Update V5 key hashing for signatures to rfc4880bis-07

2019-06-07 17:10:39 +02:00 · 2019-06-07 17:10:39 +02:00 · 8312399f9d
commit 8312399f9d
parent c8729a0295
3 changed files with 36 additions and 7 deletions
--- a/src/packet/public_key.js
+++ b/src/packet/public_key.js
@ -169,11 +169,14 @@ PublicKey.prototype.write = function () {
 PublicKey.prototype.writePublicKey = PublicKey.prototype.write;
 /**
- * Write an old version packet - it's used by some of the internal routines.
+ * Write packet in order to be hashed; either for a signature or a fingerprint.
 */
-PublicKey.prototype.writeOld = function () {
+PublicKey.prototype.writeForHash = function (version) {
  const bytes = this.writePublicKey();
  if (version === 5) {
    return util.concatUint8Array([new Uint8Array([0x9A]), util.writeNumber(bytes.length, 4), bytes]);
  }
  return util.concatUint8Array([new Uint8Array([0x99]), util.writeNumber(bytes.length, 2), bytes]);
 };
@ -218,13 +221,10 @@ PublicKey.prototype.getFingerprintBytes = function () {
  if (this.fingerprint) {
    return this.fingerprint;
  }
-  let toHash;
+  const toHash = this.writeForHash(this.version);
  if (this.version === 5) {
    const bytes = this.writePublicKey();
    toHash = util.concatUint8Array([new Uint8Array([0x9A]), util.writeNumber(bytes.length, 4), bytes]);
    this.fingerprint = Sha256.bytes(toHash);
  } else if (this.version === 4) {
    toHash = this.writeOld();
    this.fingerprint = Sha1.bytes(toHash);
  }
  return this.fingerprint;
--- a/src/packet/signature.js
+++ b/src/packet/signature.js
@ -618,7 +618,7 @@ Signature.prototype.toSign = function (type, data) {
      if (data.key === undefined) {
        throw new Error('Key packet is required for this signature.');
      }
-      return data.key.writeOld();
+      return data.key.writeForHash(this.version);
    case t.key_revocation:
      return this.toSign(t.key, data);
--- a/test/general/key.js
+++ b/test/general/key.js
@ -1644,6 +1644,23 @@ iCzXvu4VCEMxMYOkOV4857v958DC7Z7W6BYEYpa9DP0O2zAwDmhu/kRFfKVQ
 -----END PGP PUBLIC KEY BLOCK-----
 `;
 const v5_sample_key = `-----BEGIN PGP PRIVATE KEY BLOCK-----
 lGEFXJH05BYAAAAtCSsGAQQB2kcPAQEHQFhZlVcVVtwf+21xNQPX+ecMJJBL0MPd
 fj75iux+my8QAAAAAAAiAQCHZ1SnSUmWqxEsoI6facIVZQu6mph3cBFzzTvcm5lA
 Ng5ctBhlbW1hLmdvbGRtYW5AZXhhbXBsZS5uZXSIlgUTFggASCIhBRk0e8mHJGQC
 X5nfPsLgAA7ZiEiS4fez6kyUAJFZVptUBQJckfTkAhsDBQsJCAcCAyICAQYVCgkI
 CwIEFgIDAQIeBwIXgAAA9cAA/jiR3yMsZMeEQ40u6uzEoXa6UXeV/S3wwJAXRJy9
 M8s0AP9vuL/7AyTfFXwwzSjDnYmzS0qAhbLDQ643N+MXGBJ2BZxmBVyR9OQSAAAA
 MgorBgEEAZdVAQUBAQdA+nysrzml2UCweAqtpDuncSPlvrcBWKU0yfU0YvYWWAoD
 AQgHAAAAAAAiAP9OdAPppjU1WwpqjIItkxr+VPQRT8Zm/Riw7U3F6v3OiBFHiHoF
 GBYIACwiIQUZNHvJhyRkAl+Z3z7C4AAO2YhIkuH3s+pMlACRWVabVAUCXJH05AIb
 DAAAOSQBAP4BOOIR/sGLNMOfeb5fPs/02QMieoiSjIBnijhob2U5AQC+RtOHCHx7
 TcIYl5/Uyoi+FOvPLcNw4hOv2nwUzSSVAw==
 =IiS2
 -----END PGP PRIVATE KEY BLOCK-----
 `;
 function versionSpecificTests() {
  it('Preferences of generated key', function() {
    const testPref = function(key) {
@ -2162,6 +2179,18 @@ function versionSpecificTests() {
      });
    });
  });
  it('Parses V5 sample key', async function() {
    // sec   ed25519 2019-03-20 [SC]
    //       19347BC9872464025F99DF3EC2E0000ED9884892E1F7B3EA4C94009159569B54
    // uid                      emma.goldman@example.net
    // ssb   cv25519 2019-03-20 [E]
    //       E4557C2B02FFBF4B04F87401EC336AF7133D0F85BE7FD09BAEFD9CAEB8C93965
    const { keys: [key] } = await openpgp.key.readArmored(v5_sample_key);
    expect(key.primaryKey.getFingerprint()).to.equal('19347bc9872464025f99df3ec2e0000ed9884892e1f7b3ea4c94009159569b54');
    expect(key.subKeys[0].getFingerprint()).to.equal('e4557c2b02ffbf4b04f87401ec336af7133d0f85be7fd09baefd9caeb8c93965');
    expect(await key.verifyPrimaryKey()).to.equal(openpgp.enums.keyStatus.valid);
  });
 }
 describe('Key', function() {