Use createPGPMessage instead of CryptoNewPGPMessage to support ASCII-armored password with YubiKey (#658)

2024-11-30 11:29:27 -08:00 · 2024-11-30 11:29:27 -08:00 · c5d9d258d8
commit c5d9d258d8
parent 5bf7ff2da7
2 changed files with 13 additions and 13 deletions
--- a/pass/Services/PasswordDecryptor.swift
+++ b/pass/Services/PasswordDecryptor.swift
@ -206,7 +206,7 @@ func verifyPin(smartCard: YKFSmartCardInterface, pin: String) async throws {

 func decipher(smartCard: YKFSmartCardInterface, ciphertext: Data, chained: Bool) async throws -> Data {
    var error: NSError?
-    let message = CryptoNewPGPMessage(ciphertext)
+    let message = createPGPMessage(from: ciphertext)
    guard let mpi1 = Gopenpgp.HelperPassGetEncryptedMPI1(message, &error) else {
        throw AppError.yubiKey(.decipher(message: "Failed to get encrypted MPI."))
    }
@ -225,7 +225,7 @@ func decipher(smartCard: YKFSmartCardInterface, ciphertext: Data, chained: Bool)
 }

 func decryptPassword(deciphered: Data, ciphertext: Data) throws -> String {
-    let message = CryptoNewPGPMessage(ciphertext)
+    let message = createPGPMessage(from: ciphertext)

    guard let algoByte = deciphered.first, let algo = symmetricKeyIDNameDict[algoByte] else {
        throw AppError.yubiKey(.decipher(message: "Failed to new session key."))
--- a/passKit/Crypto/GopenPGPInterface.swift
+++ b/passKit/Crypto/GopenPGPInterface.swift
@ -147,8 +147,9 @@ struct GopenPGPInterface: PGPInterface {
    var shortKeyID: [String] {
        publicKeys.keys.map { $0.suffix(8).uppercased() }
    }
+}

-    private func createPGPMessage(from encryptedData: Data) -> CryptoPGPMessage? {
+public func createPGPMessage(from encryptedData: Data) -> CryptoPGPMessage? {
    // Important note:
    // Even if Defaults.encryptInArmored is true now, it could be different during the encryption.
    var error: NSError?
@ -158,4 +159,3 @@ struct GopenPGPInterface: PGPInterface {
    }
    return CryptoNewPGPMessage(encryptedData.mutable as Data)
 }
-}