|
|
|
@ -249,6 +249,55 @@ function importPrivateKey() {
|
|
|
|
|
}, ".asc");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Call the native system GPG to "decrypt" a PGP signature. This should work when the hacky "base64 decode and search for strings" method fails.
|
|
|
|
|
* @param {String} sigdata
|
|
|
|
|
* @param {Function} callback (string) message, (string) fingerprint, (bool) success
|
|
|
|
|
* @returns {undefined}
|
|
|
|
|
*/
|
|
|
|
|
function readSignatureExternally(sigdata, callback) {
|
|
|
|
|
const exec = require('child_process').exec;
|
|
|
|
|
const os = require('os');
|
|
|
|
|
const process = require('process');
|
|
|
|
|
|
|
|
|
|
const sigfilepath = getNewTempFilePath() + ".asc";
|
|
|
|
|
writeToFile(sigfilepath, sigdata);
|
|
|
|
|
|
|
|
|
|
var gpgexecutable = "gpg";
|
|
|
|
|
switch (os.platform()) {
|
|
|
|
|
case "win32":
|
|
|
|
|
// Most systems will have it here
|
|
|
|
|
gpgexecutable = '"C:\\Program Files (x86)\\gnupg\\bin\\gpg.exe"';
|
|
|
|
|
if (!fs.existsSync(gpgexecutable)) {
|
|
|
|
|
// Let's hope it's in %PATH%
|
|
|
|
|
gpgexecutable = "gpg.exe";
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case "linux":
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var command = gpgexecutable + " -vv --decrypt " + sigfilepath;
|
|
|
|
|
exec(command, function (error, stdout, stderr) {
|
|
|
|
|
console.log(stdout);
|
|
|
|
|
var msg = null;
|
|
|
|
|
if (stdout.length > 50) {
|
|
|
|
|
msg = stdout;
|
|
|
|
|
} else {
|
|
|
|
|
callback(null, null, false);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var keyid = null;
|
|
|
|
|
var keyidregex = /(keyid|RSA key) ([A-F0-9]+)/;
|
|
|
|
|
if (keyidregex.test(stderr)) {
|
|
|
|
|
keyid = stderr.match(keyidregex)[2];
|
|
|
|
|
}
|
|
|
|
|
callback(msg, keyid, true);
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function calculateSHA256HashOfBuffer(buffer) {
|
|
|
|
|
const hasha = require('hasha');
|
|
|
|
|
var hashstr = hasha(Buffer.from(buffer), {algorithm: 'sha256'});
|
|
|
|
|