From bb45a29f27544e670f00445cef2144a6a842800f Mon Sep 17 00:00:00 2001 From: larabr <7375870+larabr@users.noreply.github.com> Date: Tue, 26 Jul 2022 19:39:24 +0200 Subject: [PATCH 1/2] Throw in `encryptSessionKey` if no keys or passwords are provided --- src/openpgp.js | 6 +++++- test/general/openpgp.js | 7 +++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/openpgp.js b/src/openpgp.js index 968c01ecc..5eecb5510 100644 --- a/src/openpgp.js +++ b/src/openpgp.js @@ -240,7 +240,7 @@ export async function encryptKey({ privateKey, passphrase, config, ...rest }) { /** - * Encrypts a message using public keys, passwords or both at once. At least one of `encryptionKeys` or `passwords` + * Encrypts a message using public keys, passwords or both at once. At least one of `encryptionKeys`, `passwords` or `sessionKeys` * must be specified. If signing keys are specified, those will be used to sign the message. * @param {Object} options * @param {Message} options.message - Message to be encrypted as created by {@link createMessage} @@ -555,6 +555,10 @@ export async function encryptSessionKey({ data, algorithm, aeadAlgorithm, encryp if (rest.publicKeys) throw new Error('The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead'); const unknownOptions = Object.keys(rest); if (unknownOptions.length > 0) throw new Error(`Unknown option: ${unknownOptions.join(', ')}`); + if ((!encryptionKeys || !encryptionKeys.length === 0) && (!passwords || passwords.length === 0)) { + throw new Error('No encryption keys or passwords provided.'); + } + try { const message = await Message.encryptSessionKey(data, algorithm, aeadAlgorithm, encryptionKeys, passwords, wildcard, encryptionKeyIDs, date, encryptionUserIDs, config); return formatObject(message, format, config); diff --git a/test/general/openpgp.js b/test/general/openpgp.js index d2fd51df5..f2f56e182 100644 --- a/test/general/openpgp.js +++ b/test/general/openpgp.js @@ -2015,6 +2015,13 @@ aOU= const [decryptedSessionKey] = await openpgp.decryptSessionKeys({ message: objectMessage, passwords }); expect(decryptedSessionKey).to.deep.equal(sessionKey); }); + + it('passing no encryption keys or passwords leads to exception', async function() { + await expect(openpgp.encryptSessionKey({ + algorithm: 'aes256', + data: util.hexToUint8Array('3e99c1bb485e70a1fcef09a7ad8d38d171015243bbdd853e1a2b0e334d122ff3') + })).to.be.rejectedWith(/No encryption keys or passwords provided/); + }); }); describe('encrypt, decrypt, sign, verify - integration tests', function() { From a6909711aae1bcde1915b4ceb92ff4c29bba9c18 Mon Sep 17 00:00:00 2001 From: larabr Date: Wed, 27 Jul 2022 15:46:34 +0200 Subject: [PATCH 2/2] Update src/openpgp.js Co-authored-by: Daniel Huigens --- src/openpgp.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/openpgp.js b/src/openpgp.js index 5eecb5510..6e8d0b916 100644 --- a/src/openpgp.js +++ b/src/openpgp.js @@ -555,7 +555,7 @@ export async function encryptSessionKey({ data, algorithm, aeadAlgorithm, encryp if (rest.publicKeys) throw new Error('The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead'); const unknownOptions = Object.keys(rest); if (unknownOptions.length > 0) throw new Error(`Unknown option: ${unknownOptions.join(', ')}`); - if ((!encryptionKeys || !encryptionKeys.length === 0) && (!passwords || passwords.length === 0)) { + if ((!encryptionKeys || encryptionKeys.length === 0) && (!passwords || passwords.length === 0)) { throw new Error('No encryption keys or passwords provided.'); }