Add additionalAllowedPackets config option

openpgpjs · Mar 28, 2023 · f111f0d · f111f0d
1 parent f72e34f
commit f111f0d
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 0 deletions.
diff --git a/src/config/config.js b/src/config/config.js
@@ -177,6 +177,14 @@ export default {
    * @property {Boolean} ignoreMalformedPackets Ignore malformed packets on parsing instead of throwing an error
    */
   ignoreMalformedPackets: false,
+  /**
+   * Parsing of packets is normally restricted to a predefined set of packets. For example a Sym. Encrypted Integrity Protected Data Packet can only
+   * contain a certain set of packets including LiteralDataPacket. With this setting we can allow additional packets, which is probably not advisable
+   * as a global config setting, but can be used for specific function calls (e.g. decrypt method of Message).
+   * @memberof module:config
+   * @property {Array} additionalAllowedPackets Allow additional packets on parsing. Defined as array of packet classes, e.g. [PublicKeyPacket]
+   */
+  additionalAllowedPackets: [],
   /**
    * @memberof module:config
    * @property {Boolean} showVersion Whether to include {@link module:config/config.versionString} in armored messages

diff --git a/src/packet/packetlist.js b/src/packet/packetlist.js
@@ -64,6 +64,9 @@ class PacketList extends Array {
    * @async
    */
   async read(bytes, allowedPackets, config = defaultConfig) {
+    if (config.additionalAllowedPackets.length) {
+      allowedPackets = { ...allowedPackets, ...util.constructAllowedPackets(config.additionalAllowedPackets) };
+    }
     this.stream = stream.transformPair(bytes, async (readable, writable) => {
       const writer = stream.getWriter(writable);
       try {

diff --git a/test/general/packet.js b/test/general/packet.js
@@ -1052,5 +1052,20 @@ kePFjAnu9cpynKXu3usf8+FuBw2zLsg1Id1n7ttxoAte416KjBN9lFBt8mcu
       expect(parsed.length).to.equal(1);
       expect(parsed[0].tag).to.equal(openpgp.enums.packet.userID);
     });
+
+    it('Allow parsing of additional packets provided in `config.additionalAllowedPackets`', async function () {
+      const packets = new openpgp.PacketList();
+      packets.push(new openpgp.LiteralDataPacket());
+      packets.push(openpgp.UserIDPacket.fromObject({ name:'test', email:'test@a.it' }));
+      const bytes = packets.write();
+      const allowedPackets = { [openpgp.enums.packet.literalData]: openpgp.LiteralDataPacket };
+      await expect(openpgp.PacketList.fromBinary(bytes, allowedPackets)).to.be.rejectedWith(/Packet not allowed in this context: userID/);
+      const parsed = await openpgp.PacketList.fromBinary(bytes, allowedPackets, { ...openpgp.config, additionalAllowedPackets: [openpgp.UserIDPacket] });
+      expect(parsed.length).to.equal(1);
+      expect(parsed[0].constructor.tag).to.equal(openpgp.enums.packet.literalData);
+      const otherPackets = await stream.readToEnd(parsed.stream, _ => _);
+      expect(otherPackets.length).to.equal(1);
+      expect(otherPackets[0].constructor.tag).to.equal(openpgp.enums.packet.userID);
+    });
   });
 });