Update V5 key hashing for signatures to rfc4880bis-07
This commit is contained in:
Daniel Huigens
parent
c8729a0295
commit
8312399f9d
|
|
@ -169,11 +169,14 @@ PublicKey.prototype.write = function () {
|
|||
PublicKey.prototype.writePublicKey = PublicKey.prototype.write;
|
||||
|
||||
/**
|
||||
* Write an old version packet - it's used by some of the internal routines.
|
||||
* Write packet in order to be hashed; either for a signature or a fingerprint.
|
||||
*/
|
||||
PublicKey.prototype.writeOld = function () {
|
||||
PublicKey.prototype.writeForHash = function (version) {
|
||||
const bytes = this.writePublicKey();
|
||||
|
||||
if (version === 5) {
|
||||
return util.concatUint8Array([new Uint8Array([0x9A]), util.writeNumber(bytes.length, 4), bytes]);
|
||||
}
|
||||
return util.concatUint8Array([new Uint8Array([0x99]), util.writeNumber(bytes.length, 2), bytes]);
|
||||
};
|
||||
|
||||
|
|
@ -218,13 +221,10 @@ PublicKey.prototype.getFingerprintBytes = function () {
|
|||
if (this.fingerprint) {
|
||||
return this.fingerprint;
|
||||
}
|
||||
let toHash;
|
||||
const toHash = this.writeForHash(this.version);
|
||||
if (this.version === 5) {
|
||||
const bytes = this.writePublicKey();
|
||||
toHash = util.concatUint8Array([new Uint8Array([0x9A]), util.writeNumber(bytes.length, 4), bytes]);
|
||||
this.fingerprint = Sha256.bytes(toHash);
|
||||
} else if (this.version === 4) {
|
||||
toHash = this.writeOld();
|
||||
this.fingerprint = Sha1.bytes(toHash);
|
||||
}
|
||||
return this.fingerprint;
|
||||
|
|
|
|||
|
|
@ -618,7 +618,7 @@ Signature.prototype.toSign = function (type, data) {
|
|||
if (data.key === undefined) {
|
||||
throw new Error('Key packet is required for this signature.');
|
||||
}
|
||||
return data.key.writeOld();
|
||||
return data.key.writeForHash(this.version);
|
||||
|
||||
case t.key_revocation:
|
||||
return this.toSign(t.key, data);
|
||||
|
|
|
|||
|
|
@ -1644,6 +1644,23 @@ iCzXvu4VCEMxMYOkOV4857v958DC7Z7W6BYEYpa9DP0O2zAwDmhu/kRFfKVQ
|
|||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
`;
|
||||
|
||||
const v5_sample_key = `-----BEGIN PGP PRIVATE KEY BLOCK-----
|
||||
|
||||
lGEFXJH05BYAAAAtCSsGAQQB2kcPAQEHQFhZlVcVVtwf+21xNQPX+ecMJJBL0MPd
|
||||
fj75iux+my8QAAAAAAAiAQCHZ1SnSUmWqxEsoI6facIVZQu6mph3cBFzzTvcm5lA
|
||||
Ng5ctBhlbW1hLmdvbGRtYW5AZXhhbXBsZS5uZXSIlgUTFggASCIhBRk0e8mHJGQC
|
||||
X5nfPsLgAA7ZiEiS4fez6kyUAJFZVptUBQJckfTkAhsDBQsJCAcCAyICAQYVCgkI
|
||||
CwIEFgIDAQIeBwIXgAAA9cAA/jiR3yMsZMeEQ40u6uzEoXa6UXeV/S3wwJAXRJy9
|
||||
M8s0AP9vuL/7AyTfFXwwzSjDnYmzS0qAhbLDQ643N+MXGBJ2BZxmBVyR9OQSAAAA
|
||||
MgorBgEEAZdVAQUBAQdA+nysrzml2UCweAqtpDuncSPlvrcBWKU0yfU0YvYWWAoD
|
||||
AQgHAAAAAAAiAP9OdAPppjU1WwpqjIItkxr+VPQRT8Zm/Riw7U3F6v3OiBFHiHoF
|
||||
GBYIACwiIQUZNHvJhyRkAl+Z3z7C4AAO2YhIkuH3s+pMlACRWVabVAUCXJH05AIb
|
||||
DAAAOSQBAP4BOOIR/sGLNMOfeb5fPs/02QMieoiSjIBnijhob2U5AQC+RtOHCHx7
|
||||
TcIYl5/Uyoi+FOvPLcNw4hOv2nwUzSSVAw==
|
||||
=IiS2
|
||||
-----END PGP PRIVATE KEY BLOCK-----
|
||||
`;
|
||||
|
||||
function versionSpecificTests() {
|
||||
it('Preferences of generated key', function() {
|
||||
const testPref = function(key) {
|
||||
|
|
@ -2162,6 +2179,18 @@ function versionSpecificTests() {
|
|||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Parses V5 sample key', async function() {
|
||||
// sec ed25519 2019-03-20 [SC]
|
||||
// 19347BC9872464025F99DF3EC2E0000ED9884892E1F7B3EA4C94009159569B54
|
||||
// uid emma.goldman@example.net
|
||||
// ssb cv25519 2019-03-20 [E]
|
||||
// E4557C2B02FFBF4B04F87401EC336AF7133D0F85BE7FD09BAEFD9CAEB8C93965
|
||||
const { keys: [key] } = await openpgp.key.readArmored(v5_sample_key);
|
||||
expect(key.primaryKey.getFingerprint()).to.equal('19347bc9872464025f99df3ec2e0000ed9884892e1f7b3ea4c94009159569b54');
|
||||
expect(key.subKeys[0].getFingerprint()).to.equal('e4557c2b02ffbf4b04f87401ec336af7133d0f85be7fd09baefd9caeb8c93965');
|
||||
expect(await key.verifyPrimaryKey()).to.equal(openpgp.enums.keyStatus.valid);
|
||||
});
|
||||
}
|
||||
|
||||
describe('Key', function() {
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user