suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Only consider most recent user self certification

Browse Source
This commit is contained in:
Daniel Huigens 2018-04-18 14:15:34 +02:00
parent 122d526f49
commit 39c7374d70
1 changed files with 20 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
src/key.js
View File

@ -528,29 +528,27 @@ Key.prototype.getValidUsers = async function(date=new Date(), allowExpired=false
return;
}
const dataToVerify = { userid: user.userId , key: primaryKey };
for (let j = 0; j < user.selfCertifications.length; j++) {
const cert = user.selfCertifications[j];
// skip if certificate is not the most recent
if ((cert.isPrimaryUserID && cert.isPrimaryUserID < lastPrimaryUserID) ||
(!lastPrimaryUserID && cert.created < lastCreated)) {
continue;
}
// skip if certificates is invalid, revoked, or expired
// eslint-disable-next-line no-await-in-loop
if (!(cert.verified || await cert.verify(primaryKey, dataToVerify))) {
continue;
}
// eslint-disable-next-line no-await-in-loop
if (cert.revoked || await user.isRevoked(primaryKey, cert, null, date)) {
continue;
}
if (!allowExpired && cert.isExpired(date)) {
continue;
}
lastPrimaryUserID = cert.isPrimaryUserID;
lastCreated = cert.created;
validUsers.push({ index: i, user: user, selfCertification: cert });
const cert = getLatestSignature(user.selfCertifications);
// skip if certificate is not the most recent
if ((cert.isPrimaryUserID && cert.isPrimaryUserID < lastPrimaryUserID) ||
(!lastPrimaryUserID && cert.created < lastCreated)) {
continue;
}
// skip if certificates is invalid, revoked, or expired
// eslint-disable-next-line no-await-in-loop
if (!(cert.verified || await cert.verify(primaryKey, dataToVerify))) {
continue;
}
// eslint-disable-next-line no-await-in-loop
if (cert.revoked || await user.isRevoked(primaryKey, cert, null, date)) {
continue;
}
if (!allowExpired && cert.isExpired(date)) {
continue;
}
lastPrimaryUserID = cert.isPrimaryUserID;
lastCreated = cert.created;
validUsers.push({ index: i, user: user, selfCertification: cert });
}
return validUsers;
};