Check signature public key algorithm against issuer key algorithm

2018-12-11 18:11:10 +01:00 · 2018-12-11 18:11:10 +01:00 · 8720adcf65
commit 8720adcf65
parent 3b9676f2e9
3 changed files with 12 additions and 0 deletions
--- a/src/packet/public_key.js
+++ b/src/packet/public_key.js
@ -62,6 +62,11 @@ function PublicKey(date=new Date()) {
   * @type {Date}
   */
  this.created = util.normalizeDate(date);
+  /**
+   * Public key algorithm.
+   * @type {String}
+   */
+  this.algorithm = null;
  /**
   * Algorithm specific params
   * @type {Array<Object>}
--- a/src/packet/public_key_encrypted_session_key.js
+++ b/src/packet/public_key_encrypted_session_key.js
@ -52,7 +52,10 @@ function PublicKeyEncryptedSessionKey() {
  this.version = 3;

  this.publicKeyId = new type_keyid();
+  this.publicKeyAlgorithm = null;
+
  this.sessionKey = null;
+  this.sessionKeyAlgorithm = null;

  /** @type {Array<module:type/mpi>} */
  this.encrypted = [];
--- a/src/packet/signature.js
+++ b/src/packet/signature.js
@ -666,6 +666,10 @@ Signature.prototype.verify = async function (key, signatureType, data) {
  const publicKeyAlgorithm = enums.write(enums.publicKey, this.publicKeyAlgorithm);
  const hashAlgorithm = enums.write(enums.hash, this.hashAlgorithm);

+  if (publicKeyAlgorithm !== enums.write(enums.publicKey, key.algorithm)) {
+    throw new Error('Public key algorithm used to sign signature does not match issuer key algorithm.');
+  }
+
  let toHash;
  let hash;
  if (this.hashed) {