aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick Brunschwig <[email protected]>2021-05-16 20:58:07 +0200
committerPatrick Brunschwig <[email protected]>2021-05-16 20:58:07 +0200
commitdb72d39e6c0a0715b84e8ea1299f90de2393e341 (patch)
treea574df0703a01398f903b82e4e9bd07979a673f6
parent67e582d1b49cac1f09ef0f67f4cf455032d77da7 (diff)
downloadenigmail-db72d39e6c0a0715b84e8ea1299f90de2393e341.tar.gz
enigmail-db72d39e6c0a0715b84e8ea1299f90de2393e341.tar.bz2
enigmail-db72d39e6c0a0715b84e8ea1299f90de2393e341.zip
fixed verifying attachments to match GnuPG implementation
-rw-r--r--package/cryptoAPI/pgpjs-decrypt.jsm10
-rw-r--r--package/tests/pgpjs-decrypt-test.js31
2 files changed, 34 insertions, 7 deletions
diff --git a/package/cryptoAPI/pgpjs-decrypt.jsm b/package/cryptoAPI/pgpjs-decrypt.jsm
index 10f9b174..b4651f41 100644
--- a/package/cryptoAPI/pgpjs-decrypt.jsm
+++ b/package/cryptoAPI/pgpjs-decrypt.jsm
@@ -459,7 +459,15 @@ var pgpjs_decrypt = {
sig = msg.armor();
}
- return this.verifyDetached(data, sig, false);
+ let ret = await this.verifyDetached(data, sig, false);
+
+ if (ret.statusFlags & (EnigmailConstants.BAD_SIGNATURE | EnigmailConstants.UNVERIFIED_SIGNATURE)) {
+ throw ret.errorMsg ? ret.errorMsg : EnigmailLocale.getString("unverifiedSig") + " - " + EnigmailLocale.getString("msgSignedUnkownKey");
+ }
+
+ const detailArr = ret.sigDetails.split(/ /);
+ const dateTime = EnigmailTime.getDateTime(detailArr[2], true, true);
+ return ret.errorMsg + "\n" + EnigmailLocale.getString("keyAndSigDate", [ret.keyId, dateTime]);
}
};
diff --git a/package/tests/pgpjs-decrypt-test.js b/package/tests/pgpjs-decrypt-test.js
index 141a496c..0285363f 100644
--- a/package/tests/pgpjs-decrypt-test.js
+++ b/package/tests/pgpjs-decrypt-test.js
@@ -196,14 +196,33 @@ iD8DBQE+yUcu4mZch0nhy8kRAuh/AKDM1Xc49BKVfJIFg/btWGfbF/pgcwCgw0Zk
Assert.equal(result.statusFlags, EnigmailConstants.UNVERIFIED_SIGNATURE);
Assert.equal(result.exitCode, 1);
Assert.equal(result.decryptedData, "");
-
-
- const attachmentFile = do_get_file("resources/attachment.txt", false);
- const attachmentSig = do_get_file("resources/attachment.txt.asc", false);
- result = await pgpjs_decrypt.verifyFile(attachmentFile.path, attachmentSig.path);
- Assert.equal(result.statusFlags, EnigmailConstants.GOOD_SIGNATURE | EnigmailConstants.TRUSTED_IDENTITY);
}
catch (ex) {
Assert.ok(false, "exception: " + ex.toString());
}
})));
+
+
+test(withTestGpgHome(asyncTest(async function testVerifyFile() {
+ await pgpjs_keyStore.init();
+
+ const attachmentFile = do_get_file("resources/attachment.txt", false);
+ const signatureFile = do_get_file("resources/attachment.txt.asc", false);
+ const pubKeyFile = do_get_file("resources/dev-strike.asc", false);
+
+ try {
+ await pgpjs_decrypt.verifyFile(attachmentFile.path, signatureFile.path);
+ Assert.ok(false, "Should not obtain a valid verification");
+ }
+ catch (err) {
+ Assert.assertContains(err, "Unverified signature - signed with unknown key");
+ }
+
+ let keyData = EnigmailFiles.readBinaryFile(pubKeyFile);
+ let result = await pgpjs_keyStore.writeKey(keyData);
+ Assert.equal(result.length, 1);
+
+ result = await pgpjs_decrypt.verifyFile(attachmentFile.path, signatureFile.path);
+ Assert.assertContains(result, 'Good signature from anonymous strike');
+ Assert.assertContains(result, 'Key ID: 0x65537E212DC19025AD38EDB2781617319CE311C');
+})));