({message, armored, keyringId, unlockKey, senderAddress, selfSigned, uiLogSource, lookupKey})
| 62 | * decode the body parts via the MIME parser's charset handling. |
| 63 | */ |
| 64 | export async function decryptMessage({message, armored, keyringId, unlockKey, senderAddress, selfSigned, uiLogSource, lookupKey}) { |
| 65 | message ??= await readMessage({armoredMessage: armored}); |
| 66 | const encryptionKeyIds = message.getEncryptionKeyIDs(); |
| 67 | const keyring = await getKeyringWithPrivKey(encryptionKeyIds, keyringId); |
| 68 | if (!keyring) { |
| 69 | throw noKeyFoundError(encryptionKeyIds); |
| 70 | } |
| 71 | let local; |
| 72 | if (lookupKey) { |
| 73 | ({local} = await acquireSigningKeys({senderAddress, keyring, lookupKey})); |
| 74 | } |
| 75 | try { |
| 76 | let {data, signatures} = await keyring.getPgpBackend().decrypt({ |
| 77 | armored, message, keyring, encryptionKeyIds, |
| 78 | unlockKey: options => unlockKey({message, ...options}), |
| 79 | format: 'binary', |
| 80 | }); |
| 81 | await logDecryption(uiLogSource, keyring, encryptionKeyIds, senderAddress); |
| 82 | if (selfSigned) { |
| 83 | // filter out foreign signatures |
| 84 | signatures = signatures.filter(sig => keyring.getPrivateKeyByIds(sig.fingerprint || sig.keyId)); |
| 85 | } |
| 86 | if (local) { |
| 87 | const unknownSig = signatures.find(sig => sig.valid === null); |
| 88 | if (unknownSig) { |
| 89 | // if local key existed, but unknown signature, we try key discovery |
| 90 | const keyId = keyIDfromHex(unknownSig); |
| 91 | await acquireSigningKeys({senderAddress, keyring, lookupKey, keyId}); |
| 92 | } |
| 93 | } |
| 94 | // collect fingerprints or keyIds of signatures |
| 95 | const sigKeyIds = signatures.map(sig => sig.fingerprint || sig.keyId); |
| 96 | // sync public keys for the signatures |
| 97 | await syncPublicKeys({keyring, keyIds: sigKeyIds, keyringId}); |
| 98 | await updateKeyBinding(keyring, senderAddress, signatures); |
| 99 | await addSignatureDetails({signatures, keyring, senderAddress}); |
| 100 | return {data, signatures}; |
| 101 | } catch (e) { |
| 102 | console.log('getPgpBackend().decrypt() error', e); |
| 103 | throw e; |
| 104 | } |
| 105 | } |
| 106 | |
| 107 | /** |
| 108 | * Add signing key details to signature. Validate if sender identity matches signature. |
no test coverage detected