Skip to content

Commit 4d2cf85

Browse files
camoredocamoredo
authored
Ignore improperly formatted armor headers (#1557)
Show a debug warning instead of throwing an error on malformed headers.
1 parent 93644b7 commit 4d2cf85

2 files changed

Lines changed: 9 additions & 14 deletions

File tree

src/encoding/armor.js

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -182,15 +182,17 @@ function createcrc24(input) {
182182
}
183183

184184
/**
185-
* Verify armored headers. RFC4880, section 6.3: "OpenPGP should consider improperly formatted
186-
* Armor Headers to be corruption of the ASCII Armor."
185+
* Verify armored headers. crypto-refresh-06, section 6.2:
186+
* "An OpenPGP implementation may consider improperly formatted Armor
187+
* Headers to be corruption of the ASCII Armor, but SHOULD make an
188+
* effort to recover."
187189
* @private
188190
* @param {Array<String>} headers - Armor headers
189191
*/
190192
function verifyHeaders(headers) {
191193
for (let i = 0; i < headers.length; i++) {
192194
if (!/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(headers[i])) {
193-
throw new Error('Improperly formatted armor header: ' + headers[i]);
195+
util.printDebugError(new Error('Improperly formatted armor header: ' + headers[i]));
194196
}
195197
if (!/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(headers[i])) {
196198
util.printDebugError(new Error('Unknown header: ' + headers[i]));

test/general/armor.js

Lines changed: 4 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -101,21 +101,14 @@ module.exports = () => describe('ASCII armor', function() {
101101
expect(msg).to.be.an.instanceof(openpgp.CleartextMessage);
102102
});
103103

104-
it('Exception if improperly formatted armor header - plaintext section', async function () {
105-
let msg = getArmor(['Hash:SHA256']);
106-
msg = openpgp.readCleartextMessage({ cleartextMessage: msg });
107-
await expect(msg).to.be.rejectedWith(Error, /Improperly formatted armor header/);
108-
msg = getArmor(['Ha sh: SHA256']);
109-
msg = openpgp.readCleartextMessage({ cleartextMessage: msg });
104+
it('Exception if header is not Hash in cleartext signed message', async function () {
105+
const msg = openpgp.readCleartextMessage({ cleartextMessage: getArmor(['Ha sh: SHA256']) });
110106
await expect(msg).to.be.rejectedWith(Error, /Only "Hash" header allowed in cleartext signed message/);
111-
msg = getArmor(['Hash SHA256']);
112-
msg = openpgp.readCleartextMessage({ cleartextMessage: msg });
113-
await expect(msg).to.be.rejectedWith(Error, /Improperly formatted armor header/);
114107
});
115108

116-
it('Exception if improperly formatted armor header - signature section', async function () {
109+
it('Ignore improperly formatted armor header', async function () {
117110
await Promise.all(['Space : trailing', 'Space :switched', ': empty', 'none', 'Space:missing'].map(async function (invalidHeader) {
118-
await expect(openpgp.readCleartextMessage({ cleartextMessage: getArmor(['Hash: SHA1'], [invalidHeader]) })).to.be.rejectedWith(Error, /Improperly formatted armor header/);
111+
expect(await openpgp.readCleartextMessage({ cleartextMessage: getArmor(['Hash: SHA1'], [invalidHeader]) })).to.be.an.instanceof(openpgp.CleartextMessage);
119112
}));
120113
});
121114

0 commit comments

Comments
 (0)