diff options
| author | Celine Moredo <32130856+camoredo@users.noreply.github.com> | 2022-08-22 16:30:33 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-08-22 16:30:33 +0300 |
| commit | 4d2cf85a5185b7f64beeabf69349a2f7e13b9bd9 (patch) | |
| tree | d325228da92375631cc59d241508e72757e8db54 | |
| parent | 93644b7c58bbcd94ed364500d26ad0d694d4f937 (diff) | |
Ignore improperly formatted armor headers (#1557)
Show a debug warning instead of throwing an error on malformed headers.
| -rw-r--r-- | src/encoding/armor.js | 8 | ||||
| -rw-r--r-- | test/general/armor.js | 15 |
2 files changed, 9 insertions, 14 deletions
diff --git a/src/encoding/armor.js b/src/encoding/armor.js index 99c0d282..6f402546 100644 --- a/src/encoding/armor.js +++ b/src/encoding/armor.js @@ -182,15 +182,17 @@ function createcrc24(input) { } /** - * Verify armored headers. RFC4880, section 6.3: "OpenPGP should consider improperly formatted - * Armor Headers to be corruption of the ASCII Armor." + * Verify armored headers. crypto-refresh-06, section 6.2: + * "An OpenPGP implementation may consider improperly formatted Armor + * Headers to be corruption of the ASCII Armor, but SHOULD make an + * effort to recover." * @private * @param {Array<String>} headers - Armor headers */ function verifyHeaders(headers) { for (let i = 0; i < headers.length; i++) { if (!/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(headers[i])) { - throw new Error('Improperly formatted armor header: ' + headers[i]); + util.printDebugError(new Error('Improperly formatted armor header: ' + headers[i])); } if (!/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(headers[i])) { util.printDebugError(new Error('Unknown header: ' + headers[i])); diff --git a/test/general/armor.js b/test/general/armor.js index c7958546..1611fcd1 100644 --- a/test/general/armor.js +++ b/test/general/armor.js @@ -101,21 +101,14 @@ module.exports = () => describe('ASCII armor', function() { expect(msg).to.be.an.instanceof(openpgp.CleartextMessage); }); - it('Exception if improperly formatted armor header - plaintext section', async function () { - let msg = getArmor(['Hash:SHA256']); - msg = openpgp.readCleartextMessage({ cleartextMessage: msg }); - await expect(msg).to.be.rejectedWith(Error, /Improperly formatted armor header/); - msg = getArmor(['Ha sh: SHA256']); - msg = openpgp.readCleartextMessage({ cleartextMessage: msg }); + it('Exception if header is not Hash in cleartext signed message', async function () { + const msg = openpgp.readCleartextMessage({ cleartextMessage: getArmor(['Ha sh: SHA256']) }); await expect(msg).to.be.rejectedWith(Error, /Only "Hash" header allowed in cleartext signed message/); - msg = getArmor(['Hash SHA256']); - msg = openpgp.readCleartextMessage({ cleartextMessage: msg }); - await expect(msg).to.be.rejectedWith(Error, /Improperly formatted armor header/); }); - it('Exception if improperly formatted armor header - signature section', async function () { + it('Ignore improperly formatted armor header', async function () { await Promise.all(['Space : trailing', 'Space :switched', ': empty', 'none', 'Space:missing'].map(async function (invalidHeader) { - await expect(openpgp.readCleartextMessage({ cleartextMessage: getArmor(['Hash: SHA1'], [invalidHeader]) })).to.be.rejectedWith(Error, /Improperly formatted armor header/); + expect(await openpgp.readCleartextMessage({ cleartextMessage: getArmor(['Hash: SHA1'], [invalidHeader]) })).to.be.an.instanceof(openpgp.CleartextMessage); })); }); |