Leave unhashed subpackets as-is when re-serializing signatures (#1561)

When re-serializing a signature packet, don't add Issuer, Issuer
Fingerprint, and Embedded Signature subpackets to the unhashed
subpackets if they weren't already there.

Also, store all unhashed subpackets in `signature.unhashedSubpackets`,
not just the "disallowed" ones.

src/packet/signature.js

@@ -188,6 +188,9 @@ class SignaturePacket {
     // Add hashed subpackets
     arr.push(this.writeHashedSubPackets());
 
+    // Set unhashed subpackets for serialization
+    this.unhashedSubpackets = this.createUnhashedSubPackets();
+
     this.signatureData = util.concat(arr);
 
     const toHash = this.toHash(this.signatureType, data, detached);
@@ -315,26 +318,36 @@ class SignaturePacket {
   }
 
   /**
-   * Creates Uint8Array of bytes of Issuer and Embedded Signature subpackets
-   * @returns {Uint8Array} Subpacket data.
+   * Returns the Issuer, Issuer Fingperprint, and Embedded Signature subpacket bodies
+   * @returns {Array<Uint8Array>} Subpackets.
    */
-  writeUnhashedSubPackets() {
+  createUnhashedSubPackets() {
     const sub = enums.signatureSubpacket;
     const arr = [];
     let bytes;
     if (!this.issuerKeyID.isNull() && this.issuerKeyVersion !== 5) {
       // If the version of [the] key is greater than 4, this subpacket
       // MUST NOT be included in the signature.
-      arr.push(writeSubPacket(sub.issuer, this.issuerKeyID.write()));
+      arr.push(writeSubPacketBody(sub.issuer, this.issuerKeyID.write()));
     }
     if (this.embeddedSignature !== null) {
-      arr.push(writeSubPacket(sub.embeddedSignature, this.embeddedSignature.write()));
+      arr.push(writeSubPacketBody(sub.embeddedSignature, this.embeddedSignature.write()));
     }
     if (this.issuerFingerprint !== null) {
       bytes = [new Uint8Array([this.issuerKeyVersion]), this.issuerFingerprint];
       bytes = util.concat(bytes);
-      arr.push(writeSubPacket(sub.issuerFingerprint, bytes));
+      arr.push(writeSubPacketBody(sub.issuerFingerprint, bytes));
     }
+
+    return arr;
+  }
+
+  /**
+   * Creates an Uint8Array containing the unhashed subpackets
+   * @returns {Uint8Array} Subpacket data.
+   */
+  writeUnhashedSubPackets() {
+    const arr = [];
     this.unhashedSubpackets.forEach(data => {
       arr.push(writeSimpleLength(data.length));
       arr.push(data);
@@ -354,9 +367,11 @@ class SignaturePacket {
     const critical = bytes[mypos] & 0x80;
     const type = bytes[mypos] & 0x7F;
 
-    if (!hashed && !allowedUnhashedSubpackets.has(type)) {
+    if (!hashed) {
       this.unhashedSubpackets.push(bytes.subarray(mypos, bytes.length));
-      return;
+      if (!allowedUnhashedSubpackets.has(type)) {
+        return;
+      }
     }
 
     mypos++;
@@ -762,3 +777,19 @@ function writeSubPacket(type, data) {
   arr.push(data);
   return util.concat(arr);
 }
+
+/**
+ * Creates a string representation of the body of a sub-packet (without length)
+ * @see {@link https://tools.ietf.org/html/rfc4880#section-5.2.3.1|RFC4880 5.2.3.1}
+ * @see {@link https://tools.ietf.org/html/rfc4880#section-5.2.3.2|RFC4880 5.2.3.2}
+ * @param {Integer} type - Subpacket signature type.
+ * @param {String} data - Data to be included
+ * @returns {Uint8Array} A string-representation of a sub signature packet.
+ * @private
+ */
+function writeSubPacketBody(type, data) {
+  const arr = [];
+  arr.push(new Uint8Array([type]));
+  arr.push(data);
+  return util.concat(arr);
+}