, message.fromStream, format); | ||||
|     if (!message.fromStream) await prepareSignatures(result.signatures); | ||||
|     return result; | ||||
|   } catch (err) { | ||||
|     throw util.wrapError('Error decrypting message', err); | ||||
| @ -422,8 +421,8 @@ export async function sign({ message, signingKeys, armor = true, detached = fals | ||||
|  *       signatures: [ | ||||
|  *         { | ||||
|  *           keyID: module:type/keyid~KeyID, | ||||
|  *           verified: Promise<Boolean>, | ||||
|  *           valid: Boolean (if `message` was not created from a stream) | ||||
|  *           verified: Promise<true>, | ||||
|  *           signature: Promise<Signature> | ||||
|  *         }, ... | ||||
|  *       ] | ||||
|  *     } | ||||
| @ -460,7 +459,6 @@ export async function verify({ message, verificationKeys, expectSigned = false, | ||||
|       ]); | ||||
|     } | ||||
|     result.data = await convertStream(result.data, message.fromStream, format); | ||||
|     if (!message.fromStream) await prepareSignatures(result.signatures); | ||||
|     return result; | ||||
|   } catch (err) { | ||||
|     throw util.wrapError('Error verifying signed message', err); | ||||
| @ -653,25 +651,6 @@ function linkStreams(result, message) { | ||||
|   }); | ||||
| } | ||||
| 
 | ||||
| /** | ||||
|  * Wait until signature objects have been verified | ||||
|  * @param {Object} signatures - list of signatures | ||||
|  * @async | ||||
|  * @private | ||||
|  */ | ||||
| async function prepareSignatures(signatures) { | ||||
|   await Promise.all(signatures.map(async signature => { | ||||
|     signature.signature = await signature.signature; | ||||
|     try { | ||||
|       signature.valid = await signature.verified; | ||||
|     } catch (e) { | ||||
|       signature.valid = false; | ||||
|       signature.error = e; | ||||
|       util.printDebugError(e); | ||||
|     } | ||||
|   })); | ||||
| } | ||||
| 
 | ||||
| /** | ||||
|  * Convert the key object to the given format | ||||
|  * @param {Key} key | ||||
|  | ||||
| @ -203,11 +203,11 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= | ||||
|   it('Verify clear signed message', async function () { | ||||
|     const pub = await load_pub_key('juliet'); | ||||
|     const msg = await openpgp.readCleartextMessage({ cleartextMessage: data.juliet.message_signed }); | ||||
|     return openpgp.verify({ verificationKeys: [pub], message: msg }).then(function(result) { | ||||
|     return openpgp.verify({ verificationKeys: [pub], message: msg }).then(async function(result) { | ||||
|       expect(result).to.exist; | ||||
|       expect(result.data).to.equal(data.juliet.message); | ||||
|       expect(result.signatures).to.have.length(1); | ||||
|       expect(result.signatures[0].valid).to.be.true; | ||||
|       expect(await result.signatures[0].verified).to.be.true; | ||||
|     }); | ||||
|   }); | ||||
|   it('Sign message', async function () { | ||||
| @ -220,7 +220,7 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(data.romeo.message); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
|   it('Decrypt and verify message', async function () { | ||||
|     const juliet = await load_pub_key('juliet'); | ||||
| @ -231,7 +231,7 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(data.romeo.message); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
|   it('Decrypt and verify message with leading zero in hash', async function () { | ||||
|     const juliet = await load_priv_key('juliet'); | ||||
| @ -242,7 +242,7 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(data.romeo.message_with_leading_zero_in_hash); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
|   it('Decrypt and verify message with leading zero in hash signed with old elliptic algorithm', async function () { | ||||
|     //this test would not work with nodeCrypto, since message is signed with leading zero stripped from the hash
 | ||||
| @ -256,7 +256,7 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(data.romeo.message_with_leading_zero_in_hash_old_elliptic_implementation); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   it('Encrypt and sign message', async function () { | ||||
| @ -272,7 +272,7 @@ EJ4QcD/oQ6x1M/8X/iKQCtxZP8RnlrbH7ExkNON5s5g= | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(data.romeo.message); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   tryTests('Brainpool Omnibus Tests @lightweight', omnibus, { | ||||
| @ -292,13 +292,13 @@ function omnibus() { | ||||
|     await openpgp.verify({ | ||||
|       message: await openpgp.readCleartextMessage({ cleartextMessage }), | ||||
|       verificationKeys: pubHi | ||||
|     }).then(output => expect(output.signatures[0].valid).to.be.true); | ||||
|     }).then(output => expect(output.signatures[0].verified).to.eventually.be.true); | ||||
|     // Verifying detached signature
 | ||||
|     await openpgp.verify({ | ||||
|       message: await openpgp.createMessage({ text: util.removeTrailingSpaces(testData) }), | ||||
|       verificationKeys: pubHi, | ||||
|       signature: (await openpgp.readCleartextMessage({ cleartextMessage })).signature | ||||
|     }).then(output => expect(output.signatures[0].valid).to.be.true); | ||||
|     }).then(output => expect(output.signatures[0].verified).to.eventually.be.true); | ||||
| 
 | ||||
|     // Encrypting and signing
 | ||||
|     const encrypted = await openpgp.encrypt({ | ||||
| @ -311,9 +311,9 @@ function omnibus() { | ||||
|       message: await openpgp.readMessage({ armoredMessage: encrypted }), | ||||
|       decryptionKeys: bye, | ||||
|       verificationKeys: [pubHi] | ||||
|     }).then(output => { | ||||
|     }).then(async output => { | ||||
|       expect(output.data).to.equal(testData2); | ||||
|       expect(output.signatures[0].valid).to.be.true; | ||||
|       await expect(output.signatures[0].verified).to.eventually.be.true; | ||||
|     }); | ||||
|   }); | ||||
| } | ||||
|  | ||||
| @ -249,7 +249,7 @@ vAFM3jjrAQDgJPXsv8PqCrLGDuMa/2r6SgzYd03aw/xt1WM6hgUvhQD+J54Z | ||||
|       verificationKeys: [key] | ||||
|     }); | ||||
|     expect(data).to.equal(plaintext); | ||||
|     expect(signatures[0].valid).to.be.true; | ||||
|     expect(await signatures[0].verified).to.be.true; | ||||
| 
 | ||||
|     const { data: data2, signatures: signatures2 } = await openpgp.decrypt({ | ||||
|       message: await openpgp.readMessage({ armoredMessage }), | ||||
| @ -258,8 +258,7 @@ vAFM3jjrAQDgJPXsv8PqCrLGDuMa/2r6SgzYd03aw/xt1WM6hgUvhQD+J54Z | ||||
|       config: { minRSABits: 4096 } | ||||
|     }); | ||||
|     expect(data2).to.equal(plaintext); | ||||
|     expect(signatures2[0].valid).to.be.false; | ||||
|     expect(signatures2[0].error).to.match(/keys shorter than 4096 bits are considered too weak/); | ||||
|     await expect(signatures2[0].verified).to.be.rejectedWith(/keys shorter than 4096 bits are considered too weak/); | ||||
| 
 | ||||
|     const { data: data3, signatures: signatures3 } = await openpgp.decrypt({ | ||||
|       message: await openpgp.readMessage({ armoredMessage }), | ||||
| @ -268,8 +267,7 @@ vAFM3jjrAQDgJPXsv8PqCrLGDuMa/2r6SgzYd03aw/xt1WM6hgUvhQD+J54Z | ||||
|       config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.rsaEncryptSign]) } | ||||
|     }); | ||||
|     expect(data3).to.equal(plaintext); | ||||
|     expect(signatures3[0].valid).to.be.false; | ||||
|     expect(signatures3[0].error).to.match(/rsaEncryptSign keys are considered too weak/); | ||||
|     await expect(signatures3[0].verified).to.be.rejectedWith(/rsaEncryptSign keys are considered too weak/); | ||||
|   }); | ||||
| 
 | ||||
|   it('openpgp.sign', async function() { | ||||
| @ -313,7 +311,7 @@ vAFM3jjrAQDgJPXsv8PqCrLGDuMa/2r6SgzYd03aw/xt1WM6hgUvhQD+J54Z | ||||
|       config | ||||
|     }; | ||||
|     const { signatures: [sig] } = await openpgp.verify(opt); | ||||
|     await expect(sig.error).to.match(/Insecure message hash algorithm/); | ||||
|     await expect(sig.verified).to.be.rejectedWith(/Insecure message hash algorithm/); | ||||
|     const armoredSignature = await openpgp.sign({ message, signingKeys: key, detached: true }); | ||||
|     const opt2 = { | ||||
|       message, | ||||
| @ -322,7 +320,7 @@ vAFM3jjrAQDgJPXsv8PqCrLGDuMa/2r6SgzYd03aw/xt1WM6hgUvhQD+J54Z | ||||
|       config | ||||
|     }; | ||||
|     const { signatures: [sig2] } = await openpgp.verify(opt2); | ||||
|     await expect(sig2.error).to.match(/Insecure message hash algorithm/); | ||||
|     await expect(sig2.verified).to.be.rejectedWith(/Insecure message hash algorithm/); | ||||
| 
 | ||||
|     const cleartext = await openpgp.createCleartextMessage({ text: 'test' }); | ||||
|     const signedCleartext = await openpgp.sign({ message: cleartext, signingKeys: key }); | ||||
| @ -332,7 +330,7 @@ vAFM3jjrAQDgJPXsv8PqCrLGDuMa/2r6SgzYd03aw/xt1WM6hgUvhQD+J54Z | ||||
|       config | ||||
|     }; | ||||
|     const { signatures: [sig3] } = await openpgp.verify(opt3); | ||||
|     await expect(sig3.error).to.match(/Insecure message hash algorithm/); | ||||
|     await expect(sig3.verified).to.be.rejectedWith(/Insecure message hash algorithm/); | ||||
| 
 | ||||
|     const opt4 = { | ||||
|       message: await openpgp.readMessage({ armoredMessage: signed }), | ||||
| @ -340,7 +338,6 @@ vAFM3jjrAQDgJPXsv8PqCrLGDuMa/2r6SgzYd03aw/xt1WM6hgUvhQD+J54Z | ||||
|       config: { rejectPublicKeyAlgorithms: new Set([openpgp.enums.publicKey.eddsa]) } | ||||
|     }; | ||||
|     const { signatures: [sig4] } = await openpgp.verify(opt4); | ||||
|     await expect(sig4.valid).to.be.false; | ||||
|     await expect(sig4.error).to.match(/eddsa keys are considered too weak/); | ||||
|     await expect(sig4.verified).to.be.rejectedWith(/eddsa keys are considered too weak/); | ||||
|   }); | ||||
| }); | ||||
|  | ||||
| @ -20,13 +20,13 @@ module.exports = () => describe('Elliptic Curve Cryptography for NIST P-256,P-38 | ||||
|       await openpgp.verify({ | ||||
|         message: await openpgp.readCleartextMessage({ cleartextMessage }), | ||||
|         verificationKeys: pubHi | ||||
|       }).then(output => expect(output.signatures[0].valid).to.be.true); | ||||
|       }).then(output => expect(output.signatures[0].verified).to.eventually.be.true); | ||||
|       // Verifying detached signature
 | ||||
|       await openpgp.verify({ | ||||
|         message: await openpgp.createMessage({ text: util.removeTrailingSpaces(testData) }), | ||||
|         verificationKeys: pubHi, | ||||
|         signature: (await openpgp.readCleartextMessage({ cleartextMessage })).signature | ||||
|       }).then(output => expect(output.signatures[0].valid).to.be.true); | ||||
|       }).then(output => expect(output.signatures[0].verified).to.eventually.be.true); | ||||
| 
 | ||||
|       // Encrypting and signing
 | ||||
|       const encrypted = await openpgp.encrypt({ | ||||
| @ -39,9 +39,9 @@ module.exports = () => describe('Elliptic Curve Cryptography for NIST P-256,P-38 | ||||
|         message: await openpgp.readMessage({ armoredMessage: encrypted }), | ||||
|         decryptionKeys: bye, | ||||
|         verificationKeys: [pubHi] | ||||
|       }).then(output => { | ||||
|       }).then(async output => { | ||||
|         expect(output.data).to.equal(testData2); | ||||
|         expect(output.signatures[0].valid).to.be.true; | ||||
|         await expect(output.signatures[0].verified).to.eventually.be.true; | ||||
|       }); | ||||
|     }); | ||||
|   } | ||||
| @ -55,7 +55,7 @@ module.exports = () => describe('Elliptic Curve Cryptography for NIST P-256,P-38 | ||||
|     const signature = await openpgp.sign({ message: await openpgp.createCleartextMessage({ text: testData }), signingKeys: privateKey }); | ||||
|     const msg = await openpgp.readCleartextMessage({ cleartextMessage: signature }); | ||||
|     const result = await openpgp.verify({ message: msg, verificationKeys: publicKey }); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   it('Encrypt and sign message', async function () { | ||||
| @ -71,7 +71,7 @@ module.exports = () => describe('Elliptic Curve Cryptography for NIST P-256,P-38 | ||||
|     }); | ||||
|     const message = await openpgp.readMessage({ armoredMessage: encrypted }); | ||||
|     const result = await openpgp.decrypt({ message, decryptionKeys: secondKey.privateKey, verificationKeys: firstKey.publicKey }); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   // TODO find test vectors
 | ||||
|  | ||||
| @ -177,11 +177,11 @@ module.exports = () => describe('Elliptic Curve Cryptography for secp256k1 curve | ||||
|   it('Verify clear signed message', async function () { | ||||
|     const pub = await load_pub_key('juliet'); | ||||
|     const msg = await openpgp.readCleartextMessage({ cleartextMessage: data.juliet.message_signed }); | ||||
|     return openpgp.verify({ verificationKeys: [pub], message: msg }).then(function(result) { | ||||
|     return openpgp.verify({ verificationKeys: [pub], message: msg }).then(async function(result) { | ||||
|       expect(result).to.exist; | ||||
|       expect(result.data).to.equal(data.juliet.message); | ||||
|       expect(result.signatures).to.have.length(1); | ||||
|       expect(result.signatures[0].valid).to.be.true; | ||||
|       expect(await result.signatures[0].verified).to.be.true; | ||||
|     }); | ||||
|   }); | ||||
|   it('Sign message', async function () { | ||||
| @ -194,7 +194,7 @@ module.exports = () => describe('Elliptic Curve Cryptography for secp256k1 curve | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(data.romeo.message); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
|   it('Decrypt and verify message', async function () { | ||||
|     const juliet = await load_pub_key('juliet'); | ||||
| @ -205,7 +205,7 @@ module.exports = () => describe('Elliptic Curve Cryptography for secp256k1 curve | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(data.juliet.message); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
|   it('Encrypt and sign message', async function () { | ||||
|     const romeoPrivate = await load_priv_key('romeo'); | ||||
| @ -220,7 +220,7 @@ module.exports = () => describe('Elliptic Curve Cryptography for secp256k1 curve | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(data.romeo.message); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
|   it('Generate key', function () { | ||||
|     const options = { | ||||
|  | ||||
| @ -2595,10 +2595,10 @@ function versionSpecificTests() { | ||||
|         return openpgp.verify( | ||||
|           { message: await openpgp.readCleartextMessage({ cleartextMessage: signed }), verificationKeys: newKeyPublic } | ||||
|         ).then(async function(verified) { | ||||
|           expect(verified.signatures[0].valid).to.be.true; | ||||
|           expect(await verified.signatures[0].verified).to.be.true; | ||||
|           const newSigningKey = await newKey.getSigningKey(); | ||||
|           expect(verified.signatures[0].keyID.toHex()).to.equal(newSigningKey.getKeyID().toHex()); | ||||
|           expect(verified.signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await verified.signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
|       }); | ||||
|     }); | ||||
| @ -2635,7 +2635,7 @@ function versionSpecificTests() { | ||||
|         message: await openpgp.readMessage({ armoredMessage: encrypted }), decryptionKeys: newKey, verificationKeys: newKeyPublic, config: { minRSABits: 1024 } | ||||
|       }); | ||||
|       expect(decrypted.data).to.equal('hello'); | ||||
|       expect(decrypted.signatures[0].valid).to.be.true; | ||||
|       expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -3484,7 +3484,7 @@ VYGdb3eNlV8CfoEC | ||||
|       message: await openpgp.createMessage({ text: 'hello' }), passwords: 'test', signingKeys: privateKey, signingUserIDs: { name: 'Test McTestington', email: 'test@example.com' }, armor: false, config | ||||
|     }); | ||||
|     const { signatures } = await openpgp.decrypt({ message: await openpgp.readMessage({ binaryMessage: encrypted }), passwords: 'test' }); | ||||
|     expect(signatures[0].signature.packets[0].hashAlgorithm).to.equal(openpgp.enums.hash.sha512); | ||||
|     expect((await signatures[0].signature).packets[0].hashAlgorithm).to.equal(openpgp.enums.hash.sha512); | ||||
|     await expect(openpgp.encrypt({ | ||||
|       message: await openpgp.createMessage({ text: 'hello' }), encryptionKeys: publicKey, signingKeys: privateKey, signingUserIDs: { name: 'Not Test McTestington', email: 'test@example.com' }, armor: false, config | ||||
|     })).to.be.rejectedWith('Could not find user that matches that user ID'); | ||||
|  | ||||
| @ -1261,7 +1261,7 @@ module.exports = () => describe('OpenPGP.js public api tests', function() { | ||||
|         expectSigned: true | ||||
|       }); | ||||
|       expect(data).to.equal(plaintext); | ||||
|       expect(signatures[0].valid).to.be.true; | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|     }); | ||||
| 
 | ||||
|     it('decrypt/verify should throw on missing public keys (expectSigned=true)', async function () { | ||||
| @ -1443,8 +1443,8 @@ aOU= | ||||
|         }); | ||||
|         expect(msg.signatures).to.exist; | ||||
|         expect(msg.signatures).to.have.length(1); | ||||
|         expect(msg.signatures[0].valid).to.be.true; | ||||
|         expect(msg.signatures[0].signature.packets.length).to.equal(1); | ||||
|         expect(await msg.signatures[0].verified).to.be.true; | ||||
|         expect((await msg.signatures[0].signature).packets.length).to.equal(1); | ||||
|         // secret key operations involving the primary key should fail
 | ||||
|         await expect(openpgp.sign({ | ||||
|           message: await openpgp.createMessage({ text: 'test' }), signingKeys: decryptedDummyKey, config: { rejectPublicKeyAlgorithms: new Set() } | ||||
| @ -1589,7 +1589,7 @@ aOU= | ||||
|           expectSigned: true | ||||
|         }); | ||||
|         expect(data).to.equal(text); | ||||
|         expect(signatures[0].valid).to.be.true; | ||||
|         expect(await signatures[0].verified).to.be.true; | ||||
|       }); | ||||
| 
 | ||||
|       it('verify should throw on missing signature (expectSigned=true)', async function () { | ||||
| @ -2105,10 +2105,10 @@ aOU= | ||||
|             return openpgp.decrypt(decOpt); | ||||
|           }).then(async function (decrypted) { | ||||
|             expect(decrypted.data).to.equal(plaintext); | ||||
|             expect(decrypted.signatures[0].valid).to.be.true; | ||||
|             expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|             const signingKey = await privateKey.getSigningKey(); | ||||
|             expect(decrypted.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|             expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect((await decrypted.signatures[0].signature).packets.length).to.equal(1); | ||||
|           }); | ||||
|         }); | ||||
| 
 | ||||
| @ -2129,10 +2129,10 @@ aOU= | ||||
|             return openpgp.decrypt(decOpt); | ||||
|           }).then(async function (decrypted) { | ||||
|             expect(decrypted.data).to.equal(plaintext); | ||||
|             expect(decrypted.signatures[0].valid).to.be.true; | ||||
|             expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|             const signingKey = await privateKey.getSigningKey(); | ||||
|             expect(decrypted.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|             expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect((await decrypted.signatures[0].signature).packets.length).to.equal(1); | ||||
|           }); | ||||
|         }); | ||||
| 
 | ||||
| @ -2152,10 +2152,10 @@ aOU= | ||||
|             return openpgp.decrypt(decOpt); | ||||
|           }).then(async function (decrypted) { | ||||
|             expect(decrypted.data).to.equal(plaintext); | ||||
|             expect(decrypted.signatures[0].valid).to.be.true; | ||||
|             expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|             const signingKey = await privateKey.getSigningKey(); | ||||
|             expect(decrypted.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|             expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect((await decrypted.signatures[0].signature).packets.length).to.equal(1); | ||||
|           }); | ||||
|         }); | ||||
| 
 | ||||
| @ -2183,10 +2183,10 @@ aOU= | ||||
|               return openpgp.decrypt(decOpt); | ||||
|             }).then(async function (decrypted) { | ||||
|               expect(decrypted.data).to.equal(plaintext); | ||||
|               expect(decrypted.signatures[0].valid).to.be.true; | ||||
|               expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|               const signingKey = await newPrivateKey.getSigningKey(); | ||||
|               expect(decrypted.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|               expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|               expect((await decrypted.signatures[0].signature).packets.length).to.equal(1); | ||||
|             }); | ||||
|           }); | ||||
|         }); | ||||
| @ -2216,10 +2216,10 @@ aOU= | ||||
|             verificationKeys: newPublicKey | ||||
|           }); | ||||
|           expect(decrypted.data).to.equal(plaintext); | ||||
|           expect(decrypted.signatures[0].valid).to.be.true; | ||||
|           expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|           const signingKey = await newPrivateKey.getSigningKey(); | ||||
|           expect(decrypted.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|           expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await decrypted.signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
| 
 | ||||
|         it('should encrypt/sign and decrypt/verify with null string input', async function () { | ||||
| @ -2237,10 +2237,10 @@ aOU= | ||||
|             return openpgp.decrypt(decOpt); | ||||
|           }).then(async function (decrypted) { | ||||
|             expect(decrypted.data).to.equal(''); | ||||
|             expect(decrypted.signatures[0].valid).to.be.true; | ||||
|             expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|             const signingKey = await privateKey.getSigningKey(); | ||||
|             expect(decrypted.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|             expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect((await decrypted.signatures[0].signature).packets.length).to.equal(1); | ||||
|           }); | ||||
|         }); | ||||
| 
 | ||||
| @ -2261,10 +2261,10 @@ aOU= | ||||
|             verificationKeys: publicKey | ||||
|           }); | ||||
|           expect(decrypted.data).to.equal(plaintext); | ||||
|           expect(decrypted.signatures[0].valid).to.be.true; | ||||
|           expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|           const signingKey = await privateKey.getSigningKey(); | ||||
|           expect(decrypted.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|           expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await decrypted.signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
| 
 | ||||
|         it('should encrypt and decrypt/verify with detached signature as input for encryption', async function () { | ||||
| @ -2307,14 +2307,14 @@ aOU= | ||||
|             }).then(async function (decrypted) { | ||||
|               let signingKey; | ||||
|               expect(decrypted.data).to.equal(plaintext); | ||||
|               expect(decrypted.signatures[0].valid).to.be.true; | ||||
|               expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|               signingKey = await privateKey.getSigningKey(); | ||||
|               expect(decrypted.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|               expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|               expect(decrypted.signatures[1].valid).to.be.true; | ||||
|               expect((await decrypted.signatures[0].signature).packets.length).to.equal(1); | ||||
|               expect(await decrypted.signatures[1].verified).to.be.true; | ||||
|               signingKey = await privKeyDE.getSigningKey(); | ||||
|               expect(decrypted.signatures[1].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|               expect(decrypted.signatures[1].signature.packets.length).to.equal(1); | ||||
|               expect((await decrypted.signatures[1].signature).packets.length).to.equal(1); | ||||
|             }); | ||||
|           } finally { | ||||
|             openpgp.config.rejectPublicKeyAlgorithms = rejectPublicKeyAlgorithms; | ||||
| @ -2346,11 +2346,10 @@ aOU= | ||||
|             return openpgp.decrypt(decOpt); | ||||
|           }).then(async function ({ signatures, data }) { | ||||
|             expect(data).to.equal(plaintext); | ||||
|             expect(signatures[0].valid).to.be.false; | ||||
|             expect(signatures[0].error).to.match(/Could not find signing key/); | ||||
|             await expect(signatures[0].verified).to.be.rejectedWith(/Could not find signing key/); | ||||
|             const signingKey = await privateKey.getSigningKey(); | ||||
|             expect(signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|             expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|           }); | ||||
|         }); | ||||
| 
 | ||||
| @ -2369,11 +2368,10 @@ aOU= | ||||
|             return openpgp.decrypt(decOpt); | ||||
|           }).then(async function ({ signatures, data }) { | ||||
|             expect(data).to.equal(plaintext); | ||||
|             expect(signatures[0].valid).to.be.false; | ||||
|             expect(signatures[0].error).to.match(/Could not find signing key/); | ||||
|             await expect(signatures[0].verified).to.be.rejectedWith(/Could not find signing key/); | ||||
|             const signingKey = await privateKey.getSigningKey(); | ||||
|             expect(signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|             expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|           }); | ||||
|         }); | ||||
| 
 | ||||
| @ -2392,11 +2390,10 @@ aOU= | ||||
|             return openpgp.decrypt(decOpt); | ||||
|           }).then(async function ({ signatures, data }) { | ||||
|             expect(data).to.equal(''); | ||||
|             expect(signatures[0].valid).to.be.false; | ||||
|             expect(signatures[0].error).to.match(/Could not find signing key/); | ||||
|             await expect(signatures[0].verified).to.be.rejectedWith(/Could not find signing key/); | ||||
|             const signingKey = await privateKey.getSigningKey(); | ||||
|             expect(signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|             expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|           }); | ||||
|         }); | ||||
| 
 | ||||
| @ -2414,11 +2411,10 @@ aOU= | ||||
|             return openpgp.decrypt(decOpt); | ||||
|           }).then(async function ({ signatures, data }) { | ||||
|             expect(data).to.equal(plaintext); | ||||
|             expect(signatures[0].valid).to.be.false; | ||||
|             expect(signatures[0].error).to.match(/Could not find signing key/); | ||||
|             await expect(signatures[0].verified).to.be.rejectedWith(/Could not find signing key/); | ||||
|             const signingKey = await privateKey.getSigningKey(); | ||||
|             expect(signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|             expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|           }); | ||||
|         }); | ||||
| 
 | ||||
| @ -2439,11 +2435,10 @@ aOU= | ||||
|             verificationKeys: await openpgp.readKey({ armoredKey: wrong_pubkey }) | ||||
|           }); | ||||
|           expect(data).to.equal(plaintext); | ||||
|           expect(signatures[0].valid).to.be.false; | ||||
|           expect(signatures[0].error).to.match(/Could not find signing key/); | ||||
|           await expect(signatures[0].verified).to.be.rejectedWith(/Could not find signing key/); | ||||
|           const signingKey = await privateKey.getSigningKey(); | ||||
|           expect(signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|           expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
| 
 | ||||
|         it('should encrypt and decrypt/verify both signatures when signed with two private keys', async function () { | ||||
| @ -2475,14 +2470,14 @@ aOU= | ||||
|             }).then(async function (decrypted) { | ||||
|               let signingKey; | ||||
|               expect(decrypted.data).to.equal(plaintext); | ||||
|               expect(decrypted.signatures[0].valid).to.be.true; | ||||
|               expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|               signingKey = await privateKey.getSigningKey(); | ||||
|               expect(decrypted.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|               expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|               expect(decrypted.signatures[1].valid).to.be.true; | ||||
|               expect((await decrypted.signatures[0].signature).packets.length).to.equal(1); | ||||
|               expect(await decrypted.signatures[1].verified).to.be.true; | ||||
|               signingKey = await privKeyDE.getSigningKey(); | ||||
|               expect(decrypted.signatures[1].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|               expect(decrypted.signatures[1].signature.packets.length).to.equal(1); | ||||
|               expect((await decrypted.signatures[1].signature).packets.length).to.equal(1); | ||||
|             }); | ||||
|           } finally { | ||||
|             openpgp.config.rejectPublicKeyAlgorithms = rejectPublicKeyAlgorithms; | ||||
| @ -2591,10 +2586,10 @@ aOU= | ||||
|             }).then(async function (decrypted) { | ||||
|               expect(decrypted.data).to.exist; | ||||
|               expect(decrypted.data).to.equal(plaintext); | ||||
|               expect(decrypted.signatures[0].valid).to.be.true; | ||||
|               expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|               const signingKey = await privKeyDE.getSigningKey(); | ||||
|               expect(decrypted.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|               expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|               expect((await decrypted.signatures[0].signature).packets.length).to.equal(1); | ||||
|             }); | ||||
|           } finally { | ||||
|             openpgp.config.rejectPublicKeyAlgorithms = rejectPublicKeyAlgorithms; | ||||
| @ -2837,10 +2832,10 @@ aOU= | ||||
|           return openpgp.verify(verifyOpt); | ||||
|         }).then(async function (verified) { | ||||
|           expect(verified.data).to.equal(plaintext.replace(/[ \t]+$/mg, '')); | ||||
|           expect(verified.signatures[0].valid).to.be.true; | ||||
|           expect(await verified.signatures[0].verified).to.be.true; | ||||
|           const signingKey = await privateKey.getSigningKey(); | ||||
|           expect(verified.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|           expect(verified.signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await verified.signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
|       }); | ||||
| 
 | ||||
| @ -2869,14 +2864,14 @@ aOU= | ||||
|           }).then(async function (verified) { | ||||
|             let signingKey; | ||||
|             expect(verified.data).to.equal(plaintext.replace(/[ \t]+$/mg, '')); | ||||
|             expect(verified.signatures[0].valid).to.be.true; | ||||
|             expect(await verified.signatures[0].verified).to.be.true; | ||||
|             signingKey = await privateKey.getSigningKey(); | ||||
|             expect(verified.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|             expect(verified.signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect(verified.signatures[1].valid).to.be.true; | ||||
|             expect((await verified.signatures[0].signature).packets.length).to.equal(1); | ||||
|             expect(await verified.signatures[1].verified).to.be.true; | ||||
|             signingKey = await privKeyDE.getSigningKey(); | ||||
|             expect(verified.signatures[1].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|             expect(verified.signatures[1].signature.packets.length).to.equal(1); | ||||
|             expect((await verified.signatures[1].signature).packets.length).to.equal(1); | ||||
|           }); | ||||
|         } finally { | ||||
|           openpgp.config.rejectPublicKeyAlgorithms = rejectPublicKeyAlgorithms; | ||||
| @ -2899,10 +2894,10 @@ aOU= | ||||
|           return openpgp.verify(verifyOpt); | ||||
|         }).then(async function (verified) { | ||||
|           expect(verified.data).to.equal(plaintext); | ||||
|           expect(verified.signatures[0].valid).to.be.true; | ||||
|           expect(await verified.signatures[0].verified).to.be.true; | ||||
|           const signingKey = await privateKey.getSigningKey(); | ||||
|           expect(verified.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|           expect(verified.signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await verified.signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
|       }); | ||||
| 
 | ||||
| @ -2920,11 +2915,10 @@ aOU= | ||||
|           return openpgp.verify(verifyOpt); | ||||
|         }).then(async function ({ data, signatures }) { | ||||
|           expect(data).to.equal(plaintext.replace(/[ \t]+$/mg, '')); | ||||
|           expect(signatures[0].valid).to.be.false; | ||||
|           expect(signatures[0].error).to.match(/Could not find signing key/); | ||||
|           await expect(signatures[0].verified).to.be.rejectedWith(/Could not find signing key/); | ||||
|           const signingKey = await privateKey.getSigningKey(); | ||||
|           expect(signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|           expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
|       }); | ||||
| 
 | ||||
| @ -2944,11 +2938,10 @@ aOU= | ||||
|           return openpgp.verify(verifyOpt); | ||||
|         }).then(async function ({ data, signatures }) { | ||||
|           expect(data).to.equal(plaintext); | ||||
|           expect(signatures[0].valid).to.be.false; | ||||
|           expect(signatures[0].error).to.match(/Could not find signing key/); | ||||
|           await expect(signatures[0].verified).to.be.rejectedWith(/Could not find signing key/); | ||||
|           const signingKey = await privateKey.getSigningKey(); | ||||
|           expect(signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|           expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
|       }); | ||||
| 
 | ||||
| @ -2967,10 +2960,10 @@ aOU= | ||||
|           return openpgp.verify(verifyOpt); | ||||
|         }).then(async function (verified) { | ||||
|           expect(verified.data).to.equal(plaintext); | ||||
|           expect(verified.signatures[0].valid).to.be.true; | ||||
|           expect(await verified.signatures[0].verified).to.be.true; | ||||
|           const signingKey = await privateKey.getSigningKey(); | ||||
|           expect(verified.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|           expect(verified.signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await verified.signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
|       }); | ||||
| 
 | ||||
| @ -2992,12 +2985,12 @@ aOU= | ||||
|           return openpgp.verify(verifyOpt); | ||||
|         }).then(async function (verified) { | ||||
|           expect(verified.data).to.equal(plaintext); | ||||
|           expect(+verified.signatures[0].signature.packets[0].created).to.be.lte(+util.normalizeDate()); | ||||
|           expect(+verified.signatures[0].signature.packets[0].created).to.be.gte(+start); | ||||
|           expect(verified.signatures[0].valid).to.be.true; | ||||
|           expect(+(await verified.signatures[0].signature).packets[0].created).to.be.lte(+util.normalizeDate()); | ||||
|           expect(+(await verified.signatures[0].signature).packets[0].created).to.be.gte(+start); | ||||
|           expect(await verified.signatures[0].verified).to.be.true; | ||||
|           const signingKey = await privateKey.getSigningKey(); | ||||
|           expect(verified.signatures[0].keyID.toHex()).to.equal(signingKey.getKeyID().toHex()); | ||||
|           expect(verified.signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await verified.signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
|       }); | ||||
| 
 | ||||
| @ -3019,22 +3012,22 @@ aOU= | ||||
|         return openpgp.sign(signOpt).then(async function (signed) { | ||||
|           verifyOpt.signature = await openpgp.readSignature({ binarySignature: signed }); | ||||
|           return openpgp.verify(verifyOpt).then(async function (verified) { | ||||
|             expect(+verified.signatures[0].signature.packets[0].created).to.equal(+past); | ||||
|             expect(+(await verified.signatures[0].signature).packets[0].created).to.equal(+past); | ||||
|             expect(verified.data).to.equal(plaintext); | ||||
|             expect(verified.signatures[0].valid).to.be.true; | ||||
|             expect(await verified.signatures[0].verified).to.be.true; | ||||
|             expect(await privateKey_1337.getSigningKey(verified.signatures[0].keyID, past)) | ||||
|               .to.be.not.null; | ||||
|             expect(verified.signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect((await verified.signatures[0].signature).packets.length).to.equal(1); | ||||
|             // now check with expiration checking disabled
 | ||||
|             verifyOpt.date = null; | ||||
|             return openpgp.verify(verifyOpt); | ||||
|           }).then(async function (verified) { | ||||
|             expect(+verified.signatures[0].signature.packets[0].created).to.equal(+past); | ||||
|             expect(+(await verified.signatures[0].signature).packets[0].created).to.equal(+past); | ||||
|             expect(verified.data).to.equal(plaintext); | ||||
|             expect(verified.signatures[0].valid).to.be.true; | ||||
|             expect(await verified.signatures[0].verified).to.be.true; | ||||
|             expect(await privateKey_1337.getSigningKey(verified.signatures[0].keyID, null)) | ||||
|               .to.be.not.null; | ||||
|             expect(verified.signatures[0].signature.packets.length).to.equal(1); | ||||
|             expect((await verified.signatures[0].signature).packets.length).to.equal(1); | ||||
|           }); | ||||
|         }); | ||||
|       }); | ||||
| @ -3059,12 +3052,12 @@ aOU= | ||||
|           verifyOpt.signature = await openpgp.readSignature({ binarySignature: signed }); | ||||
|           return openpgp.verify(verifyOpt); | ||||
|         }).then(async function (verified) { | ||||
|           expect(+verified.signatures[0].signature.packets[0].created).to.equal(+future); | ||||
|           expect(+(await verified.signatures[0].signature).packets[0].created).to.equal(+future); | ||||
|           expect([].slice.call(verified.data)).to.deep.equal([].slice.call(data)); | ||||
|           expect(verified.signatures[0].valid).to.be.true; | ||||
|           expect(await verified.signatures[0].verified).to.be.true; | ||||
|           expect(await privateKey_2038_2045.getSigningKey(verified.signatures[0].keyID, future)) | ||||
|             .to.be.not.null; | ||||
|           expect(verified.signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await verified.signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
|       }); | ||||
| 
 | ||||
| @ -3089,10 +3082,10 @@ aOU= | ||||
|           return openpgp.verify(verifyOpt); | ||||
|         }).then(async function (verified) { | ||||
|           expect([].slice.call(verified.data)).to.deep.equal([].slice.call(data)); | ||||
|           expect(verified.signatures[0].valid).to.be.true; | ||||
|           expect(await verified.signatures[0].verified).to.be.true; | ||||
|           expect(await privateKey.getSigningKey(verified.signatures[0].keyID)) | ||||
|             .to.be.not.null; | ||||
|           expect(verified.signatures[0].signature.packets.length).to.equal(1); | ||||
|           expect((await verified.signatures[0].signature).packets.length).to.equal(1); | ||||
|         }); | ||||
|       }); | ||||
| 
 | ||||
| @ -3473,7 +3466,7 @@ amnR6g== | ||||
|           const { privateKey: key } = await openpgp.generateKey({ curve, userIDs: { name: 'Alice', email: 'info@alice.com' }, format: 'object' }); | ||||
|           const signed = await openpgp.sign({ signingKeys:[key], message: await openpgp.createCleartextMessage({ text: plaintext }) }); | ||||
|           const verified = await openpgp.verify({ verificationKeys:[key], message: await openpgp.readCleartextMessage({ cleartextMessage: signed }) }); | ||||
|           expect(verified.signatures[0].valid).to.be.true; | ||||
|           expect(await verified.signatures[0].verified).to.be.true; | ||||
|         }); | ||||
|       }); | ||||
| 
 | ||||
|  | ||||
| @ -750,7 +750,7 @@ cJRRGJPL16wINuk= | ||||
|     const message = await openpgp.createMessage({ text: 'Marker + Detached signature' }); | ||||
|     const signature = await openpgp.readSignature({ armoredSignature: signatureWithMarkerPacket }); | ||||
|     const { signatures: [sigInfo] } = await openpgp.verify({ message, signature, verificationKeys: key }); | ||||
|     expect(sigInfo.valid).to.be.true; | ||||
|     expect(await sigInfo.verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
| 
 | ||||
| @ -765,10 +765,10 @@ cJRRGJPL16wINuk= | ||||
|       rejectMessageHashAlgorithms: new Set([openpgp.enums.hash.md5, openpgp.enums.hash.ripemd]), | ||||
|       rejectPublicKeyAlgorithms: new Set() | ||||
|     }; | ||||
|     const decrypted = await openpgp.decrypt({ decryptionKeys: privateKey, verificationKeys: publicKey, message, config }); | ||||
|     expect(decrypted.data).to.exist; | ||||
|     expect(decrypted.signatures[0].valid).to.be.true; | ||||
|     expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|     const { data, signatures } = await openpgp.decrypt({ decryptionKeys: privateKey, verificationKeys: publicKey, message, config }); | ||||
|     expect(data).to.exist; | ||||
|     expect(await signatures[0].verified).to.be.true; | ||||
|     expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|   }); | ||||
| 
 | ||||
|   it('Consider signature expired at the expiration time', async function() { | ||||
| @ -1033,12 +1033,12 @@ eSvSZutLuKKbidSYMLhWROPlwKc2GU2ws6PrLZAyCAel/lU= | ||||
| 
 | ||||
|     return openpgp.decrypt({ | ||||
|       decryptionKeys: privKey, verificationKeys: pubKey , message, config: { minRSABits: 1024 } | ||||
|     }).then(decrypted => { | ||||
|       expect(decrypted.data).to.exist; | ||||
|       expect(decrypted.data).to.equal(plaintext); | ||||
|       expect(decrypted.signatures).to.have.length(1); | ||||
|       expect(decrypted.signatures[0].valid).to.be.true; | ||||
|       expect(decrypted.signatures[0].signature.packets.length).to.equal(1); | ||||
|     }).then(async ({ signatures, data }) => { | ||||
|       expect(data).to.exist; | ||||
|       expect(data).to.equal(plaintext); | ||||
|       expect(signatures).to.have.length(1); | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|       expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -1083,8 +1083,7 @@ eSvSZutLuKKbidSYMLhWROPlwKc2GU2ws6PrLZAyCAel/lU= | ||||
|     const message = await openpgp.readMessage({ armoredMessage: signature_with_critical_notation }); | ||||
|     const key = await openpgp.readKey({ armoredKey: pub_key_arm2 }); | ||||
|     const { signatures: [sig] } = await openpgp.verify({ message, verificationKeys: key, config: { minRSABits: 1024 } }); | ||||
|     expect(sig.valid).to.be.false; | ||||
|     expect(sig.error).to.match(/Unknown critical notation: test@example.com/); | ||||
|     await expect(sig.verified).to.be.rejectedWith(/Unknown critical notation: test@example.com/); | ||||
|   }); | ||||
| 
 | ||||
|   it('Verify succeeds with known signed message with critical notations', async function() { | ||||
| @ -1093,7 +1092,7 @@ eSvSZutLuKKbidSYMLhWROPlwKc2GU2ws6PrLZAyCAel/lU= | ||||
| 
 | ||||
|     const config = { knownNotations: ['test@example.com'], minRSABits: 1024 }; | ||||
|     const { signatures: [sig] } = await openpgp.verify({ message, verificationKeys: key, config }); | ||||
|     expect(sig.valid).to.be.true; | ||||
|     expect(await sig.verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   it('Verify cleartext signed message with two signatures with openpgp.verify', async function() { | ||||
| @ -1130,14 +1129,13 @@ eSvSZutLuKKbidSYMLhWROPlwKc2GU2ws6PrLZAyCAel/lU= | ||||
|     expect(pubKey2.getKeys(keyIDs[0])).to.not.be.empty; | ||||
|     expect(pubKey3.getKeys(keyIDs[1])).to.not.be.empty; | ||||
| 
 | ||||
|     return openpgp.verify({ verificationKeys:[pubKey2, pubKey3], message, config: { minRSABits: 1024 } }).then(function(cleartextSig) { | ||||
|       expect(cleartextSig).to.exist; | ||||
|       expect(cleartextSig.data).to.equal(plaintext); | ||||
|       expect(cleartextSig.signatures).to.have.length(2); | ||||
|       expect(cleartextSig.signatures[0].valid).to.be.true; | ||||
|       expect(cleartextSig.signatures[1].valid).to.be.true; | ||||
|       expect(cleartextSig.signatures[0].signature.packets.length).to.equal(1); | ||||
|       expect(cleartextSig.signatures[1].signature.packets.length).to.equal(1); | ||||
|     return openpgp.verify({ verificationKeys:[pubKey2, pubKey3], message, config: { minRSABits: 1024 } }).then(async function({ signatures, data }) { | ||||
|       expect(data).to.equal(plaintext); | ||||
|       expect(signatures).to.have.length(2); | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|       expect(await signatures[1].verified).to.be.true; | ||||
|       expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|       expect((await signatures[1].signature).packets.length).to.equal(1); | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -1203,16 +1201,15 @@ zmuVOdNuWQqxT9Sqa84= | ||||
| 
 | ||||
|     expect(pubKey.getKeys(keyIDs[0])).to.not.be.empty; | ||||
| 
 | ||||
|     const cleartextSig = await openpgp.verify({ | ||||
|     const { signatures, data } = await openpgp.verify({ | ||||
|       verificationKeys:[pubKey], | ||||
|       message, | ||||
|       config: { minRSABits: 1024, rejectMessageHashAlgorithms: new Set() } | ||||
|     }); | ||||
|     expect(cleartextSig).to.exist; | ||||
|     expect(cleartextSig.data).to.equal(plaintext.replace(/[ \t]+$/mg, '')); | ||||
|     expect(cleartextSig.signatures).to.have.length(1); | ||||
|     expect(cleartextSig.signatures[0].valid).to.be.true; | ||||
|     expect(cleartextSig.signatures[0].signature.packets.length).to.equal(1); | ||||
|     expect(data).to.equal(plaintext.replace(/[ \t]+$/mg, '')); | ||||
|     expect(signatures).to.have.length(1); | ||||
|     expect(await signatures[0].verified).to.be.true; | ||||
|     expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|   }); | ||||
| 
 | ||||
|   function tests() { | ||||
| @ -1237,11 +1234,15 @@ yYDnCgA= | ||||
|       const keyIDs = message.getSigningKeyIDs(); | ||||
|       expect(pubKey.getKeys(keyIDs[0])).to.not.be.empty; | ||||
| 
 | ||||
|       return openpgp.verify({ verificationKeys: [pubKey], message, config: { minRSABits: 1024 } }).then(({ data, signatures }) => { | ||||
|       return openpgp.verify({ verificationKeys: [pubKey], message, config: { minRSABits: 1024 } }).then(async ({ data, signatures }) => { | ||||
|         expect(data).to.equal(plaintext); | ||||
|         expect(signatures).to.have.length(1); | ||||
|         expect(signatures[0].valid).to.equal(!openpgp.config.rejectMessageHashAlgorithms.has(openpgp.enums.hash.sha1)); | ||||
|         expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|         if (openpgp.config.rejectMessageHashAlgorithms.has(openpgp.enums.hash.sha1)) { | ||||
|           await expect(signatures[0].verified).to.be.rejected; | ||||
|         } else { | ||||
|           expect(await signatures[0].verified).to.be.true; | ||||
|         } | ||||
|         expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|       }); | ||||
|     }); | ||||
| 
 | ||||
| @ -1378,11 +1379,11 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA | ||||
|       const message = await openpgp.readCleartextMessage({ cleartextMessage: signed }); | ||||
|       return openpgp.verify({ verificationKeys:[pubKey], message, config }); | ||||
| 
 | ||||
|     }).then(function({ data, signatures }) { | ||||
|     }).then(async function({ data, signatures }) { | ||||
|       expect(data).to.equal(plaintext.replace(/[ \t\r]+$/mg, '')); | ||||
|       expect(signatures).to.have.length(1); | ||||
|       expect(signatures[0].valid).to.be.true; | ||||
|       expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|       expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -1400,11 +1401,11 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA | ||||
|       const message = await openpgp.readCleartextMessage({ cleartextMessage: signed }); | ||||
|       return openpgp.verify({ verificationKeys: pubKey, message, config }); | ||||
| 
 | ||||
|     }).then(function({ data, signatures }) { | ||||
|     }).then(async function({ data, signatures }) { | ||||
|       expect(data).to.equal(plaintext); | ||||
|       expect(signatures).to.have.length(1); | ||||
|       expect(signatures[0].valid).to.be.true; | ||||
|       expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|       expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -1422,11 +1423,11 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA | ||||
|       const message = await openpgp.readCleartextMessage({ cleartextMessage: signed }); | ||||
|       return openpgp.verify({ verificationKeys: pubKey, message, config }); | ||||
| 
 | ||||
|     }).then(function({ data, signatures }) { | ||||
|     }).then(async function({ data, signatures }) { | ||||
|       expect(data).to.equal(plaintext.replace(/[ \t]+$/mg, '')); | ||||
|       expect(signatures).to.have.length(1); | ||||
|       expect(signatures[0].valid).to.be.true; | ||||
|       expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|       expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -1444,11 +1445,11 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA | ||||
|       const message = await openpgp.readMessage({ armoredMessage: signed }); | ||||
|       return openpgp.verify({ verificationKeys: pubKey, message, format: 'binary', config }); | ||||
| 
 | ||||
|     }).then(function({ data, signatures }) { | ||||
|     }).then(async function({ data, signatures }) { | ||||
|       expect(data).to.deep.equal(plaintext); | ||||
|       expect(signatures).to.have.length(1); | ||||
|       expect(signatures[0].valid).to.be.true; | ||||
|       expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|       expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -1466,11 +1467,11 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA | ||||
|       const message = await openpgp.readMessage({ binaryMessage: signed }); | ||||
|       return openpgp.verify({ verificationKeys: pubKey, message, format: 'binary', config }); | ||||
| 
 | ||||
|     }).then(function({ data, signatures }) { | ||||
|     }).then(async function({ data, signatures }) { | ||||
|       expect(data).to.deep.equal(plaintext); | ||||
|       expect(signatures).to.have.length(1); | ||||
|       expect(signatures[0].valid).to.be.true; | ||||
|       expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|       expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -1486,11 +1487,11 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA | ||||
|     return openpgp.sign({ signingKeys: privKey, message: await openpgp.createMessage({ text: plaintext }), detached: true, config }).then(async armoredSignature => { | ||||
|       const signature = await openpgp.readSignature({ armoredSignature }); | ||||
|       return openpgp.verify({ verificationKeys: pubKey, message: await openpgp.createMessage({ binary: util.encodeUTF8(plaintext) }), signature, config }); | ||||
|     }).then(function({ data, signatures }) { | ||||
|     }).then(async function({ data, signatures }) { | ||||
|       expect(data).to.equal(plaintext); | ||||
|       expect(signatures).to.have.length(1); | ||||
|       expect(signatures[0].valid).to.be.true; | ||||
|       expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|       expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -1508,11 +1509,11 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA | ||||
|       const signature = await openpgp.readSignature({ armoredSignature }); | ||||
|       return openpgp.verify({ verificationKeys: pubKey, message: await openpgp.createMessage({ text: plaintext }), signature, config }); | ||||
| 
 | ||||
|     }).then(function({ data, signatures }) { | ||||
|     }).then(async function({ data, signatures }) { | ||||
|       expect(data).to.equal(plaintext); | ||||
|       expect(signatures).to.have.length(1); | ||||
|       expect(signatures[0].valid).to.be.true; | ||||
|       expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|       expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -1533,11 +1534,11 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA | ||||
|       const message = await openpgp.readMessage({ armoredMessage }); | ||||
|       return openpgp.decrypt({ message, decryptionKeys: [privKey], verificationKeys: [pubKey], config }); | ||||
| 
 | ||||
|     }).then(function({ data, signatures }) { | ||||
|     }).then(async function({ data, signatures }) { | ||||
|       expect(data).to.equal(plaintext); | ||||
|       expect(signatures).to.have.length(1); | ||||
|       expect(signatures[0].valid).to.be.true; | ||||
|       expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|       expect(await signatures[0].verified).to.be.true; | ||||
|       expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -1624,8 +1625,8 @@ hkJiXopCSWKSlQInL1devkJJUWJmTmZeugJYlpdLAagQJM0JpsCqIQZwKgAA | ||||
|     const { data, signatures } = await openpgp.verify({ verificationKeys:[publicKey], message, config: { minRSABits: 1024 } }); | ||||
|     expect(data).to.equal(content); | ||||
|     expect(signatures).to.have.length(1); | ||||
|     expect(signatures[0].valid).to.be.true; | ||||
|     expect(signatures[0].signature.packets.length).to.equal(1); | ||||
|     expect(await signatures[0].verified).to.be.true; | ||||
|     expect((await signatures[0].signature).packets.length).to.equal(1); | ||||
|     expect(await signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
| @ -1789,7 +1790,7 @@ oaBUyhCKt8tz6Q== | ||||
|       decryptionKeys: key, | ||||
|       config: { minRSABits: 1024 } | ||||
|     }); | ||||
|     expect(decrypted.signatures[0].valid).to.be.true; | ||||
|     expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   it('should verify a shorter EdDSA signature', async function() { | ||||
| @ -1822,7 +1823,7 @@ Ie6jnY0zP2ldtS4JmhKBa43qmOHCxHc= | ||||
| =7B58 | ||||
| -----END PGP MESSAGE-----`;
 | ||||
|     const decrypted = await openpgp.decrypt({ message: await openpgp.readMessage({ armoredMessage: encrypted }), decryptionKeys: key, verificationKeys: key.toPublic() }); | ||||
|     expect(decrypted.signatures[0].valid).to.be.true; | ||||
|     expect(await decrypted.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   it('should verify a shorter ECDSA signature', async function() { | ||||
| @ -1858,6 +1859,6 @@ JImeZLY02MctIpGZULbqgcUGK0P/yqrPL8Pe4lQM | ||||
| -----END PGP SIGNATURE-----`;
 | ||||
|     const message = await openpgp.readCleartextMessage({ cleartextMessage: signed }); | ||||
|     const verified = await openpgp.verify({ verificationKeys: key, message }); | ||||
|     expect(verified.signatures[0].valid).to.be.true; | ||||
|     expect(await verified.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| }); | ||||
|  | ||||
| @ -683,7 +683,7 @@ function tests() { | ||||
|     }); | ||||
|     expect(verified.data).to.equal('hello world'); | ||||
|     expect(verified.signatures).to.exist.and.have.length(1); | ||||
|     expect(verified.signatures[0].valid).to.be.true; | ||||
|     expect(await verified.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   it('Detached sign small message using brainpool curve keys', async function() { | ||||
| @ -722,7 +722,7 @@ function tests() { | ||||
|     }); | ||||
|     expect(verified.data).to.equal('hello world'); | ||||
|     expect(verified.signatures).to.exist.and.have.length(1); | ||||
|     expect(verified.signatures[0].valid).to.be.true; | ||||
|     expect(await verified.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   it('Detached sign small message using x25519 curve keys', async function() { | ||||
| @ -761,7 +761,7 @@ function tests() { | ||||
|     }); | ||||
|     expect(verified.data).to.equal('hello world'); | ||||
|     expect(verified.signatures).to.exist.and.have.length(1); | ||||
|     expect(verified.signatures[0].valid).to.be.true; | ||||
|     expect(await verified.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   it("Detached sign is expected to pull entire input stream when we're not pulling signed stream", async function() { | ||||
|  | ||||
| @ -164,11 +164,11 @@ module.exports = () => (openpgp.config.ci ? describe.skip : describe)('X25519 Cr | ||||
|     const name = 'light'; | ||||
|     const pub = await load_pub_key(name); | ||||
|     const msg = await openpgp.readCleartextMessage({ cleartextMessage: data[name].message_signed }); | ||||
|     return openpgp.verify({ verificationKeys: [pub], message: msg }).then(function(result) { | ||||
|     return openpgp.verify({ verificationKeys: [pub], message: msg }).then(async function(result) { | ||||
|       expect(result).to.exist; | ||||
|       expect(result.data).to.equal(data[name].message); | ||||
|       expect(result.signatures).to.have.length(1); | ||||
|       expect(result.signatures[0].valid).to.be.true; | ||||
|       expect(await result.signatures[0].verified).to.be.true; | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
| @ -184,7 +184,7 @@ module.exports = () => (openpgp.config.ci ? describe.skip : describe)('X25519 Cr | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(randomData.replace(/[ \t]+$/mg, '')); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   it('Decrypt and verify message', async function () { | ||||
| @ -196,7 +196,7 @@ module.exports = () => (openpgp.config.ci ? describe.skip : describe)('X25519 Cr | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(data.night.message); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   it('Encrypt and sign message', async function () { | ||||
| @ -213,7 +213,7 @@ module.exports = () => (openpgp.config.ci ? describe.skip : describe)('X25519 Cr | ||||
|     expect(result).to.exist; | ||||
|     expect(result.data).to.equal(randomData); | ||||
|     expect(result.signatures).to.have.length(1); | ||||
|     expect(result.signatures[0].valid).to.be.true; | ||||
|     expect(await result.signatures[0].verified).to.be.true; | ||||
|   }); | ||||
| 
 | ||||
|   describe('Ed25519 Test Vectors from RFC8032', function () { | ||||
| @ -445,13 +445,13 @@ function omnibus() { | ||||
|             return Promise.all([ | ||||
|               openpgp.verify( | ||||
|                 { message: msg, verificationKeys: hi.toPublic() } | ||||
|               ).then(output => expect(output.signatures[0].valid).to.be.true), | ||||
|               ).then(output => expect(output.signatures[0].verified).to.eventually.be.true), | ||||
|               // Verifying detached signature
 | ||||
|               openpgp.verify({ | ||||
|                 message: await openpgp.createMessage({ text: 'Hi, this is me, Hi!' }), | ||||
|                 verificationKeys: hi.toPublic(), | ||||
|                 signature: msg.signature | ||||
|               }).then(output => expect(output.signatures[0].valid).to.be.true) | ||||
|               }).then(output => expect(output.signatures[0].verified).to.eventually.be.true) | ||||
|             ]); | ||||
|           }), | ||||
|           // Encrypting and signing
 | ||||
| @ -466,9 +466,9 @@ function omnibus() { | ||||
|               message: msg, | ||||
|               decryptionKeys: bye, | ||||
|               verificationKeys: [hi.toPublic()] | ||||
|             }).then(output => { | ||||
|             }).then(async output => { | ||||
|               expect(output.data).to.equal('Hi, Hi wrote this but only Bye can read it!'); | ||||
|               expect(output.signatures[0].valid).to.be.true; | ||||
|               await expect(output.signatures[0].verified).to.eventually.be.true; | ||||
|             }); | ||||
|           }) | ||||
|         ]); | ||||
|  | ||||
| @ -69,8 +69,7 @@ async function testSubkeyTrust() { | ||||
|     verificationKeys: fakeKey | ||||
|   }); | ||||
|   expect(verifyAttackerIsBatman.signatures[0].keyID.equals(victimPubKey.subkeys[0].getKeyID())).to.be.true; | ||||
|   expect(verifyAttackerIsBatman.signatures[0].valid).to.be.false; | ||||
|   expect(verifyAttackerIsBatman.signatures[0].error).to.match(/Could not find valid signing key packet/); | ||||
|   await expect(verifyAttackerIsBatman.signatures[0].verified).to.be.rejectedWith(/Could not find valid signing key packet/); | ||||
| } | ||||
| 
 | ||||
| module.exports = () => it('Does not trust subkeys without Primary Key Binding Signature', testSubkeyTrust); | ||||
|  | ||||
| @ -68,9 +68,7 @@ onmessage = async function({ data: { action, message }, ports: [port] }) { | ||||
|           verificationKeys: publicKey, | ||||
|           decryptionKeys: privateKey | ||||
|         }); | ||||
|         if (!signatures[0].valid) { | ||||
|           throw new Error("Couldn't veriy signature"); | ||||
|         } | ||||
|         await signatures[0].verified; | ||||
|         result = data; | ||||
|         break; | ||||
|       } | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user
	 larabr
						larabr