Mirroristas/openpgpjs
2
0
Fork 0
mirror of https://github.com/openpgpjs/openpgpjs.git synced 2025-06-04 13:16:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't mutate message during verification

Browse Source
This commit is contained in:
Daniel Huigens 2025-05-09 16:17:40 +02:00
parent 16c36f7135
commit 843a69d0ad
No known key found for this signature in database
GPG Key ID: CB064A128FA90686
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/message.js
View File

@ -588,12 +588,13 @@ export class Message {
if (literalDataList.length !== 1) {
throw new Error('Can only verify message with one literal data packet.');
}
if (isArrayStream(msg.packets.stream)) {
msg.packets.push(...await streamReadToEnd(msg.packets.stream, _ => _ || []));
let packets = msg.packets;
if (isArrayStream(packets.stream)) {
packets = packets.concat(await streamReadToEnd(packets.stream, _ => _ || []));
}
const onePassSigList = msg.packets.filterByTag(enums.packet.onePassSignature).reverse();
const signatureList = msg.packets.filterByTag(enums.packet.signature);
if (onePassSigList.length && !signatureList.length && util.isStream(msg.packets.stream) && !isArrayStream(msg.packets.stream)) {
const onePassSigList = packets.filterByTag(enums.packet.onePassSignature).reverse();
const signatureList = packets.filterByTag(enums.packet.signature);
if (onePassSigList.length && !signatureList.length && util.isStream(packets.stream) && !isArrayStream(packets.stream)) {
await Promise.all(onePassSigList.map(async onePassSig => {
onePassSig.correspondingSig = new Promise((resolve, reject) => {
onePassSig.correspondingSigResolve = resolve;
@ -603,7 +604,7 @@ export class Message {
onePassSig.hashed = streamReadToEnd(await onePassSig.hash(onePassSig.signatureType, literalDataList[0], undefined, false));
onePassSig.hashed.catch(() => {});
}));
msg.packets.stream = streamTransformPair(msg.packets.stream, async (readable, writable) => {
packets.stream = streamTransformPair(packets.stream, async (readable, writable) => {
const reader = streamGetReader(readable);
const writer = streamGetWriter(writable);
try {