#89 revamp code for better decryption and get it working for GnuPG

This commit is contained in:
the-djmaze 2022-02-01 11:45:20 +01:00
parent 4eb70c3f06
commit d9e81d6123
6 changed files with 152 additions and 152 deletions

View file

@ -151,4 +151,40 @@ export const GnuPGUserStore = new class {
getPublicKeyFor(query, sign) {
return findGnuPGKey(this.publicKeys, query, sign);
}
async decrypt(message) {
const
pgpInfo = message.pgpEncrypted();
if (pgpInfo) {
let ids = [message.to[0].email].concat(pgpInfo.KeyIds),
i = ids.length, key;
while (i--) {
key = findGnuPGKey(this.privateKeys, ids[i]);
if (key) {
break;
}
}
if (key) {
// Also check message.from[0].email
let params = {
Folder: message.folder,
Uid: message.uid,
PartId: pgpInfo.PartId,
KeyId: key.id,
Passphrase: prompt('GnuPG Passphrase for ' + key.id + ' ' + key.uids[0].uid),
Data: '' // message.plain() optional
}
if (null !== params.Passphrase) {
const result = await Remote.post('GnupgDecrypt', null, params);
if (result && result.Result) {
return result.Result;
}
}
}
}
}
verify(/*message, fCallback*/) {
}
};

View file

@ -162,28 +162,47 @@ export const OpenPGPUserStore = new class {
/**
* https://docs.openpgpjs.org/#encrypt-and-decrypt-string-data-with-pgp-keys
*/
async decrypt(armoredText, privateKey, publicKey)
async decrypt(armoredText, sender)
{
const passphrase = prompt('Passphrase');
if (!passphrase) {
return;
const message = await openpgp.readMessage({ armoredMessage: armoredText }),
privateKeys = this.privateKeys(),
msgEncryptionKeyIDs = message.getEncryptionKeyIDs().map(key => key.bytes);
// Find private key that can decrypt message
let i = privateKeys.length, privateKey;
while (i--) {
if ((await privateKeys[i].key.getDecryptionKeys()).find(
key => msgEncryptionKeyIDs.includes(key.getKeyID().bytes)
)) {
privateKey = privateKeys[i];
break;
}
}
if (privateKey) try {
// Ask passphrase of private key
const passphrase = prompt('OpenPGP.js Passphrase for ' + privateKey.id + ' ' + privateKey.emails[0]);
if (null !== passphrase) {
const
decryptedKey = await openpgp.decryptKey({
privateKey: privateKey.key,
passphrase
});
return await openpgp.decrypt({
message,
verificationKeys: this.getPublicKeyFor(sender),
// expectSigned: true,
// signature: '', // Detached signature
decryptionKeys: decryptedKey
});
}
} catch (err) {
alert(err);
console.error(err);
}
const message = await openpgp.readMessage({ armoredMessage: armoredText });
const decryptedKey = await openpgp.decryptKey({
// privateKey: await openpgp.readPrivateKey({ armoredKey: armoredPrivateKey }),
privateKey: privateKey,
passphrase
});
return await openpgp.decrypt({
message,
verificationKeys: publicKey,
// expectSigned: true,
// signature: '', // Detached signature
decryptionKeys: decryptedKey
});
}
async verify(message, detachedSignature, publicKey) {
// message.getSigningKeyIDs();
return await openpgp.verify({
message,
verificationKeys: publicKey,

View file

@ -93,20 +93,6 @@ export const PgpUserStore = new class {
return false;
}
getGnuPGPrivateKeyFor(query, sign) {
let key = GnuPGUserStore.getPrivateKeyFor(query, sign);
if (key) {
return ['gnupg', key];
}
}
getOpenPGPPrivateKeyFor(query/*, sign*/) {
let key = OpenPGPUserStore.getPrivateKeyFor(query/*, sign*/);
if (key) {
return ['openpgp', key];
}
}
async getMailvelopePrivateKeyFor(email/*, sign*/) {
let keyring = this.mailvelopeKeyring;
if (keyring && await keyring.hasPrivateKey({email:email})) {
@ -120,54 +106,73 @@ export const PgpUserStore = new class {
* Returns the first library that can.
*/
async getKeyForSigning(email) {
return this.getGnuPGPrivateKeyFor(email, 1)
|| this.getOpenPGPPrivateKeyFor(email, 1)
|| await this.getMailvelopePrivateKeyFor(email, 1);
let key = GnuPGUserStore.getPrivateKeyFor(email, 1);
if (key) {
return ['gnupg', key];
}
key = OpenPGPUserStore.getPrivateKeyFor(email, 1);
if (key) {
return ['openpgp', key];
}
return await this.getMailvelopePrivateKeyFor(email, 1);
}
/**
* Checks if decrypting a message is possible with given keyIds or email address.
* Returns the first library that can.
*/
async getKeyForDecryption(ids, email) {
ids = [email].concat(ids);
let i = ids.length, key;
async decrypt(message) {
const sender = message.from[0].email,
armoredText = message.plain();
if (!armoredText.includes('-----BEGIN PGP MESSAGE-----')) {
return;
}
// Try OpenPGP.js
let result = await OpenPGPUserStore.decrypt(armoredText, sender);
if (result) {
return result;
}
// Try Mailvelope (does not support inline images)
try {
key = await this.getMailvelopePrivateKeyFor(email);
let key = await this.getMailvelopePrivateKeyFor(message.to[0].email);
if (key) {
return key;
/**
* https://mailvelope.github.io/mailvelope/Mailvelope.html#createEncryptedFormContainer
* Creates an iframe to display an encrypted form
*/
// mailvelope.createEncryptedFormContainer('#mailvelope-form');
/**
* https://mailvelope.github.io/mailvelope/Mailvelope.html#createDisplayContainer
* Creates an iframe to display the decrypted content of the encrypted mail.
*/
const body = message.body;
body.textContent = '';
result = await mailvelope.createDisplayContainer(
'#'+body.id,
armoredText,
this.mailvelopeKeyring,
{
senderAddress: sender
}
);
if (result) {
if (result.error && result.error.message) {
if ('PWD_DIALOG_CANCEL' !== result.error.code) {
alert(result.error.code + ': ' + result.error.message);
}
} else {
body.classList.add('mailvelope');
return;
}
}
}
} catch (err) {
console.error(err);
}
/* Not working, needs full fingerprint
while (i--) {
key = await this.getMailvelopePrivateKeyFor(ids[i]);
if (key) {
return key;
}
if (await keyring.hasPrivateKey(ids[i])) {
return ['mailvelope', ids[i]];
}
}
i = ids.length;
*/
/*
while (i--) {
key = this.getGnuPGPrivateKeyFor(ids[i]);
if (key) {
return key;
}
}
*/
i = ids.length;
while (i--) {
key = this.getOpenPGPPrivateKeyFor(ids[i]);
if (key) {
return key;
}
}
// Now try GnuPG
return GnuPGUserStore.decrypt(message);
}
/**