Merge pull request #739 from twiss/key-expiry-capabilities
Allow checking expiry of key by capabilities
This commit is contained in:
Sanjana Rajan
GitHub
commit
11b2d2de3c
235
src/key.js
235
src/key.js
|
|
@ -43,17 +43,25 @@ export function Key(packetlist) {
|
||||||
return new Key(packetlist);
|
return new Key(packetlist);
|
||||||
}
|
}
|
||||||
// same data as in packetlist but in structured form
|
// same data as in packetlist but in structured form
|
||||||
this.primaryKey = null;
|
this.keyPacket = null;
|
||||||
this.revocationSignatures = [];
|
this.revocationSignatures = [];
|
||||||
this.directSignatures = [];
|
this.directSignatures = [];
|
||||||
this.users = [];
|
this.users = [];
|
||||||
this.subKeys = [];
|
this.subKeys = [];
|
||||||
this.packetlist2structure(packetlist);
|
this.packetlist2structure(packetlist);
|
||||||
if (!this.primaryKey || !this.users.length) {
|
if (!this.keyPacket || !this.users.length) {
|
||||||
throw new Error('Invalid key: need at least key and user ID packet');
|
throw new Error('Invalid key: need at least key and user ID packet');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Object.defineProperty(Key.prototype, 'primaryKey', {
|
||||||
|
get() {
|
||||||
|
return this.keyPacket;
|
||||||
|
},
|
||||||
|
configurable: true,
|
||||||
|
enumerable: true
|
||||||
|
});
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Transforms packetlist to structured key data
|
* Transforms packetlist to structured key data
|
||||||
* @param {module:packet.List} packetlist The packets that form a key
|
* @param {module:packet.List} packetlist The packets that form a key
|
||||||
|
|
@ -66,8 +74,8 @@ Key.prototype.packetlist2structure = function(packetlist) {
|
||||||
switch (packetlist[i].tag) {
|
switch (packetlist[i].tag) {
|
||||||
case enums.packet.publicKey:
|
case enums.packet.publicKey:
|
||||||
case enums.packet.secretKey:
|
case enums.packet.secretKey:
|
||||||
this.primaryKey = packetlist[i];
|
this.keyPacket = packetlist[i];
|
||||||
primaryKeyId = this.primaryKey.getKeyId();
|
primaryKeyId = this.getKeyId();
|
||||||
break;
|
break;
|
||||||
case enums.packet.userid:
|
case enums.packet.userid:
|
||||||
case enums.packet.userAttribute:
|
case enums.packet.userAttribute:
|
||||||
|
|
@ -135,7 +143,7 @@ Key.prototype.packetlist2structure = function(packetlist) {
|
||||||
*/
|
*/
|
||||||
Key.prototype.toPacketlist = function() {
|
Key.prototype.toPacketlist = function() {
|
||||||
const packetlist = new packet.List();
|
const packetlist = new packet.List();
|
||||||
packetlist.push(this.primaryKey);
|
packetlist.push(this.keyPacket);
|
||||||
packetlist.concat(this.revocationSignatures);
|
packetlist.concat(this.revocationSignatures);
|
||||||
packetlist.concat(this.directSignatures);
|
packetlist.concat(this.directSignatures);
|
||||||
this.users.map(user => packetlist.concat(user.toPacketlist()));
|
this.users.map(user => packetlist.concat(user.toPacketlist()));
|
||||||
|
|
@ -147,31 +155,30 @@ Key.prototype.toPacketlist = function() {
|
||||||
* Returns packetlist containing all public or private subkey packets matching keyId;
|
* Returns packetlist containing all public or private subkey packets matching keyId;
|
||||||
* If keyId is not present, returns all subkey packets.
|
* If keyId is not present, returns all subkey packets.
|
||||||
* @param {type/keyid} keyId
|
* @param {type/keyid} keyId
|
||||||
* @returns {module:packet.List}
|
* @returns {Array<SubKey>}
|
||||||
*/
|
*/
|
||||||
Key.prototype.getSubkeyPackets = function(keyId=null) {
|
Key.prototype.getSubkeys = function(keyId=null) {
|
||||||
const packets = new packet.List();
|
const subKeys = [];
|
||||||
this.subKeys.forEach(subKey => {
|
this.subKeys.forEach(subKey => {
|
||||||
if (!keyId || subKey.subKey.getKeyId().equals(keyId, true)) {
|
if (!keyId || subKey.getKeyId().equals(keyId, true)) {
|
||||||
packets.push(subKey.subKey);
|
subKeys.push(subKey);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
return packets;
|
return subKeys;
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns a packetlist containing all public or private key packets matching keyId.
|
* Returns a packetlist containing all public or private key packets matching keyId.
|
||||||
* If keyId is not present, returns all key packets starting with the primary key.
|
* If keyId is not present, returns all key packets starting with the primary key.
|
||||||
* @param {type/keyid} keyId
|
* @param {type/keyid} keyId
|
||||||
* @returns {module:packet.List}
|
* @returns {Array<Key|SubKey>}
|
||||||
*/
|
*/
|
||||||
Key.prototype.getKeyPackets = function(keyId=null) {
|
Key.prototype.getKeys = function(keyId=null) {
|
||||||
const packets = new packet.List();
|
const keys = [];
|
||||||
if (!keyId || this.primaryKey.getKeyId().equals(keyId, true)) {
|
if (!keyId || this.getKeyId().equals(keyId, true)) {
|
||||||
packets.push(this.primaryKey);
|
keys.push(this);
|
||||||
}
|
}
|
||||||
packets.concat(this.getSubkeyPackets(keyId));
|
return keys.concat(this.getSubkeys(keyId));
|
||||||
return packets;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -179,7 +186,7 @@ Key.prototype.getKeyPackets = function(keyId=null) {
|
||||||
* @returns {Array<module:type/keyid>}
|
* @returns {Array<module:type/keyid>}
|
||||||
*/
|
*/
|
||||||
Key.prototype.getKeyIds = function() {
|
Key.prototype.getKeyIds = function() {
|
||||||
return this.getKeyPackets().map(keyPacket => keyPacket.getKeyId());
|
return this.getKeys().map(key => key.getKeyId());
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -197,7 +204,7 @@ Key.prototype.getUserIds = function() {
|
||||||
* @returns {Boolean}
|
* @returns {Boolean}
|
||||||
*/
|
*/
|
||||||
Key.prototype.isPublic = function() {
|
Key.prototype.isPublic = function() {
|
||||||
return this.primaryKey.tag === enums.packet.publicKey;
|
return this.keyPacket.tag === enums.packet.publicKey;
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -205,7 +212,7 @@ Key.prototype.isPublic = function() {
|
||||||
* @returns {Boolean}
|
* @returns {Boolean}
|
||||||
*/
|
*/
|
||||||
Key.prototype.isPrivate = function() {
|
Key.prototype.isPrivate = function() {
|
||||||
return this.primaryKey.tag === enums.packet.secretKey;
|
return this.keyPacket.tag === enums.packet.secretKey;
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -276,24 +283,24 @@ function isValidSigningKeyPacket(keyPacket, signature, date=new Date()) {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns first key packet or key packet by given keyId that is available for signing and verification
|
* Returns last created key or key by given keyId that is available for signing and verification
|
||||||
* @param {module:type/keyid} keyId, optional
|
* @param {module:type/keyid} keyId, optional
|
||||||
* @param {Date} date use the given date for verification instead of the current time
|
* @param {Date} date use the given date for verification instead of the current time
|
||||||
* @param {Object} userId, optional user ID
|
* @param {Object} userId, optional user ID
|
||||||
* @returns {Promise<module:packet.SecretSubkey|
|
* @returns {Promise<Key|SubKey|null>} key or null if no signing key has been found
|
||||||
* module:packet.SecretKey|null>} key packet or null if no signing key has been found
|
|
||||||
* @async
|
* @async
|
||||||
*/
|
*/
|
||||||
Key.prototype.getSigningKeyPacket = async function (keyId=null, date=new Date(), userId={}) {
|
Key.prototype.getSigningKey = async function (keyId=null, date=new Date(), userId={}) {
|
||||||
const primaryKey = this.primaryKey;
|
const primaryKey = this.keyPacket;
|
||||||
if (await this.verifyPrimaryKey(date, userId) === enums.keyStatus.valid) {
|
if (await this.verifyPrimaryKey(date, userId) === enums.keyStatus.valid) {
|
||||||
for (let i = 0; i < this.subKeys.length; i++) {
|
const subKeys = this.subKeys.slice().sort((a, b) => b.created - a.created);
|
||||||
if (!keyId || this.subKeys[i].subKey.getKeyId().equals(keyId)) {
|
for (let i = 0; i < subKeys.length; i++) {
|
||||||
|
if (!keyId || subKeys[i].getKeyId().equals(keyId)) {
|
||||||
// eslint-disable-next-line no-await-in-loop
|
// eslint-disable-next-line no-await-in-loop
|
||||||
if (await this.subKeys[i].verify(primaryKey, date) === enums.keyStatus.valid) {
|
if (await subKeys[i].verify(primaryKey, date) === enums.keyStatus.valid) {
|
||||||
const bindingSignature = getLatestSignature(this.subKeys[i].bindingSignatures, date);
|
const bindingSignature = getLatestSignature(subKeys[i].bindingSignatures, date);
|
||||||
if (isValidSigningKeyPacket(this.subKeys[i].subKey, bindingSignature, date)) {
|
if (isValidSigningKeyPacket(subKeys[i].keyPacket, bindingSignature, date)) {
|
||||||
return this.subKeys[i].subKey;
|
return subKeys[i];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -301,7 +308,7 @@ Key.prototype.getSigningKeyPacket = async function (keyId=null, date=new Date(),
|
||||||
const primaryUser = await this.getPrimaryUser(date, userId);
|
const primaryUser = await this.getPrimaryUser(date, userId);
|
||||||
if (primaryUser && (!keyId || primaryKey.getKeyId().equals(keyId)) &&
|
if (primaryUser && (!keyId || primaryKey.getKeyId().equals(keyId)) &&
|
||||||
isValidSigningKeyPacket(primaryKey, primaryUser.selfCertification, date)) {
|
isValidSigningKeyPacket(primaryKey, primaryUser.selfCertification, date)) {
|
||||||
return primaryKey;
|
return this;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
|
|
@ -320,28 +327,26 @@ function isValidEncryptionKeyPacket(keyPacket, signature, date=new Date()) {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns first key packet or key packet by given keyId that is available for encryption or decryption
|
* Returns last created key or key by given keyId that is available for encryption or decryption
|
||||||
* @param {module:type/keyid} keyId, optional
|
* @param {module:type/keyid} keyId, optional
|
||||||
* @param {Date} date, optional
|
* @param {Date} date, optional
|
||||||
* @param {String} userId, optional
|
* @param {String} userId, optional
|
||||||
* @returns {Promise<module:packet.PublicSubkey|
|
* @returns {Promise<Key|SubKey|null>} key or null if no encryption key has been found
|
||||||
* module:packet.SecretSubkey|
|
|
||||||
* module:packet.SecretKey|
|
|
||||||
* module:packet.PublicKey|null>} key packet or null if no encryption key has been found
|
|
||||||
* @async
|
* @async
|
||||||
*/
|
*/
|
||||||
Key.prototype.getEncryptionKeyPacket = async function(keyId, date=new Date(), userId={}) {
|
Key.prototype.getEncryptionKey = async function(keyId, date=new Date(), userId={}) {
|
||||||
const primaryKey = this.primaryKey;
|
const primaryKey = this.keyPacket;
|
||||||
if (await this.verifyPrimaryKey(date, userId) === enums.keyStatus.valid) {
|
if (await this.verifyPrimaryKey(date, userId) === enums.keyStatus.valid) {
|
||||||
// V4: by convention subkeys are preferred for encryption service
|
// V4: by convention subkeys are preferred for encryption service
|
||||||
// V3: keys MUST NOT have subkeys
|
// V3: keys MUST NOT have subkeys
|
||||||
for (let i = 0; i < this.subKeys.length; i++) {
|
const subKeys = this.subKeys.slice().sort((a, b) => b.created - a.created);
|
||||||
if (!keyId || this.subKeys[i].subKey.getKeyId().equals(keyId)) {
|
for (let i = 0; i < subKeys.length; i++) {
|
||||||
|
if (!keyId || subKeys[i].getKeyId().equals(keyId)) {
|
||||||
// eslint-disable-next-line no-await-in-loop
|
// eslint-disable-next-line no-await-in-loop
|
||||||
if (await this.subKeys[i].verify(primaryKey, date) === enums.keyStatus.valid) {
|
if (await subKeys[i].verify(primaryKey, date) === enums.keyStatus.valid) {
|
||||||
const bindingSignature = getLatestSignature(this.subKeys[i].bindingSignatures, date);
|
const bindingSignature = getLatestSignature(subKeys[i].bindingSignatures, date);
|
||||||
if (isValidEncryptionKeyPacket(this.subKeys[i].subKey, bindingSignature, date)) {
|
if (isValidEncryptionKeyPacket(subKeys[i].keyPacket, bindingSignature, date)) {
|
||||||
return this.subKeys[i].subKey;
|
return subKeys[i];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -350,7 +355,7 @@ Key.prototype.getEncryptionKeyPacket = async function(keyId, date=new Date(), us
|
||||||
const primaryUser = await this.getPrimaryUser(date, userId);
|
const primaryUser = await this.getPrimaryUser(date, userId);
|
||||||
if (primaryUser && (!keyId || primaryKey.getKeyId().equals(keyId)) &&
|
if (primaryUser && (!keyId || primaryKey.getKeyId().equals(keyId)) &&
|
||||||
isValidEncryptionKeyPacket(primaryKey, primaryUser.selfCertification, date)) {
|
isValidEncryptionKeyPacket(primaryKey, primaryUser.selfCertification, date)) {
|
||||||
return primaryKey;
|
return this;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
|
|
@ -368,15 +373,16 @@ Key.prototype.encrypt = async function(passphrases, keyId=null) {
|
||||||
throw new Error("Nothing to encrypt in a public key");
|
throw new Error("Nothing to encrypt in a public key");
|
||||||
}
|
}
|
||||||
|
|
||||||
const keyPackets = this.getKeyPackets(keyId);
|
const keys = this.getKeys(keyId);
|
||||||
passphrases = util.isArray(passphrases) ? passphrases : new Array(keyPackets.length).fill(passphrases);
|
passphrases = util.isArray(passphrases) ? passphrases : new Array(keys.length).fill(passphrases);
|
||||||
if (passphrases.length !== keyPackets.length) {
|
if (passphrases.length !== keys.length) {
|
||||||
throw new Error("Invalid number of passphrases for key");
|
throw new Error("Invalid number of passphrases for key");
|
||||||
}
|
}
|
||||||
|
|
||||||
return Promise.all(keyPackets.map(async function(keyPacket, i) {
|
return Promise.all(keys.map(async function(key, i) {
|
||||||
|
const { keyPacket } = key;
|
||||||
await keyPacket.encrypt(passphrases[i]);
|
await keyPacket.encrypt(passphrases[i]);
|
||||||
await keyPacket.clearPrivateParams();
|
keyPacket.clearPrivateParams();
|
||||||
return keyPacket;
|
return keyPacket;
|
||||||
}));
|
}));
|
||||||
};
|
};
|
||||||
|
|
@ -394,12 +400,12 @@ Key.prototype.decrypt = async function(passphrases, keyId=null) {
|
||||||
}
|
}
|
||||||
passphrases = util.isArray(passphrases) ? passphrases : [passphrases];
|
passphrases = util.isArray(passphrases) ? passphrases : [passphrases];
|
||||||
|
|
||||||
const results = await Promise.all(this.getKeyPackets(keyId).map(async function(keyPacket) {
|
const results = await Promise.all(this.getKeys(keyId).map(async function(key) {
|
||||||
let decrypted = false;
|
let decrypted = false;
|
||||||
let error = null;
|
let error = null;
|
||||||
await Promise.all(passphrases.map(async function(passphrase) {
|
await Promise.all(passphrases.map(async function(passphrase) {
|
||||||
try {
|
try {
|
||||||
await keyPacket.decrypt(passphrase);
|
await key.keyPacket.decrypt(passphrase);
|
||||||
decrypted = true;
|
decrypted = true;
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
error = e;
|
error = e;
|
||||||
|
|
@ -427,7 +433,7 @@ Key.prototype.decrypt = async function(passphrases, keyId=null) {
|
||||||
*/
|
*/
|
||||||
Key.prototype.isRevoked = async function(signature, key, date=new Date()) {
|
Key.prototype.isRevoked = async function(signature, key, date=new Date()) {
|
||||||
return isDataRevoked(
|
return isDataRevoked(
|
||||||
this.primaryKey, { key: this.primaryKey }, this.revocationSignatures, signature, key, date
|
this.keyPacket, { key: this.keyPacket }, this.revocationSignatures, signature, key, date
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -440,7 +446,7 @@ Key.prototype.isRevoked = async function(signature, key, date=new Date()) {
|
||||||
* @async
|
* @async
|
||||||
*/
|
*/
|
||||||
Key.prototype.verifyPrimaryKey = async function(date=new Date(), userId={}) {
|
Key.prototype.verifyPrimaryKey = async function(date=new Date(), userId={}) {
|
||||||
const primaryKey = this.primaryKey;
|
const primaryKey = this.keyPacket;
|
||||||
// check for key revocation signatures
|
// check for key revocation signatures
|
||||||
if (await this.isRevoked(null, null, date)) {
|
if (await this.isRevoked(null, null, date)) {
|
||||||
return enums.keyStatus.revoked;
|
return enums.keyStatus.revoked;
|
||||||
|
|
@ -463,20 +469,34 @@ Key.prototype.verifyPrimaryKey = async function(date=new Date(), userId={}) {
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the expiration time of the primary key or Infinity if key does not expire
|
* Returns the latest date when the key can be used for encrypting, signing, or both, depending on the `capabilities` paramater.
|
||||||
|
* When `capabilities` is null, defaults to returning the expiry date of the primary key.
|
||||||
|
* Returns Infinity if the key doesn't expire.
|
||||||
|
* @param {encrypt|sign|encrypt_sign} capabilities, optional
|
||||||
|
* @param {module:type/keyid} keyId, optional
|
||||||
|
* @param {Object} userId, optional user ID
|
||||||
* @returns {Promise<Date>}
|
* @returns {Promise<Date>}
|
||||||
* @async
|
* @async
|
||||||
*/
|
*/
|
||||||
Key.prototype.getExpirationTime = async function() {
|
Key.prototype.getExpirationTime = async function(capabilities, keyId, userId) {
|
||||||
if (this.primaryKey.version === 3) {
|
if (this.keyPacket.version === 3) {
|
||||||
return getExpirationTime(this.primaryKey);
|
return getExpirationTime(this.keyPacket);
|
||||||
}
|
}
|
||||||
if (this.primaryKey.version >= 4) {
|
if (this.keyPacket.version >= 4) {
|
||||||
const primaryUser = await this.getPrimaryUser(null);
|
const primaryUser = await this.getPrimaryUser(null);
|
||||||
const selfCert = primaryUser.selfCertification;
|
const selfCert = primaryUser.selfCertification;
|
||||||
const keyExpiry = getExpirationTime(this.primaryKey, selfCert);
|
const keyExpiry = getExpirationTime(this.keyPacket, selfCert);
|
||||||
const sigExpiry = selfCert.getExpirationTime();
|
const sigExpiry = selfCert.getExpirationTime();
|
||||||
return keyExpiry < sigExpiry ? keyExpiry : sigExpiry;
|
let expiry = keyExpiry < sigExpiry ? keyExpiry : sigExpiry;
|
||||||
|
if (capabilities === 'encrypt' || capabilities === 'encrypt_sign') {
|
||||||
|
const encryptExpiry = (await this.getEncryptionKey(keyId, null, userId)).getExpirationTime();
|
||||||
|
if (encryptExpiry < expiry) expiry = encryptExpiry;
|
||||||
|
}
|
||||||
|
if (capabilities === 'sign' || capabilities === 'encrypt_sign') {
|
||||||
|
const signExpiry = (await this.getSigningKey(keyId, null, userId)).getExpirationTime();
|
||||||
|
if (signExpiry < expiry) expiry = signExpiry;
|
||||||
|
}
|
||||||
|
return expiry;
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -515,7 +535,7 @@ Key.prototype.getPrimaryUser = async function(date=new Date(), userId={}) {
|
||||||
return A.isPrimaryUserID - B.isPrimaryUserID || A.created - B.created;
|
return A.isPrimaryUserID - B.isPrimaryUserID || A.created - B.created;
|
||||||
}).pop();
|
}).pop();
|
||||||
const { user, selfCertification: cert } = primaryUser;
|
const { user, selfCertification: cert } = primaryUser;
|
||||||
const { primaryKey } = this;
|
const primaryKey = this.keyPacket;
|
||||||
const dataToVerify = { userid: user.userId , key: primaryKey };
|
const dataToVerify = { userid: user.userId , key: primaryKey };
|
||||||
// skip if certificates is invalid, revoked, or expired
|
// skip if certificates is invalid, revoked, or expired
|
||||||
// eslint-disable-next-line no-await-in-loop
|
// eslint-disable-next-line no-await-in-loop
|
||||||
|
|
@ -545,7 +565,7 @@ Key.prototype.update = async function(key) {
|
||||||
if (await key.verifyPrimaryKey() === enums.keyStatus.invalid) {
|
if (await key.verifyPrimaryKey() === enums.keyStatus.invalid) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if (this.primaryKey.getFingerprint() !== key.primaryKey.getFingerprint()) {
|
if (this.getFingerprint() !== key.getFingerprint()) {
|
||||||
throw new Error('Key update method: fingerprints of keys not equal');
|
throw new Error('Key update method: fingerprints of keys not equal');
|
||||||
}
|
}
|
||||||
if (this.isPublic() && key.isPrivate()) {
|
if (this.isPublic() && key.isPrivate()) {
|
||||||
|
|
@ -553,17 +573,17 @@ Key.prototype.update = async function(key) {
|
||||||
const equal = (this.subKeys.length === key.subKeys.length) &&
|
const equal = (this.subKeys.length === key.subKeys.length) &&
|
||||||
(this.subKeys.every(destSubKey => {
|
(this.subKeys.every(destSubKey => {
|
||||||
return key.subKeys.some(srcSubKey => {
|
return key.subKeys.some(srcSubKey => {
|
||||||
return destSubKey.subKey.getFingerprint() === srcSubKey.subKey.getFingerprint();
|
return destSubKey.getFingerprint() === srcSubKey.getFingerprint();
|
||||||
});
|
});
|
||||||
}));
|
}));
|
||||||
if (!equal) {
|
if (!equal) {
|
||||||
throw new Error('Cannot update public key with private key if subkey mismatch');
|
throw new Error('Cannot update public key with private key if subkey mismatch');
|
||||||
}
|
}
|
||||||
this.primaryKey = key.primaryKey;
|
this.keyPacket = key.keyPacket;
|
||||||
}
|
}
|
||||||
// revocation signatures
|
// revocation signatures
|
||||||
await mergeSignatures(key, this, 'revocationSignatures', srcRevSig => {
|
await mergeSignatures(key, this, 'revocationSignatures', srcRevSig => {
|
||||||
return isDataRevoked(this.primaryKey, this, [srcRevSig], null, key.primaryKey);
|
return isDataRevoked(this.keyPacket, this, [srcRevSig], null, key.keyPacket);
|
||||||
});
|
});
|
||||||
// direct signatures
|
// direct signatures
|
||||||
await mergeSignatures(key, this, 'directSignatures');
|
await mergeSignatures(key, this, 'directSignatures');
|
||||||
|
|
@ -575,7 +595,7 @@ Key.prototype.update = async function(key) {
|
||||||
if ((srcUser.userId && dstUser.userId &&
|
if ((srcUser.userId && dstUser.userId &&
|
||||||
(srcUser.userId.userid === dstUser.userId.userid)) ||
|
(srcUser.userId.userid === dstUser.userId.userid)) ||
|
||||||
(srcUser.userAttribute && (srcUser.userAttribute.equals(dstUser.userAttribute)))) {
|
(srcUser.userAttribute && (srcUser.userAttribute.equals(dstUser.userAttribute)))) {
|
||||||
await dstUser.update(srcUser, this.primaryKey);
|
await dstUser.update(srcUser, this.keyPacket);
|
||||||
found = true;
|
found = true;
|
||||||
}
|
}
|
||||||
}));
|
}));
|
||||||
|
|
@ -588,8 +608,8 @@ Key.prototype.update = async function(key) {
|
||||||
await Promise.all(key.subKeys.map(async srcSubKey => {
|
await Promise.all(key.subKeys.map(async srcSubKey => {
|
||||||
let found = false;
|
let found = false;
|
||||||
await Promise.all(this.subKeys.map(async dstSubKey => {
|
await Promise.all(this.subKeys.map(async dstSubKey => {
|
||||||
if (srcSubKey.subKey.getFingerprint() === dstSubKey.subKey.getFingerprint()) {
|
if (srcSubKey.getFingerprint() === dstSubKey.getFingerprint()) {
|
||||||
await dstSubKey.update(srcSubKey, this.primaryKey);
|
await dstSubKey.update(srcSubKey, this.keyPacket);
|
||||||
found = true;
|
found = true;
|
||||||
}
|
}
|
||||||
}));
|
}));
|
||||||
|
|
@ -640,9 +660,9 @@ Key.prototype.revoke = async function({
|
||||||
if (this.isPublic()) {
|
if (this.isPublic()) {
|
||||||
throw new Error('Need private key for revoking');
|
throw new Error('Need private key for revoking');
|
||||||
}
|
}
|
||||||
const dataToSign = { key: this.primaryKey };
|
const dataToSign = { key: this.keyPacket };
|
||||||
const key = new Key(this.toPacketlist());
|
const key = new Key(this.toPacketlist());
|
||||||
key.revocationSignatures.push(await createSignaturePacket(dataToSign, null, this.primaryKey, {
|
key.revocationSignatures.push(await createSignaturePacket(dataToSign, null, this.keyPacket, {
|
||||||
signatureType: enums.signature.key_revocation,
|
signatureType: enums.signature.key_revocation,
|
||||||
reasonForRevocationFlag: enums.write(enums.reasonForRevocation, reasonForRevocationFlag),
|
reasonForRevocationFlag: enums.write(enums.reasonForRevocation, reasonForRevocationFlag),
|
||||||
reasonForRevocationString
|
reasonForRevocationString
|
||||||
|
|
@ -678,13 +698,13 @@ Key.prototype.applyRevocationCertificate = async function(revocationCertificate)
|
||||||
if (!revocationSignature || revocationSignature.signatureType !== enums.signature.key_revocation) {
|
if (!revocationSignature || revocationSignature.signatureType !== enums.signature.key_revocation) {
|
||||||
throw new Error('Could not find revocation signature packet');
|
throw new Error('Could not find revocation signature packet');
|
||||||
}
|
}
|
||||||
if (!revocationSignature.issuerKeyId.equals(this.primaryKey.getKeyId())) {
|
if (!revocationSignature.issuerKeyId.equals(this.getKeyId())) {
|
||||||
throw new Error('Revocation signature does not match key');
|
throw new Error('Revocation signature does not match key');
|
||||||
}
|
}
|
||||||
if (revocationSignature.isExpired()) {
|
if (revocationSignature.isExpired()) {
|
||||||
throw new Error('Revocation signature is expired');
|
throw new Error('Revocation signature is expired');
|
||||||
}
|
}
|
||||||
if (!await revocationSignature.verify(this.primaryKey, { key: this.primaryKey })) {
|
if (!await revocationSignature.verify(this.keyPacket, { key: this.keyPacket })) {
|
||||||
throw new Error('Could not verify revocation signature');
|
throw new Error('Could not verify revocation signature');
|
||||||
}
|
}
|
||||||
const key = new Key(this.toPacketlist());
|
const key = new Key(this.toPacketlist());
|
||||||
|
|
@ -703,7 +723,7 @@ Key.prototype.signPrimaryUser = async function(privateKeys) {
|
||||||
if (!user) {
|
if (!user) {
|
||||||
throw new Error('Could not find primary user');
|
throw new Error('Could not find primary user');
|
||||||
}
|
}
|
||||||
const userSign = await user.sign(this.primaryKey, privateKeys);
|
const userSign = await user.sign(this.keyPacket, privateKeys);
|
||||||
const key = new Key(this.toPacketlist());
|
const key = new Key(this.toPacketlist());
|
||||||
key.users[index] = userSign;
|
key.users[index] = userSign;
|
||||||
return key;
|
return key;
|
||||||
|
|
@ -719,7 +739,7 @@ Key.prototype.signAllUsers = async function(privateKeys) {
|
||||||
const that = this;
|
const that = this;
|
||||||
const key = new Key(this.toPacketlist());
|
const key = new Key(this.toPacketlist());
|
||||||
key.users = await Promise.all(this.users.map(function(user) {
|
key.users = await Promise.all(this.users.map(function(user) {
|
||||||
return user.sign(that.primaryKey, privateKeys);
|
return user.sign(that.keyPacket, privateKeys);
|
||||||
}));
|
}));
|
||||||
return key;
|
return key;
|
||||||
};
|
};
|
||||||
|
|
@ -734,7 +754,7 @@ Key.prototype.signAllUsers = async function(privateKeys) {
|
||||||
* @async
|
* @async
|
||||||
*/
|
*/
|
||||||
Key.prototype.verifyPrimaryUser = async function(keys) {
|
Key.prototype.verifyPrimaryUser = async function(keys) {
|
||||||
const primaryKey = this.primaryKey;
|
const primaryKey = this.keyPacket;
|
||||||
const { user } = await this.getPrimaryUser() || {};
|
const { user } = await this.getPrimaryUser() || {};
|
||||||
if (!user) {
|
if (!user) {
|
||||||
throw new Error('Could not find primary user');
|
throw new Error('Could not find primary user');
|
||||||
|
|
@ -756,7 +776,7 @@ Key.prototype.verifyPrimaryUser = async function(keys) {
|
||||||
*/
|
*/
|
||||||
Key.prototype.verifyAllUsers = async function(keys) {
|
Key.prototype.verifyAllUsers = async function(keys) {
|
||||||
const results = [];
|
const results = [];
|
||||||
const { primaryKey } = this;
|
const primaryKey = this.keyPacket;
|
||||||
await Promise.all(this.users.map(async function(user) {
|
await Promise.all(this.users.map(async function(user) {
|
||||||
const signatures = keys ? await user.verifyAllCertifications(primaryKey, keys) :
|
const signatures = keys ? await user.verifyAllCertifications(primaryKey, keys) :
|
||||||
[{ keyid: primaryKey.keyid, valid: await user.verify(primaryKey) === enums.keyStatus.valid }];
|
[{ keyid: primaryKey.keyid, valid: await user.verify(primaryKey) === enums.keyStatus.valid }];
|
||||||
|
|
@ -814,18 +834,15 @@ User.prototype.sign = async function(primaryKey, privateKeys) {
|
||||||
if (privateKey.isPublic()) {
|
if (privateKey.isPublic()) {
|
||||||
throw new Error('Need private key for signing');
|
throw new Error('Need private key for signing');
|
||||||
}
|
}
|
||||||
if (privateKey.primaryKey.getFingerprint() === primaryKey.getFingerprint()) {
|
if (privateKey.getFingerprint() === primaryKey.getFingerprint()) {
|
||||||
throw new Error('Not implemented for self signing');
|
throw new Error('Not implemented for self signing');
|
||||||
}
|
}
|
||||||
const signingKeyPacket = await privateKey.getSigningKeyPacket();
|
const signingKey = await privateKey.getSigningKey();
|
||||||
if (!signingKeyPacket) {
|
if (!signingKey) {
|
||||||
throw new Error('Could not find valid signing key packet in key ' +
|
throw new Error('Could not find valid signing key packet in key ' +
|
||||||
privateKey.primaryKey.getKeyId().toHex());
|
privateKey.getKeyId().toHex());
|
||||||
}
|
}
|
||||||
if (!signingKeyPacket.isDecrypted) {
|
return createSignaturePacket(dataToSign, privateKey, signingKey.keyPacket, {
|
||||||
throw new Error('Private key is not decrypted.');
|
|
||||||
}
|
|
||||||
return createSignaturePacket(dataToSign, privateKey, signingKeyPacket, {
|
|
||||||
// Most OpenPGP implementations use generic certification (0x10)
|
// Most OpenPGP implementations use generic certification (0x10)
|
||||||
signatureType: enums.signature.cert_generic,
|
signatureType: enums.signature.cert_generic,
|
||||||
keyFlags: [enums.keyFlags.certify_keys | enums.keyFlags.sign_data]
|
keyFlags: [enums.keyFlags.certify_keys | enums.keyFlags.sign_data]
|
||||||
|
|
@ -868,7 +885,7 @@ User.prototype.isRevoked = async function(primaryKey, certificate, key, date=new
|
||||||
* @return {module:packet/signature} signature packet
|
* @return {module:packet/signature} signature packet
|
||||||
*/
|
*/
|
||||||
export async function createSignaturePacket(dataToSign, privateKey, signingKeyPacket, signatureProperties, date, userId) {
|
export async function createSignaturePacket(dataToSign, privateKey, signingKeyPacket, signatureProperties, date, userId) {
|
||||||
if (!signingKeyPacket.isDecrypted) {
|
if (!signingKeyPacket.isDecrypted()) {
|
||||||
throw new Error('Private key is not decrypted.');
|
throw new Error('Private key is not decrypted.');
|
||||||
}
|
}
|
||||||
const signaturePacket = new packet.Signature(date);
|
const signaturePacket = new packet.Signature(date);
|
||||||
|
|
@ -895,11 +912,11 @@ User.prototype.verifyCertificate = async function(primaryKey, certificate, keys,
|
||||||
const dataToVerify = { userid: this.userId || this.userAttribute, key: primaryKey };
|
const dataToVerify = { userid: this.userId || this.userAttribute, key: primaryKey };
|
||||||
const results = await Promise.all(keys.map(async function(key) {
|
const results = await Promise.all(keys.map(async function(key) {
|
||||||
if (!key.getKeyIds().some(id => id.equals(keyid))) { return; }
|
if (!key.getKeyIds().some(id => id.equals(keyid))) { return; }
|
||||||
const keyPacket = await key.getSigningKeyPacket(keyid, date);
|
const signingKey = await key.getSigningKey(keyid, date);
|
||||||
if (certificate.revoked || await that.isRevoked(primaryKey, certificate, keyPacket)) {
|
if (certificate.revoked || await that.isRevoked(primaryKey, certificate, signingKey.keyPacket)) {
|
||||||
return enums.keyStatus.revoked;
|
return enums.keyStatus.revoked;
|
||||||
}
|
}
|
||||||
if (!(certificate.verified || await certificate.verify(keyPacket, dataToVerify))) {
|
if (!(certificate.verified || await certificate.verify(signingKey.keyPacket, dataToVerify))) {
|
||||||
return enums.keyStatus.invalid;
|
return enums.keyStatus.invalid;
|
||||||
}
|
}
|
||||||
if (certificate.isExpired()) {
|
if (certificate.isExpired()) {
|
||||||
|
|
@ -991,7 +1008,7 @@ function SubKey(subKeyPacket) {
|
||||||
if (!(this instanceof SubKey)) {
|
if (!(this instanceof SubKey)) {
|
||||||
return new SubKey(subKeyPacket);
|
return new SubKey(subKeyPacket);
|
||||||
}
|
}
|
||||||
this.subKey = subKeyPacket;
|
this.keyPacket = subKeyPacket;
|
||||||
this.bindingSignatures = [];
|
this.bindingSignatures = [];
|
||||||
this.revocationSignatures = [];
|
this.revocationSignatures = [];
|
||||||
}
|
}
|
||||||
|
|
@ -1002,7 +1019,7 @@ function SubKey(subKeyPacket) {
|
||||||
*/
|
*/
|
||||||
SubKey.prototype.toPacketlist = function() {
|
SubKey.prototype.toPacketlist = function() {
|
||||||
const packetlist = new packet.List();
|
const packetlist = new packet.List();
|
||||||
packetlist.push(this.subKey);
|
packetlist.push(this.keyPacket);
|
||||||
packetlist.concat(this.revocationSignatures);
|
packetlist.concat(this.revocationSignatures);
|
||||||
packetlist.concat(this.bindingSignatures);
|
packetlist.concat(this.bindingSignatures);
|
||||||
return packetlist;
|
return packetlist;
|
||||||
|
|
@ -1025,7 +1042,7 @@ SubKey.prototype.isRevoked = async function(primaryKey, signature, key, date=new
|
||||||
return isDataRevoked(
|
return isDataRevoked(
|
||||||
primaryKey, {
|
primaryKey, {
|
||||||
key: primaryKey,
|
key: primaryKey,
|
||||||
bind: this.subKey
|
bind: this.keyPacket
|
||||||
}, this.revocationSignatures, signature, key, date
|
}, this.revocationSignatures, signature, key, date
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
|
@ -1041,9 +1058,9 @@ SubKey.prototype.isRevoked = async function(primaryKey, signature, key, date=new
|
||||||
*/
|
*/
|
||||||
SubKey.prototype.verify = async function(primaryKey, date=new Date()) {
|
SubKey.prototype.verify = async function(primaryKey, date=new Date()) {
|
||||||
const that = this;
|
const that = this;
|
||||||
const dataToVerify = { key: primaryKey, bind: this.subKey };
|
const dataToVerify = { key: primaryKey, bind: this.keyPacket };
|
||||||
// check for V3 expiration time
|
// check for V3 expiration time
|
||||||
if (this.subKey.version === 3 && isDataExpired(this.subKey, null, date)) {
|
if (this.keyPacket.version === 3 && isDataExpired(this.keyPacket, null, date)) {
|
||||||
return enums.keyStatus.expired;
|
return enums.keyStatus.expired;
|
||||||
}
|
}
|
||||||
// check subkey binding signatures
|
// check subkey binding signatures
|
||||||
|
|
@ -1070,7 +1087,7 @@ SubKey.prototype.verify = async function(primaryKey, date=new Date()) {
|
||||||
*/
|
*/
|
||||||
SubKey.prototype.getExpirationTime = function(date=new Date()) {
|
SubKey.prototype.getExpirationTime = function(date=new Date()) {
|
||||||
const bindingSignature = getLatestSignature(this.bindingSignatures, date);
|
const bindingSignature = getLatestSignature(this.bindingSignatures, date);
|
||||||
const keyExpiry = getExpirationTime(this.subKey, bindingSignature);
|
const keyExpiry = getExpirationTime(this.keyPacket, bindingSignature);
|
||||||
const sigExpiry = bindingSignature.getExpirationTime();
|
const sigExpiry = bindingSignature.getExpirationTime();
|
||||||
return keyExpiry < sigExpiry ? keyExpiry : sigExpiry;
|
return keyExpiry < sigExpiry ? keyExpiry : sigExpiry;
|
||||||
};
|
};
|
||||||
|
|
@ -1085,17 +1102,17 @@ SubKey.prototype.update = async function(subKey, primaryKey) {
|
||||||
if (await subKey.verify(primaryKey) === enums.keyStatus.invalid) {
|
if (await subKey.verify(primaryKey) === enums.keyStatus.invalid) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if (this.subKey.getFingerprint() !== subKey.subKey.getFingerprint()) {
|
if (this.getFingerprint() !== subKey.getFingerprint()) {
|
||||||
throw new Error('SubKey update method: fingerprints of subkeys not equal');
|
throw new Error('SubKey update method: fingerprints of subkeys not equal');
|
||||||
}
|
}
|
||||||
// key packet
|
// key packet
|
||||||
if (this.subKey.tag === enums.packet.publicSubkey &&
|
if (this.keyPacket.tag === enums.packet.publicSubkey &&
|
||||||
subKey.subKey.tag === enums.packet.secretSubkey) {
|
subKey.keyPacket.tag === enums.packet.secretSubkey) {
|
||||||
this.subKey = subKey.subKey;
|
this.keyPacket = subKey.keyPacket;
|
||||||
}
|
}
|
||||||
// update missing binding signatures
|
// update missing binding signatures
|
||||||
const that = this;
|
const that = this;
|
||||||
const dataToVerify = { key: primaryKey, bind: that.subKey };
|
const dataToVerify = { key: primaryKey, bind: that.keyPacket };
|
||||||
await mergeSignatures(subKey, this, 'bindingSignatures', async function(srcBindSig) {
|
await mergeSignatures(subKey, this, 'bindingSignatures', async function(srcBindSig) {
|
||||||
if (!(srcBindSig.verified || await srcBindSig.verify(primaryKey, dataToVerify))) {
|
if (!(srcBindSig.verified || await srcBindSig.verify(primaryKey, dataToVerify))) {
|
||||||
return false;
|
return false;
|
||||||
|
|
@ -1129,8 +1146,8 @@ SubKey.prototype.revoke = async function(primaryKey, {
|
||||||
flag: reasonForRevocationFlag=enums.reasonForRevocation.no_reason,
|
flag: reasonForRevocationFlag=enums.reasonForRevocation.no_reason,
|
||||||
string: reasonForRevocationString=''
|
string: reasonForRevocationString=''
|
||||||
} = {}, date=new Date()) {
|
} = {}, date=new Date()) {
|
||||||
const dataToSign = { key: primaryKey, bind: this.subKey };
|
const dataToSign = { key: primaryKey, bind: this.keyPacket };
|
||||||
const subKey = new SubKey(this.subKey);
|
const subKey = new SubKey(this.keyPacket);
|
||||||
subKey.revocationSignatures.push(await createSignaturePacket(dataToSign, null, primaryKey, {
|
subKey.revocationSignatures.push(await createSignaturePacket(dataToSign, null, primaryKey, {
|
||||||
signatureType: enums.signature.subkey_revocation,
|
signatureType: enums.signature.subkey_revocation,
|
||||||
reasonForRevocationFlag: enums.write(enums.reasonForRevocation, reasonForRevocationFlag),
|
reasonForRevocationFlag: enums.write(enums.reasonForRevocation, reasonForRevocationFlag),
|
||||||
|
|
@ -1140,6 +1157,14 @@ SubKey.prototype.revoke = async function(primaryKey, {
|
||||||
return subKey;
|
return subKey;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
['getKeyId', 'getFingerprint', 'getAlgorithmInfo', 'getCreationTime', 'isDecrypted'].forEach(name => {
|
||||||
|
Key.prototype[name] =
|
||||||
|
SubKey.prototype[name] =
|
||||||
|
function() {
|
||||||
|
return this.keyPacket[name]();
|
||||||
|
};
|
||||||
|
});
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Reads an unarmored OpenPGP key list and returns one or multiple key objects
|
* Reads an unarmored OpenPGP key list and returns one or multiple key objects
|
||||||
* @param {Uint8Array} data to be parsed
|
* @param {Uint8Array} data to be parsed
|
||||||
|
|
@ -1301,7 +1326,7 @@ export async function reformat(options) {
|
||||||
options = sanitizeKeyOptions(options);
|
options = sanitizeKeyOptions(options);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const isDecrypted = options.privateKey.getKeyPackets().every(keyPacket => keyPacket.isDecrypted);
|
const isDecrypted = options.privateKey.getKeys().every(key => key.isDecrypted());
|
||||||
if (!isDecrypted) {
|
if (!isDecrypted) {
|
||||||
await options.privateKey.decrypt();
|
await options.privateKey.decrypt();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -138,14 +138,14 @@ function emailCheck(email, key) {
|
||||||
* @private
|
* @private
|
||||||
* @param {String} keyId provided as string of lowercase hex number
|
* @param {String} keyId provided as string of lowercase hex number
|
||||||
* withouth 0x prefix (can be 16-character key ID or fingerprint)
|
* withouth 0x prefix (can be 16-character key ID or fingerprint)
|
||||||
* @param {module:packet.SecretKey|public_key|public_subkey|secret_subkey} keypacket The keypacket to be checked
|
* @param {module:key.Key|module:key.SubKey} key The key to be checked
|
||||||
* @returns {Boolean} True if keypacket has the specified keyid
|
* @returns {Boolean} True if key has the specified keyid
|
||||||
*/
|
*/
|
||||||
function keyIdCheck(keyId, keypacket) {
|
function keyIdCheck(keyId, key) {
|
||||||
if (keyId.length === 16) {
|
if (keyId.length === 16) {
|
||||||
return keyId === keypacket.getKeyId().toHex();
|
return keyId === key.getKeyId().toHex();
|
||||||
}
|
}
|
||||||
return keyId === keypacket.getFingerprint();
|
return keyId === key.getFingerprint();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -157,12 +157,12 @@ function keyIdCheck(keyId, keypacket) {
|
||||||
*/
|
*/
|
||||||
KeyArray.prototype.getForId = function (keyId, deep) {
|
KeyArray.prototype.getForId = function (keyId, deep) {
|
||||||
for (let i = 0; i < this.keys.length; i++) {
|
for (let i = 0; i < this.keys.length; i++) {
|
||||||
if (keyIdCheck(keyId, this.keys[i].primaryKey)) {
|
if (keyIdCheck(keyId, this.keys[i])) {
|
||||||
return this.keys[i];
|
return this.keys[i];
|
||||||
}
|
}
|
||||||
if (deep && this.keys[i].subKeys.length) {
|
if (deep && this.keys[i].subKeys.length) {
|
||||||
for (let j = 0; j < this.keys[i].subKeys.length; j++) {
|
for (let j = 0; j < this.keys[i].subKeys.length; j++) {
|
||||||
if (keyIdCheck(keyId, this.keys[i].subKeys[j].subKey)) {
|
if (keyIdCheck(keyId, this.keys[i].subKeys[j])) {
|
||||||
return this.keys[i];
|
return this.keys[i];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -182,7 +182,7 @@ KeyArray.prototype.importKey = async function (armored) {
|
||||||
for (let i = 0; i < imported.keys.length; i++) {
|
for (let i = 0; i < imported.keys.length; i++) {
|
||||||
const key = imported.keys[i];
|
const key = imported.keys[i];
|
||||||
// check if key already in key array
|
// check if key already in key array
|
||||||
const keyidHex = key.primaryKey.getKeyId().toHex();
|
const keyidHex = key.getKeyId().toHex();
|
||||||
const keyFound = this.getForId(keyidHex);
|
const keyFound = this.getForId(keyidHex);
|
||||||
if (keyFound) {
|
if (keyFound) {
|
||||||
// eslint-disable-next-line no-await-in-loop
|
// eslint-disable-next-line no-await-in-loop
|
||||||
|
|
@ -211,7 +211,7 @@ KeyArray.prototype.push = function (key) {
|
||||||
*/
|
*/
|
||||||
KeyArray.prototype.removeForId = function (keyId) {
|
KeyArray.prototype.removeForId = function (keyId) {
|
||||||
for (let i = 0; i < this.keys.length; i++) {
|
for (let i = 0; i < this.keys.length; i++) {
|
||||||
if (keyIdCheck(keyId, this.keys[i].primaryKey)) {
|
if (keyIdCheck(keyId, this.keys[i])) {
|
||||||
return this.keys.splice(i, 1)[0];
|
return this.keys.splice(i, 1)[0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -168,15 +168,15 @@ Message.prototype.decryptSessionKeys = async function(privateKeys, passwords) {
|
||||||
throw new Error('No public key encrypted session key packet found.');
|
throw new Error('No public key encrypted session key packet found.');
|
||||||
}
|
}
|
||||||
await Promise.all(pkESKeyPacketlist.map(async function(keyPacket) {
|
await Promise.all(pkESKeyPacketlist.map(async function(keyPacket) {
|
||||||
// TODO improve this
|
const privateKeyPackets = new packet.List();
|
||||||
const privateKeyPackets = privateKeys.reduce(function(acc, privateKey) {
|
privateKeys.forEach(privateKey => {
|
||||||
return acc.concat(privateKey.getKeyPackets(keyPacket.publicKeyId));
|
privateKeyPackets.concat(privateKey.getKeys(keyPacket.publicKeyId).map(key => key.keyPacket));
|
||||||
}, new packet.List());
|
});
|
||||||
await Promise.all(privateKeyPackets.map(async function(privateKeyPacket) {
|
await Promise.all(privateKeyPackets.map(async function(privateKeyPacket) {
|
||||||
if (!privateKeyPacket) {
|
if (!privateKeyPacket) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if (!privateKeyPacket.isDecrypted) {
|
if (!privateKeyPacket.isDecrypted()) {
|
||||||
throw new Error('Private key is not decrypted.');
|
throw new Error('Private key is not decrypted.');
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
|
|
@ -323,17 +323,17 @@ export async function encryptSessionKey(sessionKey, symAlgo, aeadAlgo, publicKey
|
||||||
|
|
||||||
if (publicKeys) {
|
if (publicKeys) {
|
||||||
const results = await Promise.all(publicKeys.map(async function(publicKey) {
|
const results = await Promise.all(publicKeys.map(async function(publicKey) {
|
||||||
const encryptionKeyPacket = await publicKey.getEncryptionKeyPacket(undefined, date, userId);
|
const encryptionKey = await publicKey.getEncryptionKey(undefined, date, userId);
|
||||||
if (!encryptionKeyPacket) {
|
if (!encryptionKey) {
|
||||||
throw new Error('Could not find valid key packet for encryption in key ' +
|
throw new Error('Could not find valid key packet for encryption in key ' +
|
||||||
publicKey.primaryKey.getKeyId().toHex());
|
publicKey.getKeyId().toHex());
|
||||||
}
|
}
|
||||||
const pkESKeyPacket = new packet.PublicKeyEncryptedSessionKey();
|
const pkESKeyPacket = new packet.PublicKeyEncryptedSessionKey();
|
||||||
pkESKeyPacket.publicKeyId = wildcard ? type_keyid.wildcard() : encryptionKeyPacket.getKeyId();
|
pkESKeyPacket.publicKeyId = wildcard ? type_keyid.wildcard() : encryptionKey.getKeyId();
|
||||||
pkESKeyPacket.publicKeyAlgorithm = encryptionKeyPacket.algorithm;
|
pkESKeyPacket.publicKeyAlgorithm = encryptionKey.keyPacket.algorithm;
|
||||||
pkESKeyPacket.sessionKey = sessionKey;
|
pkESKeyPacket.sessionKey = sessionKey;
|
||||||
pkESKeyPacket.sessionKeyAlgorithm = symAlgo;
|
pkESKeyPacket.sessionKeyAlgorithm = symAlgo;
|
||||||
await pkESKeyPacket.encrypt(encryptionKeyPacket);
|
await pkESKeyPacket.encrypt(encryptionKey.keyPacket);
|
||||||
delete pkESKeyPacket.sessionKey; // delete plaintext session key after encryption
|
delete pkESKeyPacket.sessionKey; // delete plaintext session key after encryption
|
||||||
return pkESKeyPacket;
|
return pkESKeyPacket;
|
||||||
}));
|
}));
|
||||||
|
|
@ -421,16 +421,16 @@ Message.prototype.sign = async function(privateKeys=[], signature=null, date=new
|
||||||
if (privateKey.isPublic()) {
|
if (privateKey.isPublic()) {
|
||||||
throw new Error('Need private key for signing');
|
throw new Error('Need private key for signing');
|
||||||
}
|
}
|
||||||
const signingKeyPacket = await privateKey.getSigningKeyPacket(undefined, date, userId);
|
const signingKey = await privateKey.getSigningKey(undefined, date, userId);
|
||||||
if (!signingKeyPacket) {
|
if (!signingKey) {
|
||||||
throw new Error('Could not find valid key packet for signing in key ' +
|
throw new Error('Could not find valid key packet for signing in key ' +
|
||||||
privateKey.primaryKey.getKeyId().toHex());
|
privateKey.getKeyId().toHex());
|
||||||
}
|
}
|
||||||
const onePassSig = new packet.OnePassSignature();
|
const onePassSig = new packet.OnePassSignature();
|
||||||
onePassSig.type = signatureType;
|
onePassSig.type = signatureType;
|
||||||
onePassSig.hashAlgorithm = await getPreferredHashAlgo(privateKey, signingKeyPacket, date, userId);
|
onePassSig.hashAlgorithm = await getPreferredHashAlgo(privateKey, signingKey.keyPacket, date, userId);
|
||||||
onePassSig.publicKeyAlgorithm = signingKeyPacket.algorithm;
|
onePassSig.publicKeyAlgorithm = signingKey.keyPacket.algorithm;
|
||||||
onePassSig.signingKeyId = signingKeyPacket.getKeyId();
|
onePassSig.signingKeyId = signingKey.getKeyId();
|
||||||
if (i === privateKeys.length - 1) {
|
if (i === privateKeys.length - 1) {
|
||||||
onePassSig.flags = 1;
|
onePassSig.flags = 1;
|
||||||
}
|
}
|
||||||
|
|
@ -503,12 +503,12 @@ export async function createSignaturePackets(literalDataPacket, privateKeys, sig
|
||||||
if (privateKey.isPublic()) {
|
if (privateKey.isPublic()) {
|
||||||
throw new Error('Need private key for signing');
|
throw new Error('Need private key for signing');
|
||||||
}
|
}
|
||||||
const signingKeyPacket = await privateKey.getSigningKeyPacket(undefined, date, userId);
|
const signingKey = await privateKey.getSigningKey(undefined, date, userId);
|
||||||
if (!signingKeyPacket) {
|
if (!signingKey) {
|
||||||
throw new Error(`Could not find valid signing key packet in key ${
|
throw new Error(`Could not find valid signing key packet in key ${
|
||||||
privateKey.primaryKey.getKeyId().toHex()}`);
|
privateKey.getKeyId().toHex()}`);
|
||||||
}
|
}
|
||||||
return createSignaturePacket(literalDataPacket, privateKey, signingKeyPacket, {signatureType}, date, userId);
|
return createSignaturePacket(literalDataPacket, privateKey, signingKey.keyPacket, {signatureType}, date, userId);
|
||||||
})).then(signatureList => {
|
})).then(signatureList => {
|
||||||
signatureList.forEach(signaturePacket => packetlist.push(signaturePacket));
|
signatureList.forEach(signaturePacket => packetlist.push(signaturePacket));
|
||||||
});
|
});
|
||||||
|
|
@ -570,10 +570,10 @@ export async function createVerificationObjects(signatureList, literalDataList,
|
||||||
return Promise.all(signatureList.map(async function(signature) {
|
return Promise.all(signatureList.map(async function(signature) {
|
||||||
let keyPacket = null;
|
let keyPacket = null;
|
||||||
await Promise.all(keys.map(async function(key) {
|
await Promise.all(keys.map(async function(key) {
|
||||||
// Look for the unique key packet that matches issuerKeyId of signature
|
// Look for the unique key that matches issuerKeyId of signature
|
||||||
const result = await key.getSigningKeyPacket(signature.issuerKeyId, date);
|
const result = await key.getSigningKey(signature.issuerKeyId, date);
|
||||||
if (result) {
|
if (result) {
|
||||||
keyPacket = result;
|
keyPacket = result.keyPacket;
|
||||||
}
|
}
|
||||||
}));
|
}));
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -180,6 +180,22 @@ PublicKey.prototype.writeOld = function () {
|
||||||
return util.concatUint8Array([new Uint8Array([0x99]), util.writeNumber(bytes.length, 2), bytes]);
|
return util.concatUint8Array([new Uint8Array([0x99]), util.writeNumber(bytes.length, 2), bytes]);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check whether secret-key data is available in decrypted form. Returns null for public keys.
|
||||||
|
* @returns {Boolean|null}
|
||||||
|
*/
|
||||||
|
PublicKey.prototype.isDecrypted = function() {
|
||||||
|
return null;
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the creation time of the key
|
||||||
|
* @returns {Date}
|
||||||
|
*/
|
||||||
|
PublicKey.prototype.getCreationTime = function() {
|
||||||
|
return this.created;
|
||||||
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Calculates the key id of the key
|
* Calculates the key id of the key
|
||||||
* @returns {String} A 8 byte key id
|
* @returns {String} A 8 byte key id
|
||||||
|
|
|
||||||
|
|
@ -51,9 +51,9 @@ function SecretKey(date=new Date()) {
|
||||||
*/
|
*/
|
||||||
this.encrypted = null;
|
this.encrypted = null;
|
||||||
/**
|
/**
|
||||||
* Indicator if secret-key data is available in decrypted form
|
* Indicator if secret-key data is encrypted. `this.isEncrypted === false` means data is available in decrypted form.
|
||||||
*/
|
*/
|
||||||
this.isDecrypted = false;
|
this.isEncrypted = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
SecretKey.prototype = new publicKey();
|
SecretKey.prototype = new publicKey();
|
||||||
|
|
@ -149,13 +149,14 @@ SecretKey.prototype.read = function (bytes) {
|
||||||
|
|
||||||
if (isEncrypted) {
|
if (isEncrypted) {
|
||||||
this.encrypted = bytes;
|
this.encrypted = bytes;
|
||||||
|
this.isEncrypted = true;
|
||||||
} else {
|
} else {
|
||||||
// - Plain or encrypted multiprecision integers comprising the secret
|
// - Plain or encrypted multiprecision integers comprising the secret
|
||||||
// key data. These algorithm-specific fields are as described
|
// key data. These algorithm-specific fields are as described
|
||||||
// below.
|
// below.
|
||||||
const privParams = parse_cleartext_params('mod', bytes.subarray(1, bytes.length), this.algorithm);
|
const privParams = parse_cleartext_params('mod', bytes.subarray(1, bytes.length), this.algorithm);
|
||||||
this.params = this.params.concat(privParams);
|
this.params = this.params.concat(privParams);
|
||||||
this.isDecrypted = true;
|
this.isEncrypted = false;
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -176,10 +177,17 @@ SecretKey.prototype.write = function () {
|
||||||
return util.concatUint8Array(arr);
|
return util.concatUint8Array(arr);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check whether secret-key data is available in decrypted form. Returns null for public keys.
|
||||||
|
* @returns {Boolean|null}
|
||||||
|
*/
|
||||||
|
SecretKey.prototype.isDecrypted = function() {
|
||||||
|
return this.isEncrypted === false;
|
||||||
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Encrypt the payload. By default, we use aes256 and iterated, salted string
|
* Encrypt the payload. By default, we use aes256 and iterated, salted string
|
||||||
* to key specifier. If the key is in a decrypted state (isDecrypted === true)
|
* to key specifier. If the key is in a decrypted state (isEncrypted === false)
|
||||||
* and the passphrase is empty or undefined, the key will be set as not encrypted.
|
* and the passphrase is empty or undefined, the key will be set as not encrypted.
|
||||||
* This can be used to remove passphrase protection after calling decrypt().
|
* This can be used to remove passphrase protection after calling decrypt().
|
||||||
* @param {String} passphrase
|
* @param {String} passphrase
|
||||||
|
|
@ -187,7 +195,7 @@ SecretKey.prototype.write = function () {
|
||||||
* @async
|
* @async
|
||||||
*/
|
*/
|
||||||
SecretKey.prototype.encrypt = async function (passphrase) {
|
SecretKey.prototype.encrypt = async function (passphrase) {
|
||||||
if (this.isDecrypted && !passphrase) {
|
if (this.isDecrypted() && !passphrase) {
|
||||||
this.encrypted = null;
|
this.encrypted = null;
|
||||||
return false;
|
return false;
|
||||||
} else if (!passphrase) {
|
} else if (!passphrase) {
|
||||||
|
|
@ -242,7 +250,7 @@ function produceEncryptionKey(s2k, passphrase, algorithm) {
|
||||||
* @async
|
* @async
|
||||||
*/
|
*/
|
||||||
SecretKey.prototype.decrypt = async function (passphrase) {
|
SecretKey.prototype.decrypt = async function (passphrase) {
|
||||||
if (this.isDecrypted) {
|
if (this.isDecrypted()) {
|
||||||
throw new Error('Key packet is already decrypted.');
|
throw new Error('Key packet is already decrypted.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -323,7 +331,7 @@ SecretKey.prototype.decrypt = async function (passphrase) {
|
||||||
|
|
||||||
const privParams = parse_cleartext_params(hash, cleartext, this.algorithm);
|
const privParams = parse_cleartext_params(hash, cleartext, this.algorithm);
|
||||||
this.params = this.params.concat(privParams);
|
this.params = this.params.concat(privParams);
|
||||||
this.isDecrypted = true;
|
this.isEncrypted = false;
|
||||||
this.encrypted = null;
|
this.encrypted = null;
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
|
|
@ -332,7 +340,7 @@ SecretKey.prototype.decrypt = async function (passphrase) {
|
||||||
SecretKey.prototype.generate = async function (bits, curve) {
|
SecretKey.prototype.generate = async function (bits, curve) {
|
||||||
const algo = enums.write(enums.publicKey, this.algorithm);
|
const algo = enums.write(enums.publicKey, this.algorithm);
|
||||||
this.params = await crypto.generateParams(algo, bits, curve);
|
this.params = await crypto.generateParams(algo, bits, curve);
|
||||||
this.isDecrypted = true;
|
this.isEncrypted = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -344,7 +352,7 @@ SecretKey.prototype.clearPrivateParams = function () {
|
||||||
}
|
}
|
||||||
const algo = enums.write(enums.publicKey, this.algorithm);
|
const algo = enums.write(enums.publicKey, this.algorithm);
|
||||||
this.params = this.params.slice(0, crypto.getPubKeyParamTypes(algo).length);
|
this.params = this.params.slice(0, crypto.getPubKeyParamTypes(algo).length);
|
||||||
this.isDecrypted = false;
|
this.isEncrypted = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -134,7 +134,7 @@ describe('Brainpool Cryptography', function () {
|
||||||
expect(pub).to.exist;
|
expect(pub).to.exist;
|
||||||
expect(pub.err).to.not.exist;
|
expect(pub.err).to.not.exist;
|
||||||
expect(pub.keys).to.have.length(1);
|
expect(pub.keys).to.have.length(1);
|
||||||
expect(pub.keys[0].primaryKey.getKeyId().toHex()).to.equal(data[name].id);
|
expect(pub.keys[0].getKeyId().toHex()).to.equal(data[name].id);
|
||||||
data[name].pub_key = pub.keys[0];
|
data[name].pub_key = pub.keys[0];
|
||||||
return data[name].pub_key;
|
return data[name].pub_key;
|
||||||
}
|
}
|
||||||
|
|
@ -146,7 +146,7 @@ describe('Brainpool Cryptography', function () {
|
||||||
expect(pk).to.exist;
|
expect(pk).to.exist;
|
||||||
expect(pk.err).to.not.exist;
|
expect(pk.err).to.not.exist;
|
||||||
expect(pk.keys).to.have.length(1);
|
expect(pk.keys).to.have.length(1);
|
||||||
expect(pk.keys[0].primaryKey.getKeyId().toHex()).to.equal(data[name].id);
|
expect(pk.keys[0].getKeyId().toHex()).to.equal(data[name].id);
|
||||||
expect(await pk.keys[0].decrypt(data[name].pass)).to.be.true;
|
expect(await pk.keys[0].decrypt(data[name].pass)).to.be.true;
|
||||||
data[name].priv_key = pk.keys[0];
|
data[name].priv_key = pk.keys[0];
|
||||||
return data[name].priv_key;
|
return data[name].priv_key;
|
||||||
|
|
|
||||||
|
|
@ -139,7 +139,7 @@ describe('Elliptic Curve Cryptography', function () {
|
||||||
expect(pub).to.exist;
|
expect(pub).to.exist;
|
||||||
expect(pub.err).to.not.exist;
|
expect(pub.err).to.not.exist;
|
||||||
expect(pub.keys).to.have.length(1);
|
expect(pub.keys).to.have.length(1);
|
||||||
expect(pub.keys[0].primaryKey.getKeyId().toHex()).to.equal(data[name].id);
|
expect(pub.keys[0].getKeyId().toHex()).to.equal(data[name].id);
|
||||||
data[name].pub_key = pub.keys[0];
|
data[name].pub_key = pub.keys[0];
|
||||||
return data[name].pub_key;
|
return data[name].pub_key;
|
||||||
}
|
}
|
||||||
|
|
@ -151,7 +151,7 @@ describe('Elliptic Curve Cryptography', function () {
|
||||||
expect(pk).to.exist;
|
expect(pk).to.exist;
|
||||||
expect(pk.err).to.not.exist;
|
expect(pk.err).to.not.exist;
|
||||||
expect(pk.keys).to.have.length(1);
|
expect(pk.keys).to.have.length(1);
|
||||||
expect(pk.keys[0].primaryKey.getKeyId().toHex()).to.equal(data[name].id);
|
expect(pk.keys[0].getKeyId().toHex()).to.equal(data[name].id);
|
||||||
expect(await pk.keys[0].decrypt(data[name].pass)).to.be.true;
|
expect(await pk.keys[0].decrypt(data[name].pass)).to.be.true;
|
||||||
data[name].priv_key = pk.keys[0];
|
data[name].priv_key = pk.keys[0];
|
||||||
return data[name].priv_key;
|
return data[name].priv_key;
|
||||||
|
|
|
||||||
|
|
@ -866,7 +866,7 @@ zoGJ6s48HcP591pN93uAitCcYcinY2ZslmdiCXw+zbeoX4spNrV4T4CYxBjNQdIa
|
||||||
expect(pubKeys).to.exist;
|
expect(pubKeys).to.exist;
|
||||||
expect(pubKeys.err).to.not.exist;
|
expect(pubKeys.err).to.not.exist;
|
||||||
expect(pubKeys.keys).to.have.length(1);
|
expect(pubKeys.keys).to.have.length(1);
|
||||||
expect(pubKeys.keys[0].primaryKey.getKeyId().toHex()).to.equal('b8e4105cc9dedc77');
|
expect(pubKeys.keys[0].getKeyId().toHex()).to.equal('b8e4105cc9dedc77');
|
||||||
done();
|
done();
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1248,14 +1248,70 @@ const mergeKey2 = '-----BEGIN PGP PUBLIC KEY BLOCK-----\n' +
|
||||||
'=REGo\n' +
|
'=REGo\n' +
|
||||||
'-----END PGP PUBLIC KEY BLOCK-----\n';
|
'-----END PGP PUBLIC KEY BLOCK-----\n';
|
||||||
|
|
||||||
|
const priv_key_2000_2008 = `-----BEGIN PGP PRIVATE KEY BLOCK-----
|
||||||
|
|
||||||
|
xcEYBDioN2gBBACy5VEu8/dlQHOd12v8tNY2Aic+C+k6yyKe7eHRf1Pqwd0d
|
||||||
|
OdMk+0EvMi1Z+i0x/cQj89te81F7TCmVd+qrIWR6rKc/6WQzg9FQ0h1WQKxD
|
||||||
|
YizEIyia0ZNEuYd7F1H6ycx352tymepAth05i6t1LxI5jExFDq+d8z8L5ezq
|
||||||
|
+/6BZQARAQABAAP5AY01ySGNEQKq2LY0WyaqCqG1+5azW72aIS+WKztpO9VE
|
||||||
|
HhuGXmD+gFK1VtKHFKgAjOucc2RKszYmey56ftL6kdvBs404GEFGCtZOkr4a
|
||||||
|
PcnSBM7SNZrUlOIBN9u6U4McnNYdEhyARIf+Qm9NGTbzZCoZ13f40/QjX2TG
|
||||||
|
2T6cTwECAOeTJBaIinz+OInqPzWbEndnbWKIXbPhPtpvU/D2OyLquwMmma8r
|
||||||
|
khX78V9ZduLVwtzP2DyGnQ+yHBmLCgjxEQECAMXDxAlcx3LbAGew6OA2u938
|
||||||
|
Cf+O0fJWid3/e0gNppvnbayTtisXF0uENX4pJv82S02QgqxFL3FYrdON5KVW
|
||||||
|
zGUB/3rtIzMQJaSYZAJFc4SDOn1RNkl4nUroPf1IbB17nDX/GcB6acquJxQq
|
||||||
|
0q5FtJCrnNR2K25u6t2AGDcZLleSaFSamc0TdGVzdCA8dGVzdEBleGFtcGxl
|
||||||
|
PsKtBBMBCgAXBQI4qDdoAhsvAwsJBwMVCggCHgECF4AACgkQXPAg04i7hHT2
|
||||||
|
rwQAip3cACXdbShpxvKEsQs0oBN1H5PAx1BAGXanw+jxDFUkrDk1DOSrZFnM
|
||||||
|
aohuoJrYyoE/RkLz061g8tFc/KETmnyJAcXL/PPic3tPCCs1cphVAsAjELsY
|
||||||
|
wPL4UQpFnRU2e+phgzX9M/G78wvqiOGcM/K0SZTnyRvYaAHHuLFE2xnHwRgE
|
||||||
|
OKg3aAEEALOt5AUdDf7fz0DwOkIokGj4zeiFuphsTPwpRAS6c1o9xAzS/C8h
|
||||||
|
LFShhTKL4Z9znYkdaMHuFIs7AJ3P5tKlvG0/cZAl3u286lz0aTtQluHMCKNy
|
||||||
|
UyhuZ0K1VgZOj+HcDKo8jQ+aejcwjHDg02yPvfzrXHBjWAJMjglV4W+YPFYj
|
||||||
|
ABEBAAEAA/9FbqPXagPXgssG8A3DNQOg3MxM1yhk8CzLoHKdVSNwMsAIqJs0
|
||||||
|
5x/HUGc1QiKcyEOPEaNClWqw5sr1MLqkmdD2y9xU6Ys1VyJY92GKQyVAgLej
|
||||||
|
tAvgeUb7NoHKU7b8F/oDfZezY8rs5fBRNVO5hHd+aAD4gcAAfIeAmy7AHRU9
|
||||||
|
wQIA7UPEpAI/lil5fDByHz7wyo1k/7yLqY18tHEAcUbPwUWvYCuvv3ASts78
|
||||||
|
0kQETsqn0bZZuuiR+IRdFxZzsElLAwIAwd4M85ewucF2tsyJYWJq4A+dETJC
|
||||||
|
WJfcSboagENXUYjOsLgtU/H8b9JD9CWpsd0DkcPshKAjuum6c3cUaTROYQIA
|
||||||
|
lp2kWrnzdLZxXELA2RDTaqsp/M+XhwKhChuG53FH+AKMVrwDImG7qVVL07gI
|
||||||
|
Rv+gGkG79PGvej7YZLZvHIq/+qTWwsCDBBgBCgAPBQI4qDdoBQkPCZwAAhsu
|
||||||
|
AKgJEFzwINOIu4R0nSAEGQEKAAYFAjioN2gACgkQ4fPj4++ExKB1EQP+Ppm5
|
||||||
|
hmv2c04836wMXHjjCIX1fsBhJNSeWNZljxPOcPgb0kAd2hY1S/Vn9ZDogeYm
|
||||||
|
DBUQ/JHj42Edda2IYax/74dAwUTV2KnDsdBT8Tb9ljHnY3GM7JqEKi/u09u7
|
||||||
|
Zfwq3auRDH8RW/hRHQ058dfkSoorpN5iCUfzYJemM4ZmA7NPCwP+PsQ63uIP
|
||||||
|
mDB49M2sQwV1GsBc+YB+aD3hggsRv7UHh4gvr2GCcukRlHDi/pOEO/ZTaoyS
|
||||||
|
un3m7b2M4n31bEj1lknZBtMZLo0uWww6YpAQEwFFXhVcAOYQqOb2KfF1rJGB
|
||||||
|
6w10tmpXdNWm5JPANu6RqaXIzkuMcRUqlYcNLfz6SUHHwRgEOKg3aAEEALfQ
|
||||||
|
/ENJxzybgdKLQBhF8RN3xb1V8DiYFtfgDkboavjiSD7PVEDNO286cLoe/uAk
|
||||||
|
E+Dgm2oEFmZ/IJShX+BL1JkHreNKuWTW0Gz0jkqYbE44Kssy5ywCXc0ItW4y
|
||||||
|
rMtabXPI5zqXzePd9Fwp7ZOt8QN/jU+TUfGUMwEv2tDKq/+7ABEBAAEAA/4l
|
||||||
|
tAGSQbdSqKj7ySE3+Vyl/Bq8p7xyt0t0Mxpqk/ChJTThYUBsXExVF70YiBQK
|
||||||
|
YIwNQ7TNDZKUqn3BzsnuJU+xTHKx8/mg7cGo+EzBstLMz7tGQJ9GN2LwrTZj
|
||||||
|
/yA2JZk3t54Ip/eNCkg7j5OaJG9l3RaW3DKPskRFY63gnitC8QIA745VRJmw
|
||||||
|
FwmHQ0H4ZoggO26+Q77ViYn84s8gio7AWkrFlt5sWhSdkrGcy/IIeSqzq0ZU
|
||||||
|
2p7zsXR8qz85+RyTcQIAxG8mwRGHkboHVa6qKt+lAxpqCuxe/buniw0LZuzu
|
||||||
|
wJQU+E6Y0oybSAcOjleIMkxULljc3Us7a5/HDKdQi4mX6wH/bVPlW8koygus
|
||||||
|
mDVIPSP2rmjBA9YVLn5CBPG+u0oGAMY9tfJ848V22S/ZPYNZe9ksFSjEuFDL
|
||||||
|
Xnmz/O1jI3Xht6IGwsCDBBgBCgAPBQI4qDdoBQkPCZwAAhsuAKgJEFzwINOI
|
||||||
|
u4R0nSAEGQEKAAYFAjioN2gACgkQJVG+vfNJQKhK6gP+LB5qXTJKCduuqZm7
|
||||||
|
VhFvPeOu4W0pyORo29zZI0owKZnD2ZKZrZhKXZC/1+xKXi8aX4V2ygRth2P1
|
||||||
|
tGFLJRqRiA3C20NVewdI4tQtEqWWSlfNFDz4EsbNspyodQ4jPsKPk2R8pFjA
|
||||||
|
wmpXLizPg2UyPKUJ/2GnNWjleP0UNyUXgD1MkgP+IkxXTYgDF5/LrOlrq7Th
|
||||||
|
WqFqQ/prQCBy7xxNLjpVKLDxGYbXVER6p0pkD6DXlaOgSB3i32dQJnU96l44
|
||||||
|
TlUyaUK/dJP7JPbVUOFq/awSxJiCxFxF6Oarc10qQ+OG5ESdJAjpCMHGCzlb
|
||||||
|
t/ia1kMpSEiOVLlX5dfHZzhR3WNtBqU=
|
||||||
|
=C0fJ
|
||||||
|
-----END PGP PRIVATE KEY BLOCK-----`;
|
||||||
|
|
||||||
|
|
||||||
it('Parsing armored text with two keys', function(done) {
|
it('Parsing armored text with two keys', function(done) {
|
||||||
const pubKeys = openpgp.key.readArmored(twoKeys);
|
const pubKeys = openpgp.key.readArmored(twoKeys);
|
||||||
expect(pubKeys).to.exist;
|
expect(pubKeys).to.exist;
|
||||||
expect(pubKeys.err).to.not.exist;
|
expect(pubKeys.err).to.not.exist;
|
||||||
expect(pubKeys.keys).to.have.length(2);
|
expect(pubKeys.keys).to.have.length(2);
|
||||||
expect(pubKeys.keys[0].primaryKey.getKeyId().toHex()).to.equal('4a63613a4d6e4094');
|
expect(pubKeys.keys[0].getKeyId().toHex()).to.equal('4a63613a4d6e4094');
|
||||||
expect(pubKeys.keys[1].primaryKey.getKeyId().toHex()).to.equal('dbf223e870534df4');
|
expect(pubKeys.keys[1].getKeyId().toHex()).to.equal('dbf223e870534df4');
|
||||||
done();
|
done();
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1292,21 +1348,21 @@ const mergeKey2 = '-----BEGIN PGP PUBLIC KEY BLOCK-----\n' +
|
||||||
const pubKeyV3 = pubKeysV3.keys[0];
|
const pubKeyV3 = pubKeysV3.keys[0];
|
||||||
expect(pubKeyV3).to.exist;
|
expect(pubKeyV3).to.exist;
|
||||||
|
|
||||||
expect(pubKeyV4.primaryKey.getKeyId().toHex()).to.equal('4a63613a4d6e4094');
|
expect(pubKeyV4.getKeyId().toHex()).to.equal('4a63613a4d6e4094');
|
||||||
expect(pubKeyV4.primaryKey.getFingerprint()).to.equal('f470e50dcb1ad5f1e64e08644a63613a4d6e4094');
|
expect(pubKeyV4.getFingerprint()).to.equal('f470e50dcb1ad5f1e64e08644a63613a4d6e4094');
|
||||||
expect(pubKeyV3.primaryKey.getKeyId().toHex()).to.equal('e5b7a014a237ba9d');
|
expect(pubKeyV3.getKeyId().toHex()).to.equal('e5b7a014a237ba9d');
|
||||||
expect(pubKeyV3.primaryKey.getFingerprint()).to.equal('a44fcee620436a443bc4913640ab3e49');
|
expect(pubKeyV3.getFingerprint()).to.equal('a44fcee620436a443bc4913640ab3e49');
|
||||||
done();
|
done();
|
||||||
});
|
});
|
||||||
|
|
||||||
it('Create new key ID with fromId()', function() {
|
it('Create new key ID with fromId()', function() {
|
||||||
const pubKeyV4 = openpgp.key.readArmored(twoKeys).keys[0];
|
const pubKeyV4 = openpgp.key.readArmored(twoKeys).keys[0];
|
||||||
const keyId = pubKeyV4.primaryKey.getKeyId();
|
const keyId = pubKeyV4.getKeyId();
|
||||||
const newKeyId = keyId.constructor.fromId(keyId.toHex());
|
const newKeyId = keyId.constructor.fromId(keyId.toHex());
|
||||||
expect(newKeyId.toHex()).to.equal(keyId.toHex());
|
expect(newKeyId.toHex()).to.equal(keyId.toHex());
|
||||||
});
|
});
|
||||||
|
|
||||||
it('Testing key method getSubkeyPackets', function(done) {
|
it('Testing key method getSubkeys', function(done) {
|
||||||
const pubKeys = openpgp.key.readArmored(pub_sig_test);
|
const pubKeys = openpgp.key.readArmored(pub_sig_test);
|
||||||
|
|
||||||
expect(pubKeys).to.exist;
|
expect(pubKeys).to.exist;
|
||||||
|
|
@ -1320,7 +1376,7 @@ const mergeKey2 = '-----BEGIN PGP PUBLIC KEY BLOCK-----\n' +
|
||||||
|
|
||||||
packetlist.read(openpgp.armor.decode(pub_sig_test).data);
|
packetlist.read(openpgp.armor.decode(pub_sig_test).data);
|
||||||
|
|
||||||
const subkeys = pubKey.getSubkeyPackets();
|
const subkeys = pubKey.getSubkeys();
|
||||||
expect(subkeys).to.exist;
|
expect(subkeys).to.exist;
|
||||||
expect(subkeys).to.have.length(2);
|
expect(subkeys).to.have.length(2);
|
||||||
expect(subkeys[0].getKeyId().equals(packetlist[8].getKeyId())).to.be.true;
|
expect(subkeys[0].getKeyId().equals(packetlist[8].getKeyId())).to.be.true;
|
||||||
|
|
@ -1359,8 +1415,8 @@ const mergeKey2 = '-----BEGIN PGP PUBLIC KEY BLOCK-----\n' +
|
||||||
// remove subkeys
|
// remove subkeys
|
||||||
pubKey.subKeys = [];
|
pubKey.subKeys = [];
|
||||||
// primary key has only key flags for signing
|
// primary key has only key flags for signing
|
||||||
const keyPacket = await pubKey.getEncryptionKeyPacket();
|
const encryptionKey = await pubKey.getEncryptionKey();
|
||||||
expect(keyPacket).to.not.exist;
|
expect(encryptionKey).to.not.exist;
|
||||||
});
|
});
|
||||||
|
|
||||||
it('Method getExpirationTime V4 Key', async function() {
|
it('Method getExpirationTime V4 Key', async function() {
|
||||||
|
|
@ -1387,6 +1443,16 @@ const mergeKey2 = '-----BEGIN PGP PUBLIC KEY BLOCK-----\n' +
|
||||||
expect(expirationTime.toISOString()).to.be.equal('2018-11-26T10:58:29.000Z');
|
expect(expirationTime.toISOString()).to.be.equal('2018-11-26T10:58:29.000Z');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('Method getExpirationTime V4 Key with capabilities', async function() {
|
||||||
|
const pubKey = openpgp.key.readArmored(priv_key_2000_2008).keys[0];
|
||||||
|
expect(pubKey).to.exist;
|
||||||
|
expect(pubKey).to.be.an.instanceof(openpgp.key.Key);
|
||||||
|
const expirationTime = await pubKey.getExpirationTime();
|
||||||
|
expect(expirationTime).to.equal(Infinity);
|
||||||
|
const encryptExpirationTime = await pubKey.getExpirationTime('encrypt_sign');
|
||||||
|
expect(encryptExpirationTime.toISOString()).to.equal('2008-02-12T17:12:08.000Z');
|
||||||
|
});
|
||||||
|
|
||||||
it('update() - throw error if fingerprints not equal', function(done) {
|
it('update() - throw error if fingerprints not equal', function(done) {
|
||||||
const keys = openpgp.key.readArmored(twoKeys).keys;
|
const keys = openpgp.key.readArmored(twoKeys).keys;
|
||||||
expect(keys[0].update.bind(
|
expect(keys[0].update.bind(
|
||||||
|
|
@ -1440,8 +1506,8 @@ const mergeKey2 = '-----BEGIN PGP PUBLIC KEY BLOCK-----\n' +
|
||||||
dest.update(source).then(() => {
|
dest.update(source).then(() => {
|
||||||
expect(dest.subKeys[1]).to.exist;
|
expect(dest.subKeys[1]).to.exist;
|
||||||
expect(
|
expect(
|
||||||
dest.subKeys[1].subKey.getKeyId().toHex()
|
dest.subKeys[1].getKeyId().toHex()
|
||||||
).to.equal(source.subKeys[1].subKey.getKeyId().toHex());
|
).to.equal(source.subKeys[1].getKeyId().toHex());
|
||||||
done();
|
done();
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1751,8 +1817,8 @@ VYGdb3eNlV8CfoEC
|
||||||
|
|
||||||
return openpgp.generateKey(opt).then(function(newKey) {
|
return openpgp.generateKey(opt).then(function(newKey) {
|
||||||
expect(newKey.key).to.exist;
|
expect(newKey.key).to.exist;
|
||||||
expect(+newKey.key.primaryKey.created).to.equal(+past);
|
expect(+newKey.key.getCreationTime()).to.equal(+past);
|
||||||
expect(+newKey.key.subKeys[0].subKey.created).to.equal(+past);
|
expect(+newKey.key.subKeys[0].getCreationTime()).to.equal(+past);
|
||||||
expect(+newKey.key.subKeys[0].bindingSignatures[0].created).to.equal(+past);
|
expect(+newKey.key.subKeys[0].bindingSignatures[0].created).to.equal(+past);
|
||||||
});
|
});
|
||||||
})
|
})
|
||||||
|
|
@ -1781,8 +1847,8 @@ VYGdb3eNlV8CfoEC
|
||||||
expect(key.users[0].userId.userid).to.equal(userId);
|
expect(key.users[0].userId.userid).to.equal(userId);
|
||||||
expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
|
expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
|
||||||
expect(key.subKeys).to.have.lengthOf(2);
|
expect(key.subKeys).to.have.lengthOf(2);
|
||||||
expect(key.subKeys[0].subKey.algorithm).to.equal('ecdh');
|
expect(key.subKeys[0].getAlgorithmInfo().algorithm).to.equal('ecdh');
|
||||||
expect(key.subKeys[1].subKey.algorithm).to.equal('ecdh');
|
expect(key.subKeys[1].getAlgorithmInfo().algorithm).to.equal('ecdh');
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1795,8 +1861,8 @@ VYGdb3eNlV8CfoEC
|
||||||
expect(key.users[0].userId.userid).to.equal(userId);
|
expect(key.users[0].userId.userid).to.equal(userId);
|
||||||
expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
|
expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
|
||||||
expect(key.subKeys).to.have.lengthOf(2);
|
expect(key.subKeys).to.have.lengthOf(2);
|
||||||
expect(key.subKeys[0].subKey.algorithm).to.equal('ecdh');
|
expect(key.subKeys[0].getAlgorithmInfo().algorithm).to.equal('ecdh');
|
||||||
expect(key.subKeys[1].subKey.algorithm).to.equal('eddsa');
|
expect(key.subKeys[1].getAlgorithmInfo().algorithm).to.equal('eddsa');
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1808,8 +1874,8 @@ VYGdb3eNlV8CfoEC
|
||||||
expect(key.users.length).to.equal(1);
|
expect(key.users.length).to.equal(1);
|
||||||
expect(key.users[0].userId.userid).to.equal(userId);
|
expect(key.users[0].userId.userid).to.equal(userId);
|
||||||
expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
|
expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
|
||||||
expect(key.primaryKey.algorithm).to.equal('rsa_encrypt_sign');
|
expect(key.getAlgorithmInfo().algorithm).to.equal('rsa_encrypt_sign');
|
||||||
expect(key.subKeys[0].subKey.algorithm).to.equal('ecdh');
|
expect(key.subKeys[0].getAlgorithmInfo().algorithm).to.equal('ecdh');
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1822,13 +1888,13 @@ VYGdb3eNlV8CfoEC
|
||||||
const armor2 = key.armor();
|
const armor2 = key.armor();
|
||||||
expect(armor1).to.equal(armor2);
|
expect(armor1).to.equal(armor2);
|
||||||
expect(await key.decrypt('passphrase')).to.be.true;
|
expect(await key.decrypt('passphrase')).to.be.true;
|
||||||
expect(key.primaryKey.isDecrypted).to.be.true;
|
expect(key.isDecrypted()).to.be.true;
|
||||||
await key.encrypt('new_passphrase');
|
await key.encrypt('new_passphrase');
|
||||||
expect(key.primaryKey.isDecrypted).to.be.false;
|
expect(key.isDecrypted()).to.be.false;
|
||||||
await expect(key.decrypt('passphrase')).to.eventually.be.rejectedWith('Incorrect key passphrase');
|
await expect(key.decrypt('passphrase')).to.eventually.be.rejectedWith('Incorrect key passphrase');
|
||||||
expect(key.primaryKey.isDecrypted).to.be.false;
|
expect(key.isDecrypted()).to.be.false;
|
||||||
expect(await key.decrypt('new_passphrase')).to.be.true;
|
expect(await key.decrypt('new_passphrase')).to.be.true;
|
||||||
expect(key.primaryKey.isDecrypted).to.be.true;
|
expect(key.isDecrypted()).to.be.true;
|
||||||
const armor3 = key.armor();
|
const armor3 = key.armor();
|
||||||
expect(armor3).to.not.equal(armor1);
|
expect(armor3).to.not.equal(armor1);
|
||||||
});
|
});
|
||||||
|
|
@ -1861,12 +1927,12 @@ VYGdb3eNlV8CfoEC
|
||||||
await privateKey.decrypt('hello world');
|
await privateKey.decrypt('hello world');
|
||||||
publicKey = await publicKey.signPrimaryUser([privateKey]);
|
publicKey = await publicKey.signPrimaryUser([privateKey]);
|
||||||
const signatures = await publicKey.verifyPrimaryUser([privateKey]);
|
const signatures = await publicKey.verifyPrimaryUser([privateKey]);
|
||||||
const publicKeyPacket = await publicKey.getSigningKeyPacket();
|
const publicSigningKey = await publicKey.getSigningKey();
|
||||||
const privateKeyPacket = await privateKey.getSigningKeyPacket();
|
const privateSigningKey = await privateKey.getSigningKey();
|
||||||
expect(signatures.length).to.equal(2);
|
expect(signatures.length).to.equal(2);
|
||||||
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
|
expect(signatures[0].keyid.toHex()).to.equal(publicSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[0].valid).to.be.null;
|
expect(signatures[0].valid).to.be.null;
|
||||||
expect(signatures[1].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
|
expect(signatures[1].keyid.toHex()).to.equal(privateSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[1].valid).to.be.true;
|
expect(signatures[1].valid).to.be.true;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1877,12 +1943,12 @@ VYGdb3eNlV8CfoEC
|
||||||
await privateKey.decrypt('hello world');
|
await privateKey.decrypt('hello world');
|
||||||
publicKey = await publicKey.signPrimaryUser([privateKey]);
|
publicKey = await publicKey.signPrimaryUser([privateKey]);
|
||||||
const signatures = await publicKey.verifyPrimaryUser([wrongKey]);
|
const signatures = await publicKey.verifyPrimaryUser([wrongKey]);
|
||||||
const publicKeyPacket = await publicKey.getSigningKeyPacket();
|
const publicSigningKey = await publicKey.getSigningKey();
|
||||||
const privateKeyPacket = await privateKey.getSigningKeyPacket();
|
const privateSigningKey = await privateKey.getSigningKey();
|
||||||
expect(signatures.length).to.equal(2);
|
expect(signatures.length).to.equal(2);
|
||||||
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
|
expect(signatures[0].keyid.toHex()).to.equal(publicSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[0].valid).to.be.null;
|
expect(signatures[0].valid).to.be.null;
|
||||||
expect(signatures[1].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
|
expect(signatures[1].keyid.toHex()).to.equal(privateSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[1].valid).to.be.null;
|
expect(signatures[1].valid).to.be.null;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1892,20 +1958,20 @@ VYGdb3eNlV8CfoEC
|
||||||
await privateKey.decrypt('hello world');
|
await privateKey.decrypt('hello world');
|
||||||
publicKey = await publicKey.signAllUsers([privateKey]);
|
publicKey = await publicKey.signAllUsers([privateKey]);
|
||||||
const signatures = await publicKey.verifyAllUsers([privateKey]);
|
const signatures = await publicKey.verifyAllUsers([privateKey]);
|
||||||
const publicKeyPacket = await publicKey.getSigningKeyPacket();
|
const publicSigningKey = await publicKey.getSigningKey();
|
||||||
const privateKeyPacket = await privateKey.getSigningKeyPacket();
|
const privateSigningKey = await privateKey.getSigningKey();
|
||||||
expect(signatures.length).to.equal(4);
|
expect(signatures.length).to.equal(4);
|
||||||
expect(signatures[0].userid).to.equal(publicKey.users[0].userId.userid);
|
expect(signatures[0].userid).to.equal(publicKey.users[0].userId.userid);
|
||||||
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
|
expect(signatures[0].keyid.toHex()).to.equal(publicSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[0].valid).to.be.null;
|
expect(signatures[0].valid).to.be.null;
|
||||||
expect(signatures[1].userid).to.equal(publicKey.users[0].userId.userid);
|
expect(signatures[1].userid).to.equal(publicKey.users[0].userId.userid);
|
||||||
expect(signatures[1].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
|
expect(signatures[1].keyid.toHex()).to.equal(privateSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[1].valid).to.be.true;
|
expect(signatures[1].valid).to.be.true;
|
||||||
expect(signatures[2].userid).to.equal(publicKey.users[1].userId.userid);
|
expect(signatures[2].userid).to.equal(publicKey.users[1].userId.userid);
|
||||||
expect(signatures[2].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
|
expect(signatures[2].keyid.toHex()).to.equal(publicSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[2].valid).to.be.null;
|
expect(signatures[2].valid).to.be.null;
|
||||||
expect(signatures[3].userid).to.equal(publicKey.users[1].userId.userid);
|
expect(signatures[3].userid).to.equal(publicKey.users[1].userId.userid);
|
||||||
expect(signatures[3].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
|
expect(signatures[3].keyid.toHex()).to.equal(privateSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[3].valid).to.be.true;
|
expect(signatures[3].valid).to.be.true;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1916,20 +1982,20 @@ VYGdb3eNlV8CfoEC
|
||||||
await privateKey.decrypt('hello world');
|
await privateKey.decrypt('hello world');
|
||||||
publicKey = await publicKey.signAllUsers([privateKey]);
|
publicKey = await publicKey.signAllUsers([privateKey]);
|
||||||
const signatures = await publicKey.verifyAllUsers([wrongKey]);
|
const signatures = await publicKey.verifyAllUsers([wrongKey]);
|
||||||
const publicKeyPacket = await publicKey.getSigningKeyPacket();
|
const publicSigningKey = await publicKey.getSigningKey();
|
||||||
const privateKeyPacket = await privateKey.getSigningKeyPacket()
|
const privateSigningKey = await privateKey.getSigningKey();
|
||||||
expect(signatures.length).to.equal(4);
|
expect(signatures.length).to.equal(4);
|
||||||
expect(signatures[0].userid).to.equal(publicKey.users[0].userId.userid);
|
expect(signatures[0].userid).to.equal(publicKey.users[0].userId.userid);
|
||||||
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
|
expect(signatures[0].keyid.toHex()).to.equal(publicSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[0].valid).to.be.null;
|
expect(signatures[0].valid).to.be.null;
|
||||||
expect(signatures[1].userid).to.equal(publicKey.users[0].userId.userid);
|
expect(signatures[1].userid).to.equal(publicKey.users[0].userId.userid);
|
||||||
expect(signatures[1].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
|
expect(signatures[1].keyid.toHex()).to.equal(privateSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[1].valid).to.be.null;
|
expect(signatures[1].valid).to.be.null;
|
||||||
expect(signatures[2].userid).to.equal(publicKey.users[1].userId.userid);
|
expect(signatures[2].userid).to.equal(publicKey.users[1].userId.userid);
|
||||||
expect(signatures[2].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
|
expect(signatures[2].keyid.toHex()).to.equal(publicSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[2].valid).to.be.null;
|
expect(signatures[2].valid).to.be.null;
|
||||||
expect(signatures[3].userid).to.equal(publicKey.users[1].userId.userid);
|
expect(signatures[3].userid).to.equal(publicKey.users[1].userId.userid);
|
||||||
expect(signatures[3].keyid.toHex()).to.equal(privateKeyPacket.getKeyId().toHex());
|
expect(signatures[3].keyid.toHex()).to.equal(privateSigningKey.getKeyId().toHex());
|
||||||
expect(signatures[3].valid).to.be.null;
|
expect(signatures[3].valid).to.be.null;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1997,14 +2063,14 @@ VYGdb3eNlV8CfoEC
|
||||||
key = key.key;
|
key = key.key;
|
||||||
expect(key.users.length).to.equal(1);
|
expect(key.users.length).to.equal(1);
|
||||||
expect(key.users[0].userId.userid).to.equal(userId1);
|
expect(key.users[0].userId.userid).to.equal(userId1);
|
||||||
expect(key.primaryKey.isDecrypted).to.be.true;
|
expect(key.isDecrypted()).to.be.true;
|
||||||
opt.privateKey = key;
|
opt.privateKey = key;
|
||||||
opt.userIds = userId2;
|
opt.userIds = userId2;
|
||||||
return openpgp.reformatKey(opt).then(function(newKey) {
|
return openpgp.reformatKey(opt).then(function(newKey) {
|
||||||
newKey = newKey.key;
|
newKey = newKey.key;
|
||||||
expect(newKey.users.length).to.equal(1);
|
expect(newKey.users.length).to.equal(1);
|
||||||
expect(newKey.users[0].userId.userid).to.equal(userId2);
|
expect(newKey.users[0].userId.userid).to.equal(userId2);
|
||||||
expect(newKey.primaryKey.isDecrypted).to.be.true;
|
expect(newKey.isDecrypted()).to.be.true;
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -2017,7 +2083,7 @@ VYGdb3eNlV8CfoEC
|
||||||
newKey = newKey.key;
|
newKey = newKey.key;
|
||||||
expect(newKey.users.length).to.equal(1);
|
expect(newKey.users.length).to.equal(1);
|
||||||
expect(newKey.users[0].userId.userid).to.equal(userId);
|
expect(newKey.users[0].userId.userid).to.equal(userId);
|
||||||
expect(newKey.primaryKey.isDecrypted).to.be.false;
|
expect(newKey.isDecrypted()).to.be.false;
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -2030,8 +2096,8 @@ VYGdb3eNlV8CfoEC
|
||||||
return openpgp.generateKey(opt1).then(function(newKey) {
|
return openpgp.generateKey(opt1).then(function(newKey) {
|
||||||
newKey = newKey.key;
|
newKey = newKey.key;
|
||||||
expect(newKey.users[0].userId.userid).to.equal(userId1);
|
expect(newKey.users[0].userId.userid).to.equal(userId1);
|
||||||
expect(+newKey.primaryKey.created).to.equal(+now);
|
expect(+newKey.getCreationTime()).to.equal(+now);
|
||||||
expect(+newKey.subKeys[0].subKey.created).to.equal(+now);
|
expect(+newKey.subKeys[0].getCreationTime()).to.equal(+now);
|
||||||
expect(+newKey.subKeys[0].bindingSignatures[0].created).to.equal(+now);
|
expect(+newKey.subKeys[0].bindingSignatures[0].created).to.equal(+now);
|
||||||
const opt2 = {privateKey: newKey, userIds: [userId2], date: before};
|
const opt2 = {privateKey: newKey, userIds: [userId2], date: before};
|
||||||
return openpgp.reformatKey(opt2).then(function(refKey) {
|
return openpgp.reformatKey(opt2).then(function(refKey) {
|
||||||
|
|
@ -2051,14 +2117,14 @@ VYGdb3eNlV8CfoEC
|
||||||
newKey = newKey.key;
|
newKey = newKey.key;
|
||||||
expect(newKey.users.length).to.equal(1);
|
expect(newKey.users.length).to.equal(1);
|
||||||
expect(newKey.users[0].userId.userid).to.equal(userId);
|
expect(newKey.users[0].userId.userid).to.equal(userId);
|
||||||
expect(newKey.primaryKey.isDecrypted).to.be.true;
|
expect(newKey.isDecrypted()).to.be.true;
|
||||||
return openpgp.sign({data: 'hello', privateKeys: newKey, armor: true}).then(function(signed) {
|
return openpgp.sign({data: 'hello', privateKeys: newKey, armor: true}).then(function(signed) {
|
||||||
return openpgp.verify(
|
return openpgp.verify(
|
||||||
{message: openpgp.cleartext.readArmored(signed.data), publicKeys: newKey.toPublic()}
|
{message: openpgp.cleartext.readArmored(signed.data), publicKeys: newKey.toPublic()}
|
||||||
).then(async function(verified) {
|
).then(async function(verified) {
|
||||||
expect(verified.signatures[0].valid).to.be.true;
|
expect(verified.signatures[0].valid).to.be.true;
|
||||||
const newKeyPacket = await newKey.getSigningKeyPacket();
|
const newSigningKey = await newKey.getSigningKey();
|
||||||
expect(verified.signatures[0].keyid.toHex()).to.equal(newKeyPacket.getKeyId().toHex());
|
expect(verified.signatures[0].keyid.toHex()).to.equal(newSigningKey.getKeyId().toHex());
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -2080,9 +2146,9 @@ VYGdb3eNlV8CfoEC
|
||||||
newKey = newKey.key;
|
newKey = newKey.key;
|
||||||
expect(newKey.users.length).to.equal(2);
|
expect(newKey.users.length).to.equal(2);
|
||||||
expect(newKey.users[0].userId.userid).to.equal(userId2);
|
expect(newKey.users[0].userId.userid).to.equal(userId2);
|
||||||
expect(newKey.primaryKey.isDecrypted).to.be.false;
|
expect(newKey.isDecrypted()).to.be.false;
|
||||||
await newKey.decrypt('123');
|
await newKey.decrypt('123');
|
||||||
expect(newKey.primaryKey.isDecrypted).to.be.true;
|
expect(newKey.isDecrypted()).to.be.true;
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -2122,7 +2188,7 @@ VYGdb3eNlV8CfoEC
|
||||||
|
|
||||||
it('Find a valid subkey binding signature among many invalid ones', async function() {
|
it('Find a valid subkey binding signature among many invalid ones', async function() {
|
||||||
const key = openpgp.key.readArmored(valid_binding_sig_among_many_expired_sigs_pub).keys[0];
|
const key = openpgp.key.readArmored(valid_binding_sig_among_many_expired_sigs_pub).keys[0];
|
||||||
expect(await key.getEncryptionKeyPacket()).to.not.be.null;
|
expect(await key.getEncryptionKey()).to.not.be.null;
|
||||||
});
|
});
|
||||||
|
|
||||||
it('Selects the most recent subkey binding signature', async function() {
|
it('Selects the most recent subkey binding signature', async function() {
|
||||||
|
|
@ -2135,7 +2201,7 @@ VYGdb3eNlV8CfoEC
|
||||||
return openpgp.encrypt({publicKeys: [key], data: 'random data'}).then(() => {
|
return openpgp.encrypt({publicKeys: [key], data: 'random data'}).then(() => {
|
||||||
throw new Error('encryptSessionKey should not encrypt with revoked public key');
|
throw new Error('encryptSessionKey should not encrypt with revoked public key');
|
||||||
}).catch(function(error) {
|
}).catch(function(error) {
|
||||||
expect(error.message).to.equal('Error encrypting message: Could not find valid key packet for encryption in key ' + key.primaryKey.getKeyId().toHex());
|
expect(error.message).to.equal('Error encrypting message: Could not find valid key packet for encryption in key ' + key.getKeyId().toHex());
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -2144,7 +2210,7 @@ VYGdb3eNlV8CfoEC
|
||||||
return openpgp.encrypt({publicKeys: [key], data: 'random data'}).then(() => {
|
return openpgp.encrypt({publicKeys: [key], data: 'random data'}).then(() => {
|
||||||
throw new Error('encryptSessionKey should not encrypt with revoked public key');
|
throw new Error('encryptSessionKey should not encrypt with revoked public key');
|
||||||
}).catch(function(error) {
|
}).catch(function(error) {
|
||||||
expect(error.message).to.equal('Error encrypting message: Could not find valid key packet for encryption in key ' + key.primaryKey.getKeyId().toHex());
|
expect(error.message).to.equal('Error encrypting message: Could not find valid key packet for encryption in key ' + key.getKeyId().toHex());
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -2186,8 +2252,8 @@ VYGdb3eNlV8CfoEC
|
||||||
expect(updateKey).to.exist;
|
expect(updateKey).to.exist;
|
||||||
expect(key.users).to.have.length(1);
|
expect(key.users).to.have.length(1);
|
||||||
key.update(updateKey).then(() => {
|
key.update(updateKey).then(() => {
|
||||||
expect(key.primaryKey.getFingerprint()).to.equal(
|
expect(key.getFingerprint()).to.equal(
|
||||||
updateKey.primaryKey.getFingerprint());
|
updateKey.getFingerprint());
|
||||||
expect(key.users).to.have.length(2);
|
expect(key.users).to.have.length(2);
|
||||||
expect(key.users[1].userId).to.be.null;
|
expect(key.users[1].userId).to.be.null;
|
||||||
done();
|
done();
|
||||||
|
|
|
||||||
|
|
@ -123,7 +123,7 @@ describe("Keyring", function() {
|
||||||
const keys = keyring.getKeysForId(keyId);
|
const keys = keyring.getKeysForId(keyId);
|
||||||
// we get public and private key
|
// we get public and private key
|
||||||
expect(keys).to.exist.and.have.length(2);
|
expect(keys).to.exist.and.have.length(2);
|
||||||
expect(keys[0].primaryKey.getKeyId().toHex()).equals(keyId);
|
expect(keys[0].getKeyId().toHex()).equals(keyId);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('publicKeys.getForId() - unknown id', function() {
|
it('publicKeys.getForId() - unknown id', function() {
|
||||||
|
|
@ -134,7 +134,7 @@ describe("Keyring", function() {
|
||||||
it('publicKeys.getForId() - valid id', function() {
|
it('publicKeys.getForId() - valid id', function() {
|
||||||
const key = keyring.publicKeys.getForId(keyId);
|
const key = keyring.publicKeys.getForId(keyId);
|
||||||
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
||||||
expect(key.primaryKey.getKeyId().toHex()).equals(keyId);
|
expect(key.getKeyId().toHex()).equals(keyId);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('privateKeys.getForId() - unknown id', function() {
|
it('privateKeys.getForId() - unknown id', function() {
|
||||||
|
|
@ -145,7 +145,7 @@ describe("Keyring", function() {
|
||||||
it('privateKeys.getForId() - valid id', function() {
|
it('privateKeys.getForId() - valid id', function() {
|
||||||
const key = keyring.privateKeys.getForId(keyId);
|
const key = keyring.privateKeys.getForId(keyId);
|
||||||
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
||||||
expect(key.primaryKey.getKeyId().toHex()).equals(keyId);
|
expect(key.getKeyId().toHex()).equals(keyId);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('publicKeys.getForId() - subkey id', function() {
|
it('publicKeys.getForId() - subkey id', function() {
|
||||||
|
|
@ -156,7 +156,7 @@ describe("Keyring", function() {
|
||||||
it('publicKeys.getForId() - deep, including subkeys - subkey id', function() {
|
it('publicKeys.getForId() - deep, including subkeys - subkey id', function() {
|
||||||
const key = keyring.publicKeys.getForId(subkeyId2, true);
|
const key = keyring.publicKeys.getForId(subkeyId2, true);
|
||||||
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
||||||
expect(key.primaryKey.getKeyId().toHex()).equals(keyId2);
|
expect(key.getKeyId().toHex()).equals(keyId2);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('getKeysForId() - unknown fingerprint', function() {
|
it('getKeysForId() - unknown fingerprint', function() {
|
||||||
|
|
@ -167,7 +167,7 @@ describe("Keyring", function() {
|
||||||
it('getKeysForId() - valid fingerprint', function() {
|
it('getKeysForId() - valid fingerprint', function() {
|
||||||
const keys = keyring.getKeysForId(keyFingerP2);
|
const keys = keyring.getKeysForId(keyFingerP2);
|
||||||
expect(keys).to.exist.and.have.length(1);
|
expect(keys).to.exist.and.have.length(1);
|
||||||
expect(keys[0].primaryKey.getKeyId().toHex()).equals(keyId2);
|
expect(keys[0].getKeyId().toHex()).equals(keyId2);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('publicKeys.getForId() - unknown fingerprint', function() {
|
it('publicKeys.getForId() - unknown fingerprint', function() {
|
||||||
|
|
@ -178,7 +178,7 @@ describe("Keyring", function() {
|
||||||
it('publicKeys.getForId() - valid fingerprint', function() {
|
it('publicKeys.getForId() - valid fingerprint', function() {
|
||||||
const key = keyring.publicKeys.getForId(keyFingerP2);
|
const key = keyring.publicKeys.getForId(keyFingerP2);
|
||||||
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
||||||
expect(key.primaryKey.getKeyId().toHex()).equals(keyId2);
|
expect(key.getKeyId().toHex()).equals(keyId2);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('publicKeys.getForId() - subkey fingerprint', function() {
|
it('publicKeys.getForId() - subkey fingerprint', function() {
|
||||||
|
|
@ -189,7 +189,7 @@ describe("Keyring", function() {
|
||||||
it('publicKeys.getForId() - deep, including subkeys - subkey fingerprint', function() {
|
it('publicKeys.getForId() - deep, including subkeys - subkey fingerprint', function() {
|
||||||
const key = keyring.publicKeys.getForId(subkeyFingerP2, true);
|
const key = keyring.publicKeys.getForId(subkeyFingerP2, true);
|
||||||
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
||||||
expect(key.primaryKey.getKeyId().toHex()).equals(keyId2);
|
expect(key.getKeyId().toHex()).equals(keyId2);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('publicKeys.getForAddress() - unknown address', function() {
|
it('publicKeys.getForAddress() - unknown address', function() {
|
||||||
|
|
@ -248,7 +248,7 @@ describe("Keyring", function() {
|
||||||
it('publicKeys.removeForId() - valid id', function() {
|
it('publicKeys.removeForId() - valid id', function() {
|
||||||
const key = keyring.publicKeys.removeForId(keyId);
|
const key = keyring.publicKeys.removeForId(keyId);
|
||||||
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
||||||
expect(key.primaryKey.getKeyId().toHex()).equals(keyId);
|
expect(key.getKeyId().toHex()).equals(keyId);
|
||||||
expect(keyring.publicKeys.keys).to.exist.and.have.length(1);
|
expect(keyring.publicKeys.keys).to.exist.and.have.length(1);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -261,7 +261,7 @@ describe("Keyring", function() {
|
||||||
it('publicKeys.removeForId() - valid fingerprint', function() {
|
it('publicKeys.removeForId() - valid fingerprint', function() {
|
||||||
const key = keyring.publicKeys.removeForId(keyFingerP2);
|
const key = keyring.publicKeys.removeForId(keyFingerP2);
|
||||||
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
expect(key).to.exist.and.be.an.instanceof(openpgp.key.Key);
|
||||||
expect(key.primaryKey.getKeyId().toHex()).equals(keyId2);
|
expect(key.getKeyId().toHex()).equals(keyId2);
|
||||||
expect(keyring.publicKeys.keys).to.be.empty;
|
expect(keyring.publicKeys.keys).to.be.empty;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -272,7 +272,7 @@ describe("Keyring", function() {
|
||||||
localstore3.storePublic([]);
|
localstore3.storePublic([]);
|
||||||
const key = openpgp.key.readArmored(pubkey).keys[0];
|
const key = openpgp.key.readArmored(pubkey).keys[0];
|
||||||
localstore1.storePublic([key]);
|
localstore1.storePublic([key]);
|
||||||
expect(localstore2.loadPublic()[0].primaryKey.getKeyId().equals(key.primaryKey.getKeyId())).to.be.true;
|
expect(localstore2.loadPublic()[0].getKeyId().equals(key.getKeyId())).to.be.true;
|
||||||
expect(localstore3.loadPublic()).to.have.length(0);
|
expect(localstore3.loadPublic()).to.have.length(0);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -766,8 +766,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
privateKey: privateKey.keys[0],
|
privateKey: privateKey.keys[0],
|
||||||
passphrase: passphrase
|
passphrase: passphrase
|
||||||
}).then(function(unlocked){
|
}).then(function(unlocked){
|
||||||
expect(unlocked.key.primaryKey.getKeyId().toHex()).to.equal(privateKey.keys[0].primaryKey.getKeyId().toHex());
|
expect(unlocked.key.getKeyId().toHex()).to.equal(privateKey.keys[0].getKeyId().toHex());
|
||||||
expect(unlocked.key.primaryKey.isDecrypted).to.be.true;
|
expect(unlocked.key.isDecrypted()).to.be.true;
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1121,8 +1121,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.true;
|
expect(decrypted.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1144,8 +1144,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.true;
|
expect(decrypted.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1177,8 +1177,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.true;
|
expect(decrypted.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await newPrivateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await newPrivateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1200,8 +1200,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal('');
|
expect(decrypted.data).to.equal('');
|
||||||
expect(decrypted.signatures[0].valid).to.be.true;
|
expect(decrypted.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1224,8 +1224,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.true;
|
expect(decrypted.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1258,8 +1258,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.true;
|
expect(decrypted.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1294,15 +1294,15 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
decOpt.message = openpgp.message.readArmored(encrypted.data);
|
decOpt.message = openpgp.message.readArmored(encrypted.data);
|
||||||
return openpgp.decrypt(decOpt);
|
return openpgp.decrypt(decOpt);
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
let keyPacket;
|
let signingKey;
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.true;
|
expect(decrypted.signatures[0].valid).to.be.true;
|
||||||
keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
expect(decrypted.signatures[1].valid).to.be.true;
|
expect(decrypted.signatures[1].valid).to.be.true;
|
||||||
keyPacket = await privKeyDE.getSigningKeyPacket();
|
signingKey = await privKeyDE.getSigningKey();
|
||||||
expect(decrypted.signatures[1].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[1].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1335,8 +1335,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.null;
|
expect(decrypted.signatures[0].valid).to.be.null;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1367,8 +1367,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.null;
|
expect(decrypted.signatures[0].valid).to.be.null;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1389,8 +1389,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.null;
|
expect(decrypted.signatures[0].valid).to.be.null;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1411,8 +1411,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal('');
|
expect(decrypted.data).to.equal('');
|
||||||
expect(decrypted.signatures[0].valid).to.be.null;
|
expect(decrypted.signatures[0].valid).to.be.null;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1432,8 +1432,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.null;
|
expect(decrypted.signatures[0].valid).to.be.null;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1456,8 +1456,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.null;
|
expect(decrypted.signatures[0].valid).to.be.null;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1483,15 +1483,15 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
decOpt.message = openpgp.message.readArmored(encrypted.data);
|
decOpt.message = openpgp.message.readArmored(encrypted.data);
|
||||||
return openpgp.decrypt(decOpt);
|
return openpgp.decrypt(decOpt);
|
||||||
}).then(async function (decrypted) {
|
}).then(async function (decrypted) {
|
||||||
let keyPacket;
|
let signingKey;
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.true;
|
expect(decrypted.signatures[0].valid).to.be.true;
|
||||||
keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
expect(decrypted.signatures[1].valid).to.be.true;
|
expect(decrypted.signatures[1].valid).to.be.true;
|
||||||
keyPacket = await privKeyDE.getSigningKeyPacket();
|
signingKey = await privKeyDE.getSigningKey();
|
||||||
expect(decrypted.signatures[1].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[1].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1511,8 +1511,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (verified) {
|
}).then(async function (verified) {
|
||||||
expect(verified.data).to.equal(plaintext);
|
expect(verified.data).to.equal(plaintext);
|
||||||
expect(verified.signatures[0].valid).to.be.true;
|
expect(verified.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1533,15 +1533,15 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
verifyOpt.message = openpgp.cleartext.readArmored(signed.data);
|
verifyOpt.message = openpgp.cleartext.readArmored(signed.data);
|
||||||
return openpgp.verify(verifyOpt);
|
return openpgp.verify(verifyOpt);
|
||||||
}).then(async function (verified) {
|
}).then(async function (verified) {
|
||||||
let keyPacket;
|
let signingKey;
|
||||||
expect(verified.data).to.equal(plaintext);
|
expect(verified.data).to.equal(plaintext);
|
||||||
expect(verified.signatures[0].valid).to.be.true;
|
expect(verified.signatures[0].valid).to.be.true;
|
||||||
keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
expect(verified.signatures[1].valid).to.be.true;
|
expect(verified.signatures[1].valid).to.be.true;
|
||||||
keyPacket = await privKeyDE.getSigningKeyPacket();
|
signingKey = await privKeyDE.getSigningKey();
|
||||||
expect(verified.signatures[1].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(verified.signatures[1].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(verified.signatures[1].signature.packets.length).to.equal(1);
|
expect(verified.signatures[1].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1562,8 +1562,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (verified) {
|
}).then(async function (verified) {
|
||||||
expect(verified.data).to.equal(plaintext);
|
expect(verified.data).to.equal(plaintext);
|
||||||
expect(verified.signatures[0].valid).to.be.true;
|
expect(verified.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1582,8 +1582,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (verified) {
|
}).then(async function (verified) {
|
||||||
expect(verified.data).to.equal(plaintext);
|
expect(verified.data).to.equal(plaintext);
|
||||||
expect(verified.signatures[0].valid).to.be.null;
|
expect(verified.signatures[0].valid).to.be.null;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1604,8 +1604,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (verified) {
|
}).then(async function (verified) {
|
||||||
expect(verified.data).to.equal(plaintext);
|
expect(verified.data).to.equal(plaintext);
|
||||||
expect(verified.signatures[0].valid).to.be.null;
|
expect(verified.signatures[0].valid).to.be.null;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1625,8 +1625,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(async function (verified) {
|
}).then(async function (verified) {
|
||||||
expect(verified.data).to.equal(plaintext);
|
expect(verified.data).to.equal(plaintext);
|
||||||
expect(verified.signatures[0].valid).to.be.true;
|
expect(verified.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1651,8 +1651,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
expect(+verified.signatures[0].signature.packets[0].created).to.be.lte(+openpgp.util.normalizeDate());
|
expect(+verified.signatures[0].signature.packets[0].created).to.be.lte(+openpgp.util.normalizeDate());
|
||||||
expect(+verified.signatures[0].signature.packets[0].created).to.be.gte(+start);
|
expect(+verified.signatures[0].signature.packets[0].created).to.be.gte(+start);
|
||||||
expect(verified.signatures[0].valid).to.be.true;
|
expect(verified.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
const signingKey = await privateKey.keys[0].getSigningKey();
|
||||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(verified.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
@ -1677,7 +1677,7 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
expect(+verified.signatures[0].signature.packets[0].created).to.equal(+past);
|
expect(+verified.signatures[0].signature.packets[0].created).to.equal(+past);
|
||||||
expect(verified.data).to.equal(plaintext);
|
expect(verified.data).to.equal(plaintext);
|
||||||
expect(verified.signatures[0].valid).to.be.true;
|
expect(verified.signatures[0].valid).to.be.true;
|
||||||
expect(signOpt.privateKeys[0].getSigningKeyPacket(verified.signatures[0].keyid, past))
|
expect(signOpt.privateKeys[0].getSigningKey(verified.signatures[0].keyid, past))
|
||||||
.to.be.not.null;
|
.to.be.not.null;
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
// now check with expiration checking disabled
|
// now check with expiration checking disabled
|
||||||
|
|
@ -1687,7 +1687,7 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
expect(+verified.signatures[0].signature.packets[0].created).to.equal(+past);
|
expect(+verified.signatures[0].signature.packets[0].created).to.equal(+past);
|
||||||
expect(verified.data).to.equal(plaintext);
|
expect(verified.data).to.equal(plaintext);
|
||||||
expect(verified.signatures[0].valid).to.be.true;
|
expect(verified.signatures[0].valid).to.be.true;
|
||||||
expect(signOpt.privateKeys[0].getSigningKeyPacket(verified.signatures[0].keyid, null))
|
expect(signOpt.privateKeys[0].getSigningKey(verified.signatures[0].keyid, null))
|
||||||
.to.be.not.null;
|
.to.be.not.null;
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
|
|
@ -1716,7 +1716,7 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
expect(+verified.signatures[0].signature.packets[0].created).to.equal(+future);
|
expect(+verified.signatures[0].signature.packets[0].created).to.equal(+future);
|
||||||
expect([].slice.call(verified.data)).to.deep.equal([].slice.call(data));
|
expect([].slice.call(verified.data)).to.deep.equal([].slice.call(data));
|
||||||
expect(verified.signatures[0].valid).to.be.true;
|
expect(verified.signatures[0].valid).to.be.true;
|
||||||
expect(signOpt.privateKeys[0].getSigningKeyPacket(verified.signatures[0].keyid, future))
|
expect(signOpt.privateKeys[0].getSigningKey(verified.signatures[0].keyid, future))
|
||||||
.to.be.not.null;
|
.to.be.not.null;
|
||||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
|
|
@ -1792,7 +1792,7 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(function (signatures) {
|
}).then(function (signatures) {
|
||||||
expect(+signatures[0].signature.packets[0].created).to.equal(+past);
|
expect(+signatures[0].signature.packets[0].created).to.equal(+past);
|
||||||
expect(signatures[0].valid).to.be.true;
|
expect(signatures[0].valid).to.be.true;
|
||||||
expect(encryptOpt.privateKeys[0].getSigningKeyPacket(signatures[0].keyid, past))
|
expect(encryptOpt.privateKeys[0].getSigningKey(signatures[0].keyid, past))
|
||||||
.to.be.not.null;
|
.to.be.not.null;
|
||||||
expect(signatures[0].signature.packets.length).to.equal(1);
|
expect(signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
|
|
@ -1821,7 +1821,7 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(function (signatures) {
|
}).then(function (signatures) {
|
||||||
expect(+signatures[0].signature.packets[0].created).to.equal(+future);
|
expect(+signatures[0].signature.packets[0].created).to.equal(+future);
|
||||||
expect(signatures[0].valid).to.be.true;
|
expect(signatures[0].valid).to.be.true;
|
||||||
expect(encryptOpt.privateKeys[0].getSigningKeyPacket(signatures[0].keyid, future))
|
expect(encryptOpt.privateKeys[0].getSigningKey(signatures[0].keyid, future))
|
||||||
.to.be.not.null;
|
.to.be.not.null;
|
||||||
expect(signatures[0].signature.packets.length).to.equal(1);
|
expect(signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
|
|
@ -1851,7 +1851,7 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
}).then(function (signatures) {
|
}).then(function (signatures) {
|
||||||
expect(+signatures[0].signature.packets[0].created).to.equal(+future);
|
expect(+signatures[0].signature.packets[0].created).to.equal(+future);
|
||||||
expect(signatures[0].valid).to.be.true;
|
expect(signatures[0].valid).to.be.true;
|
||||||
expect(encryptOpt.privateKeys[0].getSigningKeyPacket(signatures[0].keyid, future))
|
expect(encryptOpt.privateKeys[0].getSigningKey(signatures[0].keyid, future))
|
||||||
.to.be.not.null;
|
.to.be.not.null;
|
||||||
expect(signatures[0].signature.packets.length).to.equal(1);
|
expect(signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
|
|
@ -1911,8 +1911,8 @@ describe('OpenPGP.js public api tests', function() {
|
||||||
expect(decrypted.data).to.exist;
|
expect(decrypted.data).to.exist;
|
||||||
expect(decrypted.data).to.equal(plaintext);
|
expect(decrypted.data).to.equal(plaintext);
|
||||||
expect(decrypted.signatures[0].valid).to.be.true;
|
expect(decrypted.signatures[0].valid).to.be.true;
|
||||||
const keyPacket = await privKeyDE.getSigningKeyPacket();
|
const signingKey = await privKeyDE.getSigningKey();
|
||||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
expect(decrypted.signatures[0].keyid.toHex()).to.equal(signingKey.getKeyId().toHex());
|
||||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
||||||
|
|
@ -369,7 +369,7 @@ describe("Signature", function() {
|
||||||
const pub_key = openpgp.key.readArmored(pub_key_arm1).keys[0];
|
const pub_key = openpgp.key.readArmored(pub_key_arm1).keys[0];
|
||||||
const msg = openpgp.message.readArmored(msg_arm1);
|
const msg = openpgp.message.readArmored(msg_arm1);
|
||||||
|
|
||||||
await priv_key_gnupg_ext.subKeys[0].subKey.decrypt("abcd");
|
await priv_key_gnupg_ext.subKeys[0].keyPacket.decrypt("abcd");
|
||||||
return msg.decrypt([priv_key_gnupg_ext]).then(function(msg) {
|
return msg.decrypt([priv_key_gnupg_ext]).then(function(msg) {
|
||||||
return msg.verify([pub_key]).then(verified => {
|
return msg.verify([pub_key]).then(verified => {
|
||||||
expect(verified).to.exist;
|
expect(verified).to.exist;
|
||||||
|
|
@ -520,8 +520,8 @@ describe("Signature", function() {
|
||||||
|
|
||||||
const keyids = sMsg.getSigningKeyIds();
|
const keyids = sMsg.getSigningKeyIds();
|
||||||
|
|
||||||
expect(pubKey2.getKeyPackets(keyids[1])).to.not.be.empty;
|
expect(pubKey2.getKeys(keyids[1])).to.not.be.empty;
|
||||||
expect(pubKey3.getKeyPackets(keyids[0])).to.not.be.empty;
|
expect(pubKey3.getKeys(keyids[0])).to.not.be.empty;
|
||||||
|
|
||||||
expect(sMsg.getText()).to.equal(plaintext);
|
expect(sMsg.getText()).to.equal(plaintext);
|
||||||
|
|
||||||
|
|
@ -566,8 +566,8 @@ describe("Signature", function() {
|
||||||
|
|
||||||
const keyids = csMsg.getSigningKeyIds();
|
const keyids = csMsg.getSigningKeyIds();
|
||||||
|
|
||||||
expect(pubKey2.getKeyPackets(keyids[0])).to.not.be.empty;
|
expect(pubKey2.getKeys(keyids[0])).to.not.be.empty;
|
||||||
expect(pubKey3.getKeyPackets(keyids[1])).to.not.be.empty;
|
expect(pubKey3.getKeys(keyids[1])).to.not.be.empty;
|
||||||
|
|
||||||
return openpgp.verify({ publicKeys:[pubKey2, pubKey3], message:csMsg }).then(function(cleartextSig) {
|
return openpgp.verify({ publicKeys:[pubKey2, pubKey3], message:csMsg }).then(function(cleartextSig) {
|
||||||
expect(cleartextSig).to.exist;
|
expect(cleartextSig).to.exist;
|
||||||
|
|
@ -607,7 +607,7 @@ zmuVOdNuWQqxT9Sqa84=
|
||||||
|
|
||||||
const keyids = csMsg.getSigningKeyIds();
|
const keyids = csMsg.getSigningKeyIds();
|
||||||
|
|
||||||
expect(pubKey.getKeyPackets(keyids[0])).to.not.be.empty;
|
expect(pubKey.getKeys(keyids[0])).to.not.be.empty;
|
||||||
|
|
||||||
return openpgp.verify({ publicKeys:[pubKey], message:csMsg }).then(function(cleartextSig) {
|
return openpgp.verify({ publicKeys:[pubKey], message:csMsg }).then(function(cleartextSig) {
|
||||||
expect(cleartextSig).to.exist;
|
expect(cleartextSig).to.exist;
|
||||||
|
|
@ -638,7 +638,7 @@ yYDnCgA=
|
||||||
|
|
||||||
const keyids = sMsg.getSigningKeyIds();
|
const keyids = sMsg.getSigningKeyIds();
|
||||||
|
|
||||||
expect(pubKey.getKeyPackets(keyids[0])).to.not.be.empty;
|
expect(pubKey.getKeys(keyids[0])).to.not.be.empty;
|
||||||
|
|
||||||
return openpgp.verify({ publicKeys:[pubKey], message:sMsg }).then(function(cleartextSig) {
|
return openpgp.verify({ publicKeys:[pubKey], message:sMsg }).then(function(cleartextSig) {
|
||||||
expect(cleartextSig).to.exist;
|
expect(cleartextSig).to.exist;
|
||||||
|
|
@ -786,7 +786,7 @@ yYDnCgA=
|
||||||
const plaintext = 'short message\nnext line\n한국어/조선말';
|
const plaintext = 'short message\nnext line\n한국어/조선말';
|
||||||
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
|
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
|
||||||
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
|
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
|
||||||
await Promise.all([privKey.primaryKey.decrypt('hello world'), privKey.subKeys[0].subKey.decrypt('hello world')]);
|
await Promise.all([privKey.primaryKey.decrypt('hello world'), privKey.subKeys[0].keyPacket.decrypt('hello world')]);
|
||||||
return openpgp.sign({ privateKeys:[privKey], data: plaintext, detached: true}).then(function(signed) {
|
return openpgp.sign({ privateKeys:[privKey], data: plaintext, detached: true}).then(function(signed) {
|
||||||
const signature = openpgp.signature.readArmored(signed.signature);
|
const signature = openpgp.signature.readArmored(signed.signature);
|
||||||
return openpgp.encrypt({ data: openpgp.util.str_to_Uint8Array(openpgp.util.encode_utf8(plaintext)), publicKeys: [pubKey], signature })
|
return openpgp.encrypt({ data: openpgp.util.str_to_Uint8Array(openpgp.util.encode_utf8(plaintext)), publicKeys: [pubKey], signature })
|
||||||
|
|
@ -861,7 +861,7 @@ yYDnCgA=
|
||||||
it('Verify subkey revocation signatures', function(done) {
|
it('Verify subkey revocation signatures', function(done) {
|
||||||
const pubKey = openpgp.key.readArmored(pub_revoked).keys[0];
|
const pubKey = openpgp.key.readArmored(pub_revoked).keys[0];
|
||||||
expect(pubKey.subKeys[0].revocationSignatures[0].verify(
|
expect(pubKey.subKeys[0].revocationSignatures[0].verify(
|
||||||
pubKey.primaryKey, {key: pubKey.primaryKey, bind: pubKey.subKeys[0].subKey}
|
pubKey.primaryKey, {key: pubKey.primaryKey, bind: pubKey.subKeys[0].keyPacket}
|
||||||
)).to.eventually.be.true.notify(done);
|
)).to.eventually.be.true.notify(done);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
@ -1009,9 +1009,9 @@ yYDnCgA=
|
||||||
const signerKey = openpgp.key.readArmored(priv_key_arm1).keys[0];
|
const signerKey = openpgp.key.readArmored(priv_key_arm1).keys[0];
|
||||||
return signedKey.verifyPrimaryUser([signerKey]).then(signatures => {
|
return signedKey.verifyPrimaryUser([signerKey]).then(signatures => {
|
||||||
expect(signatures[0].valid).to.be.null;
|
expect(signatures[0].valid).to.be.null;
|
||||||
expect(signatures[0].keyid.toHex()).to.equal(signedKey.primaryKey.getKeyId().toHex());
|
expect(signatures[0].keyid.toHex()).to.equal(signedKey.getKeyId().toHex());
|
||||||
expect(signatures[1].valid).to.be.true;
|
expect(signatures[1].valid).to.be.true;
|
||||||
expect(signatures[1].keyid.toHex()).to.equal(signerKey.primaryKey.getKeyId().toHex());
|
expect(signatures[1].keyid.toHex()).to.equal(signerKey.getKeyId().toHex());
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -123,7 +123,7 @@ describe('X25519 Cryptography', function () {
|
||||||
expect(pub).to.exist;
|
expect(pub).to.exist;
|
||||||
expect(pub.err).to.not.exist;
|
expect(pub.err).to.not.exist;
|
||||||
expect(pub.keys).to.have.length(1);
|
expect(pub.keys).to.have.length(1);
|
||||||
expect(pub.keys[0].primaryKey.getKeyId().toHex()).to.equal(data[name].id);
|
expect(pub.keys[0].getKeyId().toHex()).to.equal(data[name].id);
|
||||||
data[name].pub_key = pub.keys[0];
|
data[name].pub_key = pub.keys[0];
|
||||||
return data[name].pub_key;
|
return data[name].pub_key;
|
||||||
}
|
}
|
||||||
|
|
@ -136,7 +136,7 @@ describe('X25519 Cryptography', function () {
|
||||||
expect(pk).to.exist;
|
expect(pk).to.exist;
|
||||||
expect(pk.err).to.not.exist;
|
expect(pk.err).to.not.exist;
|
||||||
expect(pk.keys).to.have.length(1);
|
expect(pk.keys).to.have.length(1);
|
||||||
expect(pk.keys[0].primaryKey.getKeyId().toHex()).to.equal(data[name].id);
|
expect(pk.keys[0].getKeyId().toHex()).to.equal(data[name].id);
|
||||||
expect(await pk.keys[0].decrypt(data[name].pass)).to.be.true;
|
expect(await pk.keys[0].decrypt(data[name].pass)).to.be.true;
|
||||||
data[name].priv_key = pk.keys[0];
|
data[name].priv_key = pk.keys[0];
|
||||||
return data[name].priv_key;
|
return data[name].priv_key;
|
||||||
|
|
@ -227,15 +227,15 @@ describe('X25519 Cryptography', function () {
|
||||||
expect(firstKey.key).to.exist;
|
expect(firstKey.key).to.exist;
|
||||||
expect(firstKey.key.primaryKey).to.exist;
|
expect(firstKey.key.primaryKey).to.exist;
|
||||||
expect(firstKey.key.subKeys).to.have.length(1);
|
expect(firstKey.key.subKeys).to.have.length(1);
|
||||||
expect(firstKey.key.subKeys[0].subKey).to.exist;
|
expect(firstKey.key.subKeys[0].keyPacket).to.exist;
|
||||||
|
|
||||||
const hi = firstKey.key;
|
const hi = firstKey.key;
|
||||||
const primaryKey = hi.primaryKey;
|
const primaryKey = hi.primaryKey;
|
||||||
const subKey = hi.subKeys[0].subKey;
|
const subKey = hi.subKeys[0];
|
||||||
expect(primaryKey.params[0].getName()).to.equal("ed25519");
|
expect(hi.getAlgorithmInfo().curve).to.equal('ed25519');
|
||||||
expect(primaryKey.algorithm).to.equal('eddsa');
|
expect(hi.getAlgorithmInfo().algorithm).to.equal('eddsa');
|
||||||
expect(subKey.params[0].getName()).to.equal('curve25519');
|
expect(subKey.getAlgorithmInfo().curve).to.equal('curve25519');
|
||||||
expect(subKey.algorithm).to.equal('ecdh');
|
expect(subKey.getAlgorithmInfo().algorithm).to.equal('ecdh');
|
||||||
|
|
||||||
// Self Certificate is valid
|
// Self Certificate is valid
|
||||||
const user = hi.users[0];
|
const user = hi.users[0];
|
||||||
|
|
@ -252,10 +252,10 @@ describe('X25519 Cryptography', function () {
|
||||||
};
|
};
|
||||||
return openpgp.generateKey(options).then(async function (secondKey) {
|
return openpgp.generateKey(options).then(async function (secondKey) {
|
||||||
const bye = secondKey.key;
|
const bye = secondKey.key;
|
||||||
expect(bye.primaryKey.params[0].getName()).to.equal('ed25519');
|
expect(bye.getAlgorithmInfo().curve).to.equal('ed25519');
|
||||||
expect(bye.primaryKey.algorithm).to.equal('eddsa');
|
expect(bye.getAlgorithmInfo().algorithm).to.equal('eddsa');
|
||||||
expect(bye.subKeys[0].subKey.params[0].getName()).to.equal('curve25519');
|
expect(bye.subKeys[0].getAlgorithmInfo().curve).to.equal('curve25519');
|
||||||
expect(bye.subKeys[0].subKey.algorithm).to.equal('ecdh');
|
expect(bye.subKeys[0].getAlgorithmInfo().algorithm).to.equal('ecdh');
|
||||||
|
|
||||||
// Self Certificate is valid
|
// Self Certificate is valid
|
||||||
const user = bye.users[0];
|
const user = bye.users[0];
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user