Don't keep entire decrypted message in memory while streaming

(When config.allow_unauthenticated_stream is set or the message is AEAD-encrypted.) The issue was that, when hashing the data for verification, we would only start hashing at the very end (and keep the message in memory) because nobody was "pulling" the stream containing the hash yet, so backpressure was keeping the data from being hashed. Note that, of the two patches in this commit, only the onePassSig.hashed property actually mattered, for some reason. Also, the minimum highWaterMark of 1 should have pulled the hashed stream anyway, I think. I'm not sure why that didn't happen.
2026-03-05 00:28:47 +00:00 · 2020-01-15 19:27:05 +01:00
parent 6e13604a64
commit 9bdeaa927a
4 changed files with 5 additions and 4 deletions
--- a/src/encoding/armor.js
+++ b/src/encoding/armor.js
@@ -312,13 +312,13 @@ function dearmor(input) {
        }
      }));
      data = stream.transformPair(data, async (readable, writable) => {
-        const checksumVerified = getCheckSum(stream.passiveClone(readable));
+        const checksumVerified = stream.readToEnd(getCheckSum(stream.passiveClone(readable)));
        await stream.pipe(readable, writable, {
          preventClose: true
        });
        const writer = stream.getWriter(writable);
        try {
-          const checksumVerifiedString = await stream.readToEnd(checksumVerified);
+          const checksumVerifiedString = await checksumVerified;
          if (checksum !== checksumVerifiedString && (checksum || config.checksum_required)) {
            throw new Error("Ascii armor integrity check on message failed: '" + checksum + "' should be '" +
                    checksumVerifiedString + "'");