Can we have this discussion on GitHub? I created a new issue: https://github.com/openpgpjs/openpgpjs/issues/209
Tim, the handling of '\r' definitely needs fixes. A pull request with some unit tests that demonstrate your use case would be very much welcome. Thomas On Wed, Apr 9, 2014 at 6:48 PM, Robert B. Nelson <[email protected]> wrote: > Or just: > > var reEmptyLine = /^\s*$/; > > ----- Original Message ----- > | From: "Robert B. Nelson" <[email protected]> > | To: "OpenPGP.js Mailing List" <[email protected]> > | Sent: Wednesday, April 9, 2014 9:45:24 AM > | Subject: Re: [openpgpjs] openpgpjs read signature block & binary signing > | > | It should be > | > | var reEmptyLine = /^[\t ]*\n/m; > | > | or maybe > | > | var reEmptyLine = /^[\t ]*$/; > | > | > | ----- Original Message ----- > | | From: "Tim Prepscius" <[email protected]> > | | To: "OpenPGP.js Mailing List" <[email protected]> > | | Sent: Wednesday, April 9, 2014 9:37:33 AM > | | Subject: Re: [openpgpjs] openpgpjs read signature block & binary signing > | | > | | poss: var reEmptyLine = /^\s*?\n/m; > | | > | | On 4/9/14, Tim Prepscius <[email protected]> wrote: > | | > I believe: > | | > > | | > function splitHeaders(text) { > | | > var reEmptyLine = /^\s*\n/m; > | | > var headers = ''; > | | > var body = text; > | | > > | | > var matchResult = reEmptyLine.exec(text); > | | > > | | > if (matchResult !== null) { > | | > headers = text.slice(0, matchResult.index); > | | > body = text.slice(matchResult.index + matchResult[0].length); > | | > > | | > is the offending code: > | | > > | | > the var reEmptyLine = /^\s*\n/m; > | | > > | | > is matching multiple empty lines, however it should just match one. > | | > > | | > On 4/9/14, Tim Prepscius <[email protected]> wrote: > | | >> I'm sorry to say I'm bringer of more bugs. Please don't hate me. ;-) > | | >> > | | >> Openpgpjs is not retaining extra newlines at the beginning (and > | | >> possibly end) of a message. > | | >> > | | >> http://pastebin.com/raw.php?i=evxQULSE > | | >> > | | >> fails, but it should succeed. > | | >> I'm making a workaround. > | | >> > | | >> > | | >> Also, if I have a message which I have read (like the paste bin above) > | | >> and then ask openpgpjs to write out the armored version, it does not > | | >> place the correct SHA1, but instead changes it to SHA256. I don't > | | >> actually do this, so I'm not concerned about it, but it may point to a > | | >> bug somewhere else. > | | >> > | | >> > | | >> > | | >> -tim > | | >> > | | >> On 4/8/14, Tim Prepscius <[email protected]> wrote: > | | >>> Also, I'm having to compensate for lots of "unescapes" \r\n in > general. > | | >>> It would be nice if they happened only one place (before checking a > | | >>> signature, or something like that). > | | >>> > | | >>> > | | >>> For instance, the decompressing process looks like this: > | | >>> > | | >>> }, c.prototype.decompress = function() { > | | >>> var a, b; > | | >>> switch (this.algorithm) { > | | >>> case "uncompressed": > | | >>> a = this.compressed; > | | >>> break; > | | >>> case "zip": > | | >>> compData = this.compressed, b = > | | >>> f.encode(compData).replace(/\n/g, ""); > | | >>> var c = new > | | >>> e.Util.Unzip(e.Util.Base64.decodeAsArray(b)); > | | >>> a = unescape(c.deflate()[0][0]); > | | >>> break; > | | >>> case "zlib": > | | >>> > | | >>> > | | >>> > | | >>> that: > | | >>> a = unescape(c.deflate()[0][0]); > | | >>> > | | >>> is causing signatures to fail. > | | >>> > | | >>> Anyhowz, keep up good work, will substitute a decompress function. > | | >>> > | | >>> -tim > | | >>> > | | >>> > | | >>> On 4/7/14, Tim Prepscius <[email protected]> wrote: > | | >>>> Just so you know, I believe you will need to make another change. > | | >>>> (I think) > | | >>>> > | | >>>> When I look at the minified with Chrome, I see the verify function > | | >>>> calls "setText" on a "Literal"... > | | >>>> > | | >>>> that "setText" code also removes \r > | | >>>> so even if the message is "fromBinary" (unless there is some > mechanism > | | >>>> in the code I don't know), the msg.verify ?might? still fail? > | | >>>> > | | >>>> Anyhowz, > | | >>>> > | | >>>> looking forward to next version, > | | >>>> > | | >>>> -tim > | | >>>> > | | >>>> On 4/7/14, Thomas Oberndörfer <[email protected]> wrote: > | | >>>>> I see, this scenario is currently not supported. > | | >>>>> You are having a binary and signature packets as base64. > | | >>>>> > | | >>>>> First we would need to expose the base64 module to openpgp > namespace. > | | >>>>> Then you could do something like: > | | >>>>> > | | >>>>> - create message msg with openpgp.message.fromBinary(binary) > | | >>>>> - decode base64 signatures, read result into new packetlist > | | >>>>> - concat signature packetlist to msg.packets > | | >>>>> - call msg.verify... > | | >>>>> > | | >>>>> Thomas > | | >>>>> > | | >>>>> On Mon, Apr 7, 2014 at 4:38 PM, Tim Prepscius > | | >>>>> <[email protected]> > | | >>>>> wrote: > | | >>>>>> Here's my work around, it shows the difficulties I'm having. > | | >>>>>> > | | >>>>>> (I'd copy-paste,but i think the formatting is going to come through > | | >>>>>> even more badly) > | | >>>>>> > | | >>>>>> http://pastebin.com/raw.php?i=AJUHtyzH > | | >>>>>> > | | >>>>>> -tim > | | >>>>>> > | | >>>>>> > | | >>>>>> On 4/7/14, Thomas Oberndörfer <[email protected]> wrote: > | | >>>>>>>> 1. Can openpgpjs read a signature directly? > | | >>>>>>> > | | >>>>>>> Here is an example: > | | >>>>>>> > https://github.com/openpgpjs/openpgpjs/blob/master/test/general/signature.js#L472 > | | >>>>>>> > | | >>>>>>>> 2. Can openpgjs handle binary signatures? > | | >>>>>>> > | | >>>>>>> You could do: > | | >>>>>>> > | | >>>>>>> openpgp.message.fromBinary('\r').sign(... > | | >>>>>>> > | | >>>>>>> Or what is your exact use case? > | | >>>>>>> > | | >>>>>>> Thomas > | | >>>>>>> > | | >>>>>>> > | | >>>>>>> On Mon, Apr 7, 2014 at 4:08 AM, Tim Prepscius > | | >>>>>>> <[email protected]> > | | >>>>>>> wrote: > | | >>>>>>>> I just wanted to check to make sure I've not overlooked it: > | | >>>>>>>> > | | >>>>>>>> 1. Can openpgpjs read a signature directly? > | | >>>>>>>> (I haven't found it, and am using this kludge > | | >>>>>>>> > | | >>>>>>>> // i'm having problems getting the signature with > | | >>>>>>>> openpgpjs, so I > | | >>>>>>>> make a fake message and > | | >>>>>>>> // then get the signature from that > | | >>>>>>>> > | | >>>>>>>> var armoredText = "-----BEGIN PGP SIGNED > | | >>>>>>>> MESSAGE-----\n\n" > | | >>>>>>>> + data[1]; > | | >>>>>>>> var input = > | | >>>>>>>> window.openpgp.armor.decode(armoredText); > | | >>>>>>>> var packetlist = new > window.openpgp.packet.List(); > | | >>>>>>>> packetlist.read(input.data); > | | >>>>>>>> > | | >>>>>>>> ) > | | >>>>>>>> > | | >>>>>>>> > | | >>>>>>>> 2. Can openpgjs handle binary signatures? > | | >>>>>>>> > | | >>>>>>>> Actually I sort of know that it can't. Or, any signature that > | | >>>>>>>> requires the \r. -- And have done a work around. Is a bug for > | | >>>>>>>> that > | | >>>>>>>> somewhere I can put myself as a watcher? I'd like to eventually > | | >>>>>>>> remove my work-around. > | | >>>>>>>> > | | >>>>>>>> -tim > | | >>>>>>>> _______________________________________________ > | | >>>>>>>> > | | >>>>>>>> http://openpgpjs.org > | | >>>>>>>> Subscribe/unsubscribe: http://list.openpgpjs.org > | | >>>>>>> _______________________________________________ > | | >>>>>>> > | | >>>>>>> http://openpgpjs.org > | | >>>>>>> Subscribe/unsubscribe: http://list.openpgpjs.org > | | >>>>>>> > | | >>>>>> _______________________________________________ > | | >>>>>> > | | >>>>>> http://openpgpjs.org > | | >>>>>> Subscribe/unsubscribe: http://list.openpgpjs.org > | | >>>>> _______________________________________________ > | | >>>>> > | | >>>>> http://openpgpjs.org > | | >>>>> Subscribe/unsubscribe: http://list.openpgpjs.org > | | >>>>> > | | >>>> > | | >>> > | | >> > | | > > | | _______________________________________________ > | | > | | http://openpgpjs.org > | | Subscribe/unsubscribe: http://list.openpgpjs.org > | | > | _______________________________________________ > | > | http://openpgpjs.org > | Subscribe/unsubscribe: http://list.openpgpjs.org > _______________________________________________ > > http://openpgpjs.org > Subscribe/unsubscribe: http://list.openpgpjs.org _______________________________________________ http://openpgpjs.org Subscribe/unsubscribe: http://list.openpgpjs.org
