openpgp - npm Package Compare versions

Comparing version 0.6.3 to 0.6.5

package.json

 {
   "name": "openpgp",
   "description": "OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.",
-  "version": "0.6.3",
+  "version": "0.6.5",
   "homepage": "http://openpgpjs.org/",
@@ -6,0 +6,0 @@ "engines": {

src/key.js

@@ -919,5 +919,2 @@ // GPG4Browsers - An OpenPGP implementation in javascript
   }
-  if (!options.passphrase) {
-    throw new Error('Parameter options.passphrase required');
-  }
 
@@ -929,3 +926,5 @@ var packetlist = new packet.List();
   secretKeyPacket.generate(options.numBits);
-  secretKeyPacket.encrypt(options.passphrase);
+  if (options.passphrase) {
+    secretKeyPacket.encrypt(options.passphrase);
+  }
 
@@ -965,3 +964,5 @@ var userIdPacket = new packet.Userid();
   secretSubkeyPacket.generate(options.numBits);
-  secretSubkeyPacket.encrypt(options.passphrase);
+  if (options.passphrase) {
+    secretSubkeyPacket.encrypt(options.passphrase);
+  }
 
@@ -968,0 +969,0 @@ dataToSign = {};

src/message.js

@@ -239,12 +239,14 @@ // GPG4Browsers - An OpenPGP implementation in javascript
       if (keyPacket) {
-        var verifiedSig = {};
-        verifiedSig.keyid = signatureList[i].issuerKeyId;
-        verifiedSig.valid = signatureList[i].verify(keyPacket, literalDataList[0]);
-        result.push(verifiedSig);
         break;
       }
     }
-    if (!keyPacket) {
-      throw new Error('No matching signature found for specified keys.');
+    var verifiedSig = {};
+    if (keyPacket) {
+      verifiedSig.keyid = signatureList[i].issuerKeyId;
+      verifiedSig.valid = signatureList[i].verify(keyPacket, literalDataList[0]);
+    } else {
+      verifiedSig.keyid = key.primaryKey.keyid;
+      verifiedSig.valid = null;
     }
+    result.push(verifiedSig);
   });
@@ -251,0 +253,0 @@ return result;

src/packet/secret_key.js

@@ -173,6 +173,14 @@ // GPG4Browsers - An OpenPGP implementation in javascript
 /** Encrypt the payload. By default, we use aes256 and iterated, salted string
- * to key specifier
+ * to key specifier. If the key is in a decrypted state (isDecrypted == true)
+ * and the passphrase is empty or undefined, the key will be set as not encrypted.
+ * This can be used to remove passphrase protection after calling decrypt().
  * @param {String} passphrase
  */
 SecretKey.prototype.encrypt = function (passphrase) {
+  if (this.isDecrypted && !passphrase) {
+    this.encrypted = null;
+    return;
+  } else if (!passphrase) {
+    throw new Error('The key must be decrypted before removing passphrase protection.');
+  }
 
@@ -179,0 +187,0 @@ var s2k = new type_s2k(),

test/general/basic.js

@@ -87,10 +87,7 @@ 'use strict';
 
-      var decrypted;
-      try {
-        decrypted = openpgp.decryptAndVerifyMessage(privKey, [anotherPubKey], msg);
-      } catch(e) {
-        expect(e).to.exist;
-        expect(decrypted).to.not.exist;
-        done();
-      }
+      var decrypted = openpgp.decryptAndVerifyMessage(privKey, [anotherPubKey], msg);
+      expect(decrypted).to.exist;
+      expect(decrypted.signatures[0].valid).to.be.null;
+      expect(decrypted.text).to.equal(message);
+      done();
     });
@@ -97,0 +94,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

736179

increased by0.06%

Lines of code

18110

increased by0.04%

No dependency changes