(armoredBlock, code)
| 363 | } |
| 364 | |
| 365 | export async function restorePrivateKeyBackup(armoredBlock, code) { |
| 366 | let message = await pgpReadMessage({armoredMessage: armoredBlock}); |
| 367 | if (!(message.packets.length === 2 && |
| 368 | message.packets[0].constructor.tag === enums.packet.symEncryptedSessionKey && // Symmetric-Key Encrypted Session Key Packet |
| 369 | message.packets[0].sessionKeyAlgorithm === enums.symmetric.aes256 && |
| 370 | (message.packets[0].sessionKeyEncryptionAlgorithm === null || message.packets[0].sessionKeyEncryptionAlgorithm === enums.symmetric.aes256) && |
| 371 | message.packets[1].constructor.tag === enums.packet.symEncryptedIntegrityProtectedData // Sym. Encrypted Integrity Protected Data Packet |
| 372 | )) { |
| 373 | throw new MvError('Illegal private key backup structure.'); |
| 374 | } |
| 375 | try { |
| 376 | message = await message.decrypt(null, [code], undefined, undefined, {...pgpConfig, additionalAllowedPackets: [SecretKeyPacket, UserIDPacket, SignaturePacket, SecretSubkeyPacket]}); |
| 377 | } catch (e) { |
| 378 | throw new MvError('Could not decrypt message with this restore code', 'WRONG_RESTORE_CODE'); |
| 379 | } |
| 380 | // extract password |
| 381 | const metaInfo = await readToEnd(message.getText()); |
| 382 | const pwd = parseMetaInfo(metaInfo).Pwd; |
| 383 | // remove literal data packet |
| 384 | const keyPackets = await readToEnd(message.packets.stream, _ => _); |
| 385 | const privKey = new PrivateKey(keyPackets); |
| 386 | return {key: privKey, password: pwd}; |
| 387 | } |
| 388 | |
| 389 | /** |
| 390 | * @param {openpgp.key.Key} key - key to decrypt and verify signature |
no test coverage detected