Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Throw in encryptSessionKey if no keys or passwords are provided #1547

Merged
merged 2 commits into from Jul 27, 2022
Merged

Throw in encryptSessionKey if no keys or passwords are provided #1547

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
bb45a29
Throw in `encryptSessionKey` if no keys or passwords are provided
larabr Jul 26, 2022
a690971
Update src/openpgp.js
larabr Jul 27, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 5 additions & 1 deletion src/openpgp.js
View file
Open in desktop
Expand Up @@ -240,7 +240,7 @@ export async function encryptKey({ privateKey, passphrase, config, ...rest }) {


/**
* Encrypts a message using public keys, passwords or both at once. At least one of `encryptionKeys` or `passwords`
* Encrypts a message using public keys, passwords or both at once. At least one of `encryptionKeys`, `passwords` or `sessionKeys`
* must be specified. If signing keys are specified, those will be used to sign the message.
* @param {Object} options
* @param {Message} options.message - Message to be encrypted as created by {@link createMessage}
Expand Down Expand Up @@ -555,6 +555,10 @@ export async function encryptSessionKey({ data, algorithm, aeadAlgorithm, encryp
if (rest.publicKeys) throw new Error('The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead');
const unknownOptions = Object.keys(rest); if (unknownOptions.length > 0) throw new Error(`Unknown option: ${unknownOptions.join(', ')}`);

if ((!encryptionKeys || encryptionKeys.length === 0) && (!passwords || passwords.length === 0)) {
throw new Error('No encryption keys or passwords provided.');
}

try {
const message = await Message.encryptSessionKey(data, algorithm, aeadAlgorithm, encryptionKeys, passwords, wildcard, encryptionKeyIDs, date, encryptionUserIDs, config);
return formatObject(message, format, config);
Expand Down
7 changes: 7 additions & 0 deletions test/general/openpgp.js
View file
Open in desktop
Expand Up @@ -2015,6 +2015,13 @@ aOU=
const [decryptedSessionKey] = await openpgp.decryptSessionKeys({ message: objectMessage, passwords });
expect(decryptedSessionKey).to.deep.equal(sessionKey);
});

it('passing no encryption keys or passwords leads to exception', async function() {
await expect(openpgp.encryptSessionKey({
algorithm: 'aes256',
data: util.hexToUint8Array('3e99c1bb485e70a1fcef09a7ad8d38d171015243bbdd853e1a2b0e334d122ff3')
})).to.be.rejectedWith(/No encryption keys or passwords provided/);
});
});

describe('encrypt, decrypt, sign, verify - integration tests', function() {
Expand Down