Remove getEncryptionKeyPacket and getSigningKeyPacket
Also, rename subKey.subKey to keyPacket and alias key.primaryKey as keyPacket.
This commit is contained in:
Daniel Huigens
parent
a49276a158
commit
8cfe817b18
160
src/key.js
160
src/key.js
|
|
@ -43,17 +43,25 @@ export function Key(packetlist) {
|
|||
return new Key(packetlist);
|
||||
}
|
||||
// same data as in packetlist but in structured form
|
||||
this.primaryKey = null;
|
||||
this.keyPacket = null;
|
||||
this.revocationSignatures = [];
|
||||
this.directSignatures = [];
|
||||
this.users = [];
|
||||
this.subKeys = [];
|
||||
this.packetlist2structure(packetlist);
|
||||
if (!this.primaryKey || !this.users.length) {
|
||||
if (!this.keyPacket || !this.users.length) {
|
||||
throw new Error('Invalid key: need at least key and user ID packet');
|
||||
}
|
||||
}
|
||||
|
||||
Object.defineProperty(Key.prototype, 'primaryKey', {
|
||||
get() {
|
||||
return this.keyPacket;
|
||||
},
|
||||
configurable: true,
|
||||
enumerable: true
|
||||
});
|
||||
|
||||
/**
|
||||
* Transforms packetlist to structured key data
|
||||
* @param {module:packet.List} packetlist The packets that form a key
|
||||
|
|
@ -66,8 +74,8 @@ Key.prototype.packetlist2structure = function(packetlist) {
|
|||
switch (packetlist[i].tag) {
|
||||
case enums.packet.publicKey:
|
||||
case enums.packet.secretKey:
|
||||
this.primaryKey = packetlist[i];
|
||||
primaryKeyId = this.primaryKey.getKeyId();
|
||||
this.keyPacket = packetlist[i];
|
||||
primaryKeyId = this.keyPacket.getKeyId();
|
||||
break;
|
||||
case enums.packet.userid:
|
||||
case enums.packet.userAttribute:
|
||||
|
|
@ -135,7 +143,7 @@ Key.prototype.packetlist2structure = function(packetlist) {
|
|||
*/
|
||||
Key.prototype.toPacketlist = function() {
|
||||
const packetlist = new packet.List();
|
||||
packetlist.push(this.primaryKey);
|
||||
packetlist.push(this.keyPacket);
|
||||
packetlist.concat(this.revocationSignatures);
|
||||
packetlist.concat(this.directSignatures);
|
||||
this.users.map(user => packetlist.concat(user.toPacketlist()));
|
||||
|
|
@ -152,8 +160,8 @@ Key.prototype.toPacketlist = function() {
|
|||
Key.prototype.getSubkeyPackets = function(keyId=null) {
|
||||
const packets = new packet.List();
|
||||
this.subKeys.forEach(subKey => {
|
||||
if (!keyId || subKey.subKey.getKeyId().equals(keyId, true)) {
|
||||
packets.push(subKey.subKey);
|
||||
if (!keyId || subKey.keyPacket.getKeyId().equals(keyId, true)) {
|
||||
packets.push(subKey.keyPacket);
|
||||
}
|
||||
});
|
||||
return packets;
|
||||
|
|
@ -167,8 +175,8 @@ Key.prototype.getSubkeyPackets = function(keyId=null) {
|
|||
*/
|
||||
Key.prototype.getKeyPackets = function(keyId=null) {
|
||||
const packets = new packet.List();
|
||||
if (!keyId || this.primaryKey.getKeyId().equals(keyId, true)) {
|
||||
packets.push(this.primaryKey);
|
||||
if (!keyId || this.keyPacket.getKeyId().equals(keyId, true)) {
|
||||
packets.push(this.keyPacket);
|
||||
}
|
||||
packets.concat(this.getSubkeyPackets(keyId));
|
||||
return packets;
|
||||
|
|
@ -197,7 +205,7 @@ Key.prototype.getUserIds = function() {
|
|||
* @returns {Boolean}
|
||||
*/
|
||||
Key.prototype.isPublic = function() {
|
||||
return this.primaryKey.tag === enums.packet.publicKey;
|
||||
return this.keyPacket.tag === enums.packet.publicKey;
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
@ -205,7 +213,7 @@ Key.prototype.isPublic = function() {
|
|||
* @returns {Boolean}
|
||||
*/
|
||||
Key.prototype.isPrivate = function() {
|
||||
return this.primaryKey.tag === enums.packet.secretKey;
|
||||
return this.keyPacket.tag === enums.packet.secretKey;
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
@ -284,15 +292,15 @@ function isValidSigningKeyPacket(keyPacket, signature, date=new Date()) {
|
|||
* @async
|
||||
*/
|
||||
Key.prototype.getSigningKey = async function (keyId=null, date=new Date(), userId={}) {
|
||||
const primaryKey = this.primaryKey;
|
||||
const primaryKey = this.keyPacket;
|
||||
if (await this.verifyPrimaryKey(date, userId) === enums.keyStatus.valid) {
|
||||
const subKeys = this.subKeys.slice().sort((a, b) => b.created - a.created);
|
||||
for (let i = 0; i < subKeys.length; i++) {
|
||||
if (!keyId || subKeys[i].subKey.getKeyId().equals(keyId)) {
|
||||
if (!keyId || subKeys[i].keyPacket.getKeyId().equals(keyId)) {
|
||||
// eslint-disable-next-line no-await-in-loop
|
||||
if (await subKeys[i].verify(primaryKey, date) === enums.keyStatus.valid) {
|
||||
const bindingSignature = getLatestSignature(subKeys[i].bindingSignatures, date);
|
||||
if (isValidSigningKeyPacket(subKeys[i].subKey, bindingSignature, date)) {
|
||||
if (isValidSigningKeyPacket(subKeys[i].keyPacket, bindingSignature, date)) {
|
||||
return subKeys[i];
|
||||
}
|
||||
}
|
||||
|
|
@ -307,20 +315,6 @@ Key.prototype.getSigningKey = async function (keyId=null, date=new Date(), userI
|
|||
return null;
|
||||
};
|
||||
|
||||
/**
|
||||
* Returns last created key packet or key packet by given keyId that is available for signing and verification
|
||||
* @param {module:type/keyid} keyId, optional
|
||||
* @param {Date} date use the given date for verification instead of the current time
|
||||
* @param {Object} userId, optional user ID
|
||||
* @returns {Promise<module:packet.SecretSubkey|
|
||||
* module:packet.SecretKey|null>} key packet or null if no signing key has been found
|
||||
* @async
|
||||
*/
|
||||
Key.prototype.getSigningKeyPacket = async function (keyId=null, date=new Date(), userId={}) {
|
||||
const signingKey = await this.getSigningKey(keyId, date, userId);
|
||||
return signingKey && (signingKey.subKey || signingKey.primaryKey);
|
||||
};
|
||||
|
||||
function isValidEncryptionKeyPacket(keyPacket, signature, date=new Date()) {
|
||||
return keyPacket.algorithm !== enums.read(enums.publicKey, enums.publicKey.dsa) &&
|
||||
keyPacket.algorithm !== enums.read(enums.publicKey, enums.publicKey.rsa_sign) &&
|
||||
|
|
@ -342,17 +336,17 @@ function isValidEncryptionKeyPacket(keyPacket, signature, date=new Date()) {
|
|||
* @async
|
||||
*/
|
||||
Key.prototype.getEncryptionKey = async function(keyId, date=new Date(), userId={}) {
|
||||
const primaryKey = this.primaryKey;
|
||||
const primaryKey = this.keyPacket;
|
||||
if (await this.verifyPrimaryKey(date, userId) === enums.keyStatus.valid) {
|
||||
// V4: by convention subkeys are preferred for encryption service
|
||||
// V3: keys MUST NOT have subkeys
|
||||
const subKeys = this.subKeys.slice().sort((a, b) => b.created - a.created);
|
||||
for (let i = 0; i < subKeys.length; i++) {
|
||||
if (!keyId || subKeys[i].subKey.getKeyId().equals(keyId)) {
|
||||
if (!keyId || subKeys[i].keyPacket.getKeyId().equals(keyId)) {
|
||||
// eslint-disable-next-line no-await-in-loop
|
||||
if (await subKeys[i].verify(primaryKey, date) === enums.keyStatus.valid) {
|
||||
const bindingSignature = getLatestSignature(subKeys[i].bindingSignatures, date);
|
||||
if (isValidEncryptionKeyPacket(subKeys[i].subKey, bindingSignature, date)) {
|
||||
if (isValidEncryptionKeyPacket(subKeys[i].keyPacket, bindingSignature, date)) {
|
||||
return subKeys[i];
|
||||
}
|
||||
}
|
||||
|
|
@ -368,22 +362,6 @@ Key.prototype.getEncryptionKey = async function(keyId, date=new Date(), userId={
|
|||
return null;
|
||||
};
|
||||
|
||||
/**
|
||||
* Returns last created key packet or key packet by given keyId that is available for encryption or decryption
|
||||
* @param {module:type/keyid} keyId, optional
|
||||
* @param {Date} date, optional
|
||||
* @param {String} userId, optional
|
||||
* @returns {Promise<module:packet.PublicSubkey|
|
||||
* module:packet.SecretSubkey|
|
||||
* module:packet.SecretKey|
|
||||
* module:packet.PublicKey|null>} key packet or null if no encryption key has been found
|
||||
* @async
|
||||
*/
|
||||
Key.prototype.getEncryptionKeyPacket = async function(keyId, date=new Date(), userId={}) {
|
||||
const encryptionKey = await this.getEncryptionKey(keyId, date, userId);
|
||||
return encryptionKey && (encryptionKey.subKey || encryptionKey.primaryKey);
|
||||
};
|
||||
|
||||
/**
|
||||
* Encrypts all secret key and subkey packets matching keyId
|
||||
* @param {String|Array<String>} passphrases - if multiple passphrases, then should be in same order as packets each should encrypt
|
||||
|
|
@ -455,7 +433,7 @@ Key.prototype.decrypt = async function(passphrases, keyId=null) {
|
|||
*/
|
||||
Key.prototype.isRevoked = async function(signature, key, date=new Date()) {
|
||||
return isDataRevoked(
|
||||
this.primaryKey, { key: this.primaryKey }, this.revocationSignatures, signature, key, date
|
||||
this.keyPacket, { key: this.keyPacket }, this.revocationSignatures, signature, key, date
|
||||
);
|
||||
};
|
||||
|
||||
|
|
@ -468,7 +446,7 @@ Key.prototype.isRevoked = async function(signature, key, date=new Date()) {
|
|||
* @async
|
||||
*/
|
||||
Key.prototype.verifyPrimaryKey = async function(date=new Date(), userId={}) {
|
||||
const primaryKey = this.primaryKey;
|
||||
const primaryKey = this.keyPacket;
|
||||
// check for key revocation signatures
|
||||
if (await this.isRevoked(null, null, date)) {
|
||||
return enums.keyStatus.revoked;
|
||||
|
|
@ -501,13 +479,13 @@ Key.prototype.verifyPrimaryKey = async function(date=new Date(), userId={}) {
|
|||
* @async
|
||||
*/
|
||||
Key.prototype.getExpirationTime = async function(capabilities, keyId, userId) {
|
||||
if (this.primaryKey.version === 3) {
|
||||
return getExpirationTime(this.primaryKey);
|
||||
if (this.keyPacket.version === 3) {
|
||||
return getExpirationTime(this.keyPacket);
|
||||
}
|
||||
if (this.primaryKey.version >= 4) {
|
||||
if (this.keyPacket.version >= 4) {
|
||||
const primaryUser = await this.getPrimaryUser(null);
|
||||
const selfCert = primaryUser.selfCertification;
|
||||
const keyExpiry = getExpirationTime(this.primaryKey, selfCert);
|
||||
const keyExpiry = getExpirationTime(this.keyPacket, selfCert);
|
||||
const sigExpiry = selfCert.getExpirationTime();
|
||||
let expiry = keyExpiry < sigExpiry ? keyExpiry : sigExpiry;
|
||||
if (capabilities === 'encrypt' || capabilities === 'encrypt_sign') {
|
||||
|
|
@ -557,7 +535,7 @@ Key.prototype.getPrimaryUser = async function(date=new Date(), userId={}) {
|
|||
return A.isPrimaryUserID - B.isPrimaryUserID || A.created - B.created;
|
||||
}).pop();
|
||||
const { user, selfCertification: cert } = primaryUser;
|
||||
const { primaryKey } = this;
|
||||
const primaryKey = this.keyPacket;
|
||||
const dataToVerify = { userid: user.userId , key: primaryKey };
|
||||
// skip if certificates is invalid, revoked, or expired
|
||||
// eslint-disable-next-line no-await-in-loop
|
||||
|
|
@ -587,7 +565,7 @@ Key.prototype.update = async function(key) {
|
|||
if (await key.verifyPrimaryKey() === enums.keyStatus.invalid) {
|
||||
return;
|
||||
}
|
||||
if (this.primaryKey.getFingerprint() !== key.primaryKey.getFingerprint()) {
|
||||
if (this.keyPacket.getFingerprint() !== key.keyPacket.getFingerprint()) {
|
||||
throw new Error('Key update method: fingerprints of keys not equal');
|
||||
}
|
||||
if (this.isPublic() && key.isPrivate()) {
|
||||
|
|
@ -595,17 +573,17 @@ Key.prototype.update = async function(key) {
|
|||
const equal = (this.subKeys.length === key.subKeys.length) &&
|
||||
(this.subKeys.every(destSubKey => {
|
||||
return key.subKeys.some(srcSubKey => {
|
||||
return destSubKey.subKey.getFingerprint() === srcSubKey.subKey.getFingerprint();
|
||||
return destSubKey.keyPacket.getFingerprint() === srcSubKey.keyPacket.getFingerprint();
|
||||
});
|
||||
}));
|
||||
if (!equal) {
|
||||
throw new Error('Cannot update public key with private key if subkey mismatch');
|
||||
}
|
||||
this.primaryKey = key.primaryKey;
|
||||
this.keyPacket = key.keyPacket;
|
||||
}
|
||||
// revocation signatures
|
||||
await mergeSignatures(key, this, 'revocationSignatures', srcRevSig => {
|
||||
return isDataRevoked(this.primaryKey, this, [srcRevSig], null, key.primaryKey);
|
||||
return isDataRevoked(this.keyPacket, this, [srcRevSig], null, key.keyPacket);
|
||||
});
|
||||
// direct signatures
|
||||
await mergeSignatures(key, this, 'directSignatures');
|
||||
|
|
@ -617,7 +595,7 @@ Key.prototype.update = async function(key) {
|
|||
if ((srcUser.userId && dstUser.userId &&
|
||||
(srcUser.userId.userid === dstUser.userId.userid)) ||
|
||||
(srcUser.userAttribute && (srcUser.userAttribute.equals(dstUser.userAttribute)))) {
|
||||
await dstUser.update(srcUser, this.primaryKey);
|
||||
await dstUser.update(srcUser, this.keyPacket);
|
||||
found = true;
|
||||
}
|
||||
}));
|
||||
|
|
@ -630,8 +608,8 @@ Key.prototype.update = async function(key) {
|
|||
await Promise.all(key.subKeys.map(async srcSubKey => {
|
||||
let found = false;
|
||||
await Promise.all(this.subKeys.map(async dstSubKey => {
|
||||
if (srcSubKey.subKey.getFingerprint() === dstSubKey.subKey.getFingerprint()) {
|
||||
await dstSubKey.update(srcSubKey, this.primaryKey);
|
||||
if (srcSubKey.keyPacket.getFingerprint() === dstSubKey.keyPacket.getFingerprint()) {
|
||||
await dstSubKey.update(srcSubKey, this.keyPacket);
|
||||
found = true;
|
||||
}
|
||||
}));
|
||||
|
|
@ -682,9 +660,9 @@ Key.prototype.revoke = async function({
|
|||
if (this.isPublic()) {
|
||||
throw new Error('Need private key for revoking');
|
||||
}
|
||||
const dataToSign = { key: this.primaryKey };
|
||||
const dataToSign = { key: this.keyPacket };
|
||||
const key = new Key(this.toPacketlist());
|
||||
key.revocationSignatures.push(await createSignaturePacket(dataToSign, null, this.primaryKey, {
|
||||
key.revocationSignatures.push(await createSignaturePacket(dataToSign, null, this.keyPacket, {
|
||||
signatureType: enums.signature.key_revocation,
|
||||
reasonForRevocationFlag: enums.write(enums.reasonForRevocation, reasonForRevocationFlag),
|
||||
reasonForRevocationString
|
||||
|
|
@ -720,13 +698,13 @@ Key.prototype.applyRevocationCertificate = async function(revocationCertificate)
|
|||
if (!revocationSignature || revocationSignature.signatureType !== enums.signature.key_revocation) {
|
||||
throw new Error('Could not find revocation signature packet');
|
||||
}
|
||||
if (!revocationSignature.issuerKeyId.equals(this.primaryKey.getKeyId())) {
|
||||
if (!revocationSignature.issuerKeyId.equals(this.keyPacket.getKeyId())) {
|
||||
throw new Error('Revocation signature does not match key');
|
||||
}
|
||||
if (revocationSignature.isExpired()) {
|
||||
throw new Error('Revocation signature is expired');
|
||||
}
|
||||
if (!await revocationSignature.verify(this.primaryKey, { key: this.primaryKey })) {
|
||||
if (!await revocationSignature.verify(this.keyPacket, { key: this.keyPacket })) {
|
||||
throw new Error('Could not verify revocation signature');
|
||||
}
|
||||
const key = new Key(this.toPacketlist());
|
||||
|
|
@ -745,7 +723,7 @@ Key.prototype.signPrimaryUser = async function(privateKeys) {
|
|||
if (!user) {
|
||||
throw new Error('Could not find primary user');
|
||||
}
|
||||
const userSign = await user.sign(this.primaryKey, privateKeys);
|
||||
const userSign = await user.sign(this.keyPacket, privateKeys);
|
||||
const key = new Key(this.toPacketlist());
|
||||
key.users[index] = userSign;
|
||||
return key;
|
||||
|
|
@ -761,7 +739,7 @@ Key.prototype.signAllUsers = async function(privateKeys) {
|
|||
const that = this;
|
||||
const key = new Key(this.toPacketlist());
|
||||
key.users = await Promise.all(this.users.map(function(user) {
|
||||
return user.sign(that.primaryKey, privateKeys);
|
||||
return user.sign(that.keyPacket, privateKeys);
|
||||
}));
|
||||
return key;
|
||||
};
|
||||
|
|
@ -776,7 +754,7 @@ Key.prototype.signAllUsers = async function(privateKeys) {
|
|||
* @async
|
||||
*/
|
||||
Key.prototype.verifyPrimaryUser = async function(keys) {
|
||||
const primaryKey = this.primaryKey;
|
||||
const primaryKey = this.keyPacket;
|
||||
const { user } = await this.getPrimaryUser() || {};
|
||||
if (!user) {
|
||||
throw new Error('Could not find primary user');
|
||||
|
|
@ -798,7 +776,7 @@ Key.prototype.verifyPrimaryUser = async function(keys) {
|
|||
*/
|
||||
Key.prototype.verifyAllUsers = async function(keys) {
|
||||
const results = [];
|
||||
const { primaryKey } = this;
|
||||
const primaryKey = this.keyPacket;
|
||||
await Promise.all(this.users.map(async function(user) {
|
||||
const signatures = keys ? await user.verifyAllCertifications(primaryKey, keys) :
|
||||
[{ keyid: primaryKey.keyid, valid: await user.verify(primaryKey) === enums.keyStatus.valid }];
|
||||
|
|
@ -856,18 +834,18 @@ User.prototype.sign = async function(primaryKey, privateKeys) {
|
|||
if (privateKey.isPublic()) {
|
||||
throw new Error('Need private key for signing');
|
||||
}
|
||||
if (privateKey.primaryKey.getFingerprint() === primaryKey.getFingerprint()) {
|
||||
if (privateKey.keyPacket.getFingerprint() === primaryKey.getFingerprint()) {
|
||||
throw new Error('Not implemented for self signing');
|
||||
}
|
||||
const signingKeyPacket = await privateKey.getSigningKeyPacket();
|
||||
if (!signingKeyPacket) {
|
||||
const signingKey = await privateKey.getSigningKey();
|
||||
if (!signingKey) {
|
||||
throw new Error('Could not find valid signing key packet in key ' +
|
||||
privateKey.primaryKey.getKeyId().toHex());
|
||||
privateKey.keyPacket.getKeyId().toHex());
|
||||
}
|
||||
if (!signingKeyPacket.isDecrypted) {
|
||||
if (!signingKey.keyPacket.isDecrypted) {
|
||||
throw new Error('Private key is not decrypted.');
|
||||
}
|
||||
return createSignaturePacket(dataToSign, privateKey, signingKeyPacket, {
|
||||
return createSignaturePacket(dataToSign, privateKey, signingKey.keyPacket, {
|
||||
// Most OpenPGP implementations use generic certification (0x10)
|
||||
signatureType: enums.signature.cert_generic,
|
||||
keyFlags: [enums.keyFlags.certify_keys | enums.keyFlags.sign_data]
|
||||
|
|
@ -937,11 +915,11 @@ User.prototype.verifyCertificate = async function(primaryKey, certificate, keys,
|
|||
const dataToVerify = { userid: this.userId || this.userAttribute, key: primaryKey };
|
||||
const results = await Promise.all(keys.map(async function(key) {
|
||||
if (!key.getKeyIds().some(id => id.equals(keyid))) { return; }
|
||||
const keyPacket = await key.getSigningKeyPacket(keyid, date);
|
||||
if (certificate.revoked || await that.isRevoked(primaryKey, certificate, keyPacket)) {
|
||||
const signingKey = await key.getSigningKey(keyid, date);
|
||||
if (certificate.revoked || await that.isRevoked(primaryKey, certificate, signingKey.keyPacket)) {
|
||||
return enums.keyStatus.revoked;
|
||||
}
|
||||
if (!(certificate.verified || await certificate.verify(keyPacket, dataToVerify))) {
|
||||
if (!(certificate.verified || await certificate.verify(signingKey.keyPacket, dataToVerify))) {
|
||||
return enums.keyStatus.invalid;
|
||||
}
|
||||
if (certificate.isExpired()) {
|
||||
|
|
@ -1033,7 +1011,7 @@ function SubKey(subKeyPacket) {
|
|||
if (!(this instanceof SubKey)) {
|
||||
return new SubKey(subKeyPacket);
|
||||
}
|
||||
this.subKey = subKeyPacket;
|
||||
this.keyPacket = subKeyPacket;
|
||||
this.bindingSignatures = [];
|
||||
this.revocationSignatures = [];
|
||||
}
|
||||
|
|
@ -1044,7 +1022,7 @@ function SubKey(subKeyPacket) {
|
|||
*/
|
||||
SubKey.prototype.toPacketlist = function() {
|
||||
const packetlist = new packet.List();
|
||||
packetlist.push(this.subKey);
|
||||
packetlist.push(this.keyPacket);
|
||||
packetlist.concat(this.revocationSignatures);
|
||||
packetlist.concat(this.bindingSignatures);
|
||||
return packetlist;
|
||||
|
|
@ -1067,7 +1045,7 @@ SubKey.prototype.isRevoked = async function(primaryKey, signature, key, date=new
|
|||
return isDataRevoked(
|
||||
primaryKey, {
|
||||
key: primaryKey,
|
||||
bind: this.subKey
|
||||
bind: this.keyPacket
|
||||
}, this.revocationSignatures, signature, key, date
|
||||
);
|
||||
};
|
||||
|
|
@ -1083,9 +1061,9 @@ SubKey.prototype.isRevoked = async function(primaryKey, signature, key, date=new
|
|||
*/
|
||||
SubKey.prototype.verify = async function(primaryKey, date=new Date()) {
|
||||
const that = this;
|
||||
const dataToVerify = { key: primaryKey, bind: this.subKey };
|
||||
const dataToVerify = { key: primaryKey, bind: this.keyPacket };
|
||||
// check for V3 expiration time
|
||||
if (this.subKey.version === 3 && isDataExpired(this.subKey, null, date)) {
|
||||
if (this.keyPacket.version === 3 && isDataExpired(this.keyPacket, null, date)) {
|
||||
return enums.keyStatus.expired;
|
||||
}
|
||||
// check subkey binding signatures
|
||||
|
|
@ -1112,7 +1090,7 @@ SubKey.prototype.verify = async function(primaryKey, date=new Date()) {
|
|||
*/
|
||||
SubKey.prototype.getExpirationTime = function(date=new Date()) {
|
||||
const bindingSignature = getLatestSignature(this.bindingSignatures, date);
|
||||
const keyExpiry = getExpirationTime(this.subKey, bindingSignature);
|
||||
const keyExpiry = getExpirationTime(this.keyPacket, bindingSignature);
|
||||
const sigExpiry = bindingSignature.getExpirationTime();
|
||||
return keyExpiry < sigExpiry ? keyExpiry : sigExpiry;
|
||||
};
|
||||
|
|
@ -1127,17 +1105,17 @@ SubKey.prototype.update = async function(subKey, primaryKey) {
|
|||
if (await subKey.verify(primaryKey) === enums.keyStatus.invalid) {
|
||||
return;
|
||||
}
|
||||
if (this.subKey.getFingerprint() !== subKey.subKey.getFingerprint()) {
|
||||
if (this.keyPacket.getFingerprint() !== subKey.keyPacket.getFingerprint()) {
|
||||
throw new Error('SubKey update method: fingerprints of subkeys not equal');
|
||||
}
|
||||
// key packet
|
||||
if (this.subKey.tag === enums.packet.publicSubkey &&
|
||||
subKey.subKey.tag === enums.packet.secretSubkey) {
|
||||
this.subKey = subKey.subKey;
|
||||
if (this.keyPacket.tag === enums.packet.publicSubkey &&
|
||||
subKey.keyPacket.tag === enums.packet.secretSubkey) {
|
||||
this.keyPacket = subKey.keyPacket;
|
||||
}
|
||||
// update missing binding signatures
|
||||
const that = this;
|
||||
const dataToVerify = { key: primaryKey, bind: that.subKey };
|
||||
const dataToVerify = { key: primaryKey, bind: that.keyPacket };
|
||||
await mergeSignatures(subKey, this, 'bindingSignatures', async function(srcBindSig) {
|
||||
if (!(srcBindSig.verified || await srcBindSig.verify(primaryKey, dataToVerify))) {
|
||||
return false;
|
||||
|
|
@ -1171,8 +1149,8 @@ SubKey.prototype.revoke = async function(primaryKey, {
|
|||
flag: reasonForRevocationFlag=enums.reasonForRevocation.no_reason,
|
||||
string: reasonForRevocationString=''
|
||||
} = {}, date=new Date()) {
|
||||
const dataToSign = { key: primaryKey, bind: this.subKey };
|
||||
const subKey = new SubKey(this.subKey);
|
||||
const dataToSign = { key: primaryKey, bind: this.keyPacket };
|
||||
const subKey = new SubKey(this.keyPacket);
|
||||
subKey.revocationSignatures.push(await createSignaturePacket(dataToSign, null, primaryKey, {
|
||||
signatureType: enums.signature.subkey_revocation,
|
||||
reasonForRevocationFlag: enums.write(enums.reasonForRevocation, reasonForRevocationFlag),
|
||||
|
|
|
|||
|
|
@ -157,12 +157,12 @@ function keyIdCheck(keyId, keypacket) {
|
|||
*/
|
||||
KeyArray.prototype.getForId = function (keyId, deep) {
|
||||
for (let i = 0; i < this.keys.length; i++) {
|
||||
if (keyIdCheck(keyId, this.keys[i].primaryKey)) {
|
||||
if (keyIdCheck(keyId, this.keys[i].keyPacket)) {
|
||||
return this.keys[i];
|
||||
}
|
||||
if (deep && this.keys[i].subKeys.length) {
|
||||
for (let j = 0; j < this.keys[i].subKeys.length; j++) {
|
||||
if (keyIdCheck(keyId, this.keys[i].subKeys[j].subKey)) {
|
||||
if (keyIdCheck(keyId, this.keys[i].subKeys[j].keyPacket)) {
|
||||
return this.keys[i];
|
||||
}
|
||||
}
|
||||
|
|
@ -182,7 +182,7 @@ KeyArray.prototype.importKey = async function (armored) {
|
|||
for (let i = 0; i < imported.keys.length; i++) {
|
||||
const key = imported.keys[i];
|
||||
// check if key already in key array
|
||||
const keyidHex = key.primaryKey.getKeyId().toHex();
|
||||
const keyidHex = key.keyPacket.getKeyId().toHex();
|
||||
const keyFound = this.getForId(keyidHex);
|
||||
if (keyFound) {
|
||||
// eslint-disable-next-line no-await-in-loop
|
||||
|
|
@ -211,7 +211,7 @@ KeyArray.prototype.push = function (key) {
|
|||
*/
|
||||
KeyArray.prototype.removeForId = function (keyId) {
|
||||
for (let i = 0; i < this.keys.length; i++) {
|
||||
if (keyIdCheck(keyId, this.keys[i].primaryKey)) {
|
||||
if (keyIdCheck(keyId, this.keys[i].keyPacket)) {
|
||||
return this.keys.splice(i, 1)[0];
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -323,17 +323,17 @@ export async function encryptSessionKey(sessionKey, symAlgo, aeadAlgo, publicKey
|
|||
|
||||
if (publicKeys) {
|
||||
const results = await Promise.all(publicKeys.map(async function(publicKey) {
|
||||
const encryptionKeyPacket = await publicKey.getEncryptionKeyPacket(undefined, date, userId);
|
||||
if (!encryptionKeyPacket) {
|
||||
const encryptionKey = await publicKey.getEncryptionKey(undefined, date, userId);
|
||||
if (!encryptionKey) {
|
||||
throw new Error('Could not find valid key packet for encryption in key ' +
|
||||
publicKey.primaryKey.getKeyId().toHex());
|
||||
publicKey.keyPacket.getKeyId().toHex());
|
||||
}
|
||||
const pkESKeyPacket = new packet.PublicKeyEncryptedSessionKey();
|
||||
pkESKeyPacket.publicKeyId = wildcard ? type_keyid.wildcard() : encryptionKeyPacket.getKeyId();
|
||||
pkESKeyPacket.publicKeyAlgorithm = encryptionKeyPacket.algorithm;
|
||||
pkESKeyPacket.publicKeyId = wildcard ? type_keyid.wildcard() : encryptionKey.keyPacket.getKeyId();
|
||||
pkESKeyPacket.publicKeyAlgorithm = encryptionKey.keyPacket.algorithm;
|
||||
pkESKeyPacket.sessionKey = sessionKey;
|
||||
pkESKeyPacket.sessionKeyAlgorithm = symAlgo;
|
||||
await pkESKeyPacket.encrypt(encryptionKeyPacket);
|
||||
await pkESKeyPacket.encrypt(encryptionKey.keyPacket);
|
||||
delete pkESKeyPacket.sessionKey; // delete plaintext session key after encryption
|
||||
return pkESKeyPacket;
|
||||
}));
|
||||
|
|
@ -421,16 +421,16 @@ Message.prototype.sign = async function(privateKeys=[], signature=null, date=new
|
|||
if (privateKey.isPublic()) {
|
||||
throw new Error('Need private key for signing');
|
||||
}
|
||||
const signingKeyPacket = await privateKey.getSigningKeyPacket(undefined, date, userId);
|
||||
if (!signingKeyPacket) {
|
||||
const signingKey = await privateKey.getSigningKey(undefined, date, userId);
|
||||
if (!signingKey) {
|
||||
throw new Error('Could not find valid key packet for signing in key ' +
|
||||
privateKey.primaryKey.getKeyId().toHex());
|
||||
privateKey.keyPacket.getKeyId().toHex());
|
||||
}
|
||||
const onePassSig = new packet.OnePassSignature();
|
||||
onePassSig.type = signatureType;
|
||||
onePassSig.hashAlgorithm = await getPreferredHashAlgo(privateKey, signingKeyPacket, date, userId);
|
||||
onePassSig.publicKeyAlgorithm = signingKeyPacket.algorithm;
|
||||
onePassSig.signingKeyId = signingKeyPacket.getKeyId();
|
||||
onePassSig.hashAlgorithm = await getPreferredHashAlgo(privateKey, signingKey.keyPacket, date, userId);
|
||||
onePassSig.publicKeyAlgorithm = signingKey.keyPacket.algorithm;
|
||||
onePassSig.signingKeyId = signingKey.keyPacket.getKeyId();
|
||||
if (i === privateKeys.length - 1) {
|
||||
onePassSig.flags = 1;
|
||||
}
|
||||
|
|
@ -503,12 +503,12 @@ export async function createSignaturePackets(literalDataPacket, privateKeys, sig
|
|||
if (privateKey.isPublic()) {
|
||||
throw new Error('Need private key for signing');
|
||||
}
|
||||
const signingKeyPacket = await privateKey.getSigningKeyPacket(undefined, date, userId);
|
||||
if (!signingKeyPacket) {
|
||||
const signingKey = await privateKey.getSigningKey(undefined, date, userId);
|
||||
if (!signingKey) {
|
||||
throw new Error(`Could not find valid signing key packet in key ${
|
||||
privateKey.primaryKey.getKeyId().toHex()}`);
|
||||
privateKey.keyPacket.getKeyId().toHex()}`);
|
||||
}
|
||||
return createSignaturePacket(literalDataPacket, privateKey, signingKeyPacket, {signatureType}, date, userId);
|
||||
return createSignaturePacket(literalDataPacket, privateKey, signingKey.keyPacket, {signatureType}, date, userId);
|
||||
})).then(signatureList => {
|
||||
signatureList.forEach(signaturePacket => packetlist.push(signaturePacket));
|
||||
});
|
||||
|
|
@ -570,10 +570,10 @@ export async function createVerificationObjects(signatureList, literalDataList,
|
|||
return Promise.all(signatureList.map(async function(signature) {
|
||||
let keyPacket = null;
|
||||
await Promise.all(keys.map(async function(key) {
|
||||
// Look for the unique key packet that matches issuerKeyId of signature
|
||||
const result = await key.getSigningKeyPacket(signature.issuerKeyId, date);
|
||||
// Look for the unique key that matches issuerKeyId of signature
|
||||
const result = await key.getSigningKey(signature.issuerKeyId, date);
|
||||
if (result) {
|
||||
keyPacket = result;
|
||||
keyPacket = result.keyPacket;
|
||||
}
|
||||
}));
|
||||
|
||||
|
|
|
|||
|
|
@ -1415,8 +1415,8 @@ t/ia1kMpSEiOVLlX5dfHZzhR3WNtBqU=
|
|||
// remove subkeys
|
||||
pubKey.subKeys = [];
|
||||
// primary key has only key flags for signing
|
||||
const keyPacket = await pubKey.getEncryptionKeyPacket();
|
||||
expect(keyPacket).to.not.exist;
|
||||
const encryptionKey = await pubKey.getEncryptionKey();
|
||||
expect(encryptionKey).to.not.exist;
|
||||
});
|
||||
|
||||
it('Method getExpirationTime V4 Key', async function() {
|
||||
|
|
@ -1506,8 +1506,8 @@ t/ia1kMpSEiOVLlX5dfHZzhR3WNtBqU=
|
|||
dest.update(source).then(() => {
|
||||
expect(dest.subKeys[1]).to.exist;
|
||||
expect(
|
||||
dest.subKeys[1].subKey.getKeyId().toHex()
|
||||
).to.equal(source.subKeys[1].subKey.getKeyId().toHex());
|
||||
dest.subKeys[1].keyPacket.getKeyId().toHex()
|
||||
).to.equal(source.subKeys[1].keyPacket.getKeyId().toHex());
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
|
@ -1818,7 +1818,7 @@ VYGdb3eNlV8CfoEC
|
|||
return openpgp.generateKey(opt).then(function(newKey) {
|
||||
expect(newKey.key).to.exist;
|
||||
expect(+newKey.key.primaryKey.created).to.equal(+past);
|
||||
expect(+newKey.key.subKeys[0].subKey.created).to.equal(+past);
|
||||
expect(+newKey.key.subKeys[0].keyPacket.created).to.equal(+past);
|
||||
expect(+newKey.key.subKeys[0].bindingSignatures[0].created).to.equal(+past);
|
||||
});
|
||||
})
|
||||
|
|
@ -1847,8 +1847,8 @@ VYGdb3eNlV8CfoEC
|
|||
expect(key.users[0].userId.userid).to.equal(userId);
|
||||
expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
|
||||
expect(key.subKeys).to.have.lengthOf(2);
|
||||
expect(key.subKeys[0].subKey.algorithm).to.equal('ecdh');
|
||||
expect(key.subKeys[1].subKey.algorithm).to.equal('ecdh');
|
||||
expect(key.subKeys[0].keyPacket.algorithm).to.equal('ecdh');
|
||||
expect(key.subKeys[1].keyPacket.algorithm).to.equal('ecdh');
|
||||
});
|
||||
});
|
||||
|
||||
|
|
@ -1861,8 +1861,8 @@ VYGdb3eNlV8CfoEC
|
|||
expect(key.users[0].userId.userid).to.equal(userId);
|
||||
expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
|
||||
expect(key.subKeys).to.have.lengthOf(2);
|
||||
expect(key.subKeys[0].subKey.algorithm).to.equal('ecdh');
|
||||
expect(key.subKeys[1].subKey.algorithm).to.equal('eddsa');
|
||||
expect(key.subKeys[0].keyPacket.algorithm).to.equal('ecdh');
|
||||
expect(key.subKeys[1].keyPacket.algorithm).to.equal('eddsa');
|
||||
});
|
||||
});
|
||||
|
||||
|
|
@ -1875,7 +1875,7 @@ VYGdb3eNlV8CfoEC
|
|||
expect(key.users[0].userId.userid).to.equal(userId);
|
||||
expect(key.users[0].selfCertifications[0].isPrimaryUserID).to.be.true;
|
||||
expect(key.primaryKey.algorithm).to.equal('rsa_encrypt_sign');
|
||||
expect(key.subKeys[0].subKey.algorithm).to.equal('ecdh');
|
||||
expect(key.subKeys[0].keyPacket.algorithm).to.equal('ecdh');
|
||||
});
|
||||
});
|
||||
|
||||
|
|
@ -1927,8 +1927,8 @@ VYGdb3eNlV8CfoEC
|
|||
await privateKey.decrypt('hello world');
|
||||
publicKey = await publicKey.signPrimaryUser([privateKey]);
|
||||
const signatures = await publicKey.verifyPrimaryUser([privateKey]);
|
||||
const publicKeyPacket = await publicKey.getSigningKeyPacket();
|
||||
const privateKeyPacket = await privateKey.getSigningKeyPacket();
|
||||
const publicKeyPacket = (await publicKey.getSigningKey()).keyPacket;
|
||||
const privateKeyPacket = (await privateKey.getSigningKey()).keyPacket;
|
||||
expect(signatures.length).to.equal(2);
|
||||
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
|
||||
expect(signatures[0].valid).to.be.null;
|
||||
|
|
@ -1943,8 +1943,8 @@ VYGdb3eNlV8CfoEC
|
|||
await privateKey.decrypt('hello world');
|
||||
publicKey = await publicKey.signPrimaryUser([privateKey]);
|
||||
const signatures = await publicKey.verifyPrimaryUser([wrongKey]);
|
||||
const publicKeyPacket = await publicKey.getSigningKeyPacket();
|
||||
const privateKeyPacket = await privateKey.getSigningKeyPacket();
|
||||
const publicKeyPacket = (await publicKey.getSigningKey()).keyPacket;
|
||||
const privateKeyPacket = (await privateKey.getSigningKey()).keyPacket;
|
||||
expect(signatures.length).to.equal(2);
|
||||
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
|
||||
expect(signatures[0].valid).to.be.null;
|
||||
|
|
@ -1958,8 +1958,8 @@ VYGdb3eNlV8CfoEC
|
|||
await privateKey.decrypt('hello world');
|
||||
publicKey = await publicKey.signAllUsers([privateKey]);
|
||||
const signatures = await publicKey.verifyAllUsers([privateKey]);
|
||||
const publicKeyPacket = await publicKey.getSigningKeyPacket();
|
||||
const privateKeyPacket = await privateKey.getSigningKeyPacket();
|
||||
const publicKeyPacket = (await publicKey.getSigningKey()).keyPacket;
|
||||
const privateKeyPacket = (await privateKey.getSigningKey()).keyPacket;
|
||||
expect(signatures.length).to.equal(4);
|
||||
expect(signatures[0].userid).to.equal(publicKey.users[0].userId.userid);
|
||||
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
|
||||
|
|
@ -1982,8 +1982,8 @@ VYGdb3eNlV8CfoEC
|
|||
await privateKey.decrypt('hello world');
|
||||
publicKey = await publicKey.signAllUsers([privateKey]);
|
||||
const signatures = await publicKey.verifyAllUsers([wrongKey]);
|
||||
const publicKeyPacket = await publicKey.getSigningKeyPacket();
|
||||
const privateKeyPacket = await privateKey.getSigningKeyPacket()
|
||||
const publicKeyPacket = (await publicKey.getSigningKey()).keyPacket;
|
||||
const privateKeyPacket = (await privateKey.getSigningKey()).keyPacket;
|
||||
expect(signatures.length).to.equal(4);
|
||||
expect(signatures[0].userid).to.equal(publicKey.users[0].userId.userid);
|
||||
expect(signatures[0].keyid.toHex()).to.equal(publicKeyPacket.getKeyId().toHex());
|
||||
|
|
@ -2097,7 +2097,7 @@ VYGdb3eNlV8CfoEC
|
|||
newKey = newKey.key;
|
||||
expect(newKey.users[0].userId.userid).to.equal(userId1);
|
||||
expect(+newKey.primaryKey.created).to.equal(+now);
|
||||
expect(+newKey.subKeys[0].subKey.created).to.equal(+now);
|
||||
expect(+newKey.subKeys[0].keyPacket.created).to.equal(+now);
|
||||
expect(+newKey.subKeys[0].bindingSignatures[0].created).to.equal(+now);
|
||||
const opt2 = {privateKey: newKey, userIds: [userId2], date: before};
|
||||
return openpgp.reformatKey(opt2).then(function(refKey) {
|
||||
|
|
@ -2123,7 +2123,7 @@ VYGdb3eNlV8CfoEC
|
|||
{message: openpgp.cleartext.readArmored(signed.data), publicKeys: newKey.toPublic()}
|
||||
).then(async function(verified) {
|
||||
expect(verified.signatures[0].valid).to.be.true;
|
||||
const newKeyPacket = await newKey.getSigningKeyPacket();
|
||||
const newKeyPacket = (await newKey.getSigningKey()).keyPacket;
|
||||
expect(verified.signatures[0].keyid.toHex()).to.equal(newKeyPacket.getKeyId().toHex());
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -2188,7 +2188,7 @@ VYGdb3eNlV8CfoEC
|
|||
|
||||
it('Find a valid subkey binding signature among many invalid ones', async function() {
|
||||
const key = openpgp.key.readArmored(valid_binding_sig_among_many_expired_sigs_pub).keys[0];
|
||||
expect(await key.getEncryptionKeyPacket()).to.not.be.null;
|
||||
expect(await key.getEncryptionKey()).to.not.be.null;
|
||||
});
|
||||
|
||||
it('Selects the most recent subkey binding signature', async function() {
|
||||
|
|
|
|||
|
|
@ -1121,7 +1121,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1144,7 +1144,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1177,7 +1177,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await newPrivateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await newPrivateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1200,7 +1200,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal('');
|
||||
expect(decrypted.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1224,7 +1224,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1258,7 +1258,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1297,11 +1297,11 @@ describe('OpenPGP.js public api tests', function() {
|
|||
let keyPacket;
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.true;
|
||||
keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
expect(decrypted.signatures[1].valid).to.be.true;
|
||||
keyPacket = await privKeyDE.getSigningKeyPacket();
|
||||
keyPacket = (await privKeyDE.getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[1].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1335,7 +1335,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.null;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1367,7 +1367,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.null;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1389,7 +1389,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.null;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1411,7 +1411,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal('');
|
||||
expect(decrypted.signatures[0].valid).to.be.null;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1432,7 +1432,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.null;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1456,7 +1456,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (decrypted) {
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.null;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1486,11 +1486,11 @@ describe('OpenPGP.js public api tests', function() {
|
|||
let keyPacket;
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.true;
|
||||
keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
expect(decrypted.signatures[1].valid).to.be.true;
|
||||
keyPacket = await privKeyDE.getSigningKeyPacket();
|
||||
keyPacket = (await privKeyDE.getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[1].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[1].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1511,7 +1511,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (verified) {
|
||||
expect(verified.data).to.equal(plaintext);
|
||||
expect(verified.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1536,11 +1536,11 @@ describe('OpenPGP.js public api tests', function() {
|
|||
let keyPacket;
|
||||
expect(verified.data).to.equal(plaintext);
|
||||
expect(verified.signatures[0].valid).to.be.true;
|
||||
keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
expect(verified.signatures[1].valid).to.be.true;
|
||||
keyPacket = await privKeyDE.getSigningKeyPacket();
|
||||
keyPacket = (await privKeyDE.getSigningKey()).keyPacket;
|
||||
expect(verified.signatures[1].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(verified.signatures[1].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1562,7 +1562,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (verified) {
|
||||
expect(verified.data).to.equal(plaintext);
|
||||
expect(verified.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1582,7 +1582,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (verified) {
|
||||
expect(verified.data).to.equal(plaintext);
|
||||
expect(verified.signatures[0].valid).to.be.null;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1604,7 +1604,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (verified) {
|
||||
expect(verified.data).to.equal(plaintext);
|
||||
expect(verified.signatures[0].valid).to.be.null;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1625,7 +1625,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(async function (verified) {
|
||||
expect(verified.data).to.equal(plaintext);
|
||||
expect(verified.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1651,7 +1651,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
expect(+verified.signatures[0].signature.packets[0].created).to.be.lte(+openpgp.util.normalizeDate());
|
||||
expect(+verified.signatures[0].signature.packets[0].created).to.be.gte(+start);
|
||||
expect(verified.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await privateKey.keys[0].getSigningKeyPacket();
|
||||
const keyPacket = (await privateKey.keys[0].getSigningKey()).keyPacket;
|
||||
expect(verified.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1677,7 +1677,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
expect(+verified.signatures[0].signature.packets[0].created).to.equal(+past);
|
||||
expect(verified.data).to.equal(plaintext);
|
||||
expect(verified.signatures[0].valid).to.be.true;
|
||||
expect(signOpt.privateKeys[0].getSigningKeyPacket(verified.signatures[0].keyid, past))
|
||||
expect(signOpt.privateKeys[0].getSigningKey(verified.signatures[0].keyid, past))
|
||||
.to.be.not.null;
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
// now check with expiration checking disabled
|
||||
|
|
@ -1687,7 +1687,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
expect(+verified.signatures[0].signature.packets[0].created).to.equal(+past);
|
||||
expect(verified.data).to.equal(plaintext);
|
||||
expect(verified.signatures[0].valid).to.be.true;
|
||||
expect(signOpt.privateKeys[0].getSigningKeyPacket(verified.signatures[0].keyid, null))
|
||||
expect(signOpt.privateKeys[0].getSigningKey(verified.signatures[0].keyid, null))
|
||||
.to.be.not.null;
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1716,7 +1716,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
expect(+verified.signatures[0].signature.packets[0].created).to.equal(+future);
|
||||
expect([].slice.call(verified.data)).to.deep.equal([].slice.call(data));
|
||||
expect(verified.signatures[0].valid).to.be.true;
|
||||
expect(signOpt.privateKeys[0].getSigningKeyPacket(verified.signatures[0].keyid, future))
|
||||
expect(signOpt.privateKeys[0].getSigningKey(verified.signatures[0].keyid, future))
|
||||
.to.be.not.null;
|
||||
expect(verified.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1792,7 +1792,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(function (signatures) {
|
||||
expect(+signatures[0].signature.packets[0].created).to.equal(+past);
|
||||
expect(signatures[0].valid).to.be.true;
|
||||
expect(encryptOpt.privateKeys[0].getSigningKeyPacket(signatures[0].keyid, past))
|
||||
expect(encryptOpt.privateKeys[0].getSigningKey(signatures[0].keyid, past))
|
||||
.to.be.not.null;
|
||||
expect(signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1821,7 +1821,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(function (signatures) {
|
||||
expect(+signatures[0].signature.packets[0].created).to.equal(+future);
|
||||
expect(signatures[0].valid).to.be.true;
|
||||
expect(encryptOpt.privateKeys[0].getSigningKeyPacket(signatures[0].keyid, future))
|
||||
expect(encryptOpt.privateKeys[0].getSigningKey(signatures[0].keyid, future))
|
||||
.to.be.not.null;
|
||||
expect(signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1851,7 +1851,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
}).then(function (signatures) {
|
||||
expect(+signatures[0].signature.packets[0].created).to.equal(+future);
|
||||
expect(signatures[0].valid).to.be.true;
|
||||
expect(encryptOpt.privateKeys[0].getSigningKeyPacket(signatures[0].keyid, future))
|
||||
expect(encryptOpt.privateKeys[0].getSigningKey(signatures[0].keyid, future))
|
||||
.to.be.not.null;
|
||||
expect(signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
@ -1911,7 +1911,7 @@ describe('OpenPGP.js public api tests', function() {
|
|||
expect(decrypted.data).to.exist;
|
||||
expect(decrypted.data).to.equal(plaintext);
|
||||
expect(decrypted.signatures[0].valid).to.be.true;
|
||||
const keyPacket = await privKeyDE.getSigningKeyPacket();
|
||||
const keyPacket = (await privKeyDE.getSigningKey()).keyPacket;
|
||||
expect(decrypted.signatures[0].keyid.toHex()).to.equal(keyPacket.getKeyId().toHex());
|
||||
expect(decrypted.signatures[0].signature.packets.length).to.equal(1);
|
||||
});
|
||||
|
|
|
|||
|
|
@ -369,7 +369,7 @@ describe("Signature", function() {
|
|||
const pub_key = openpgp.key.readArmored(pub_key_arm1).keys[0];
|
||||
const msg = openpgp.message.readArmored(msg_arm1);
|
||||
|
||||
await priv_key_gnupg_ext.subKeys[0].subKey.decrypt("abcd");
|
||||
await priv_key_gnupg_ext.subKeys[0].keyPacket.decrypt("abcd");
|
||||
return msg.decrypt([priv_key_gnupg_ext]).then(function(msg) {
|
||||
return msg.verify([pub_key]).then(verified => {
|
||||
expect(verified).to.exist;
|
||||
|
|
@ -786,7 +786,7 @@ yYDnCgA=
|
|||
const plaintext = 'short message\nnext line\n한국어/조선말';
|
||||
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
|
||||
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
|
||||
await Promise.all([privKey.primaryKey.decrypt('hello world'), privKey.subKeys[0].subKey.decrypt('hello world')]);
|
||||
await Promise.all([privKey.primaryKey.decrypt('hello world'), privKey.subKeys[0].keyPacket.decrypt('hello world')]);
|
||||
return openpgp.sign({ privateKeys:[privKey], data: plaintext, detached: true}).then(function(signed) {
|
||||
const signature = openpgp.signature.readArmored(signed.signature);
|
||||
return openpgp.encrypt({ data: openpgp.util.str_to_Uint8Array(openpgp.util.encode_utf8(plaintext)), publicKeys: [pubKey], signature })
|
||||
|
|
@ -861,7 +861,7 @@ yYDnCgA=
|
|||
it('Verify subkey revocation signatures', function(done) {
|
||||
const pubKey = openpgp.key.readArmored(pub_revoked).keys[0];
|
||||
expect(pubKey.subKeys[0].revocationSignatures[0].verify(
|
||||
pubKey.primaryKey, {key: pubKey.primaryKey, bind: pubKey.subKeys[0].subKey}
|
||||
pubKey.primaryKey, {key: pubKey.primaryKey, bind: pubKey.subKeys[0].keyPacket}
|
||||
)).to.eventually.be.true.notify(done);
|
||||
});
|
||||
|
||||
|
|
|
|||
|
|
@ -227,11 +227,11 @@ describe('X25519 Cryptography', function () {
|
|||
expect(firstKey.key).to.exist;
|
||||
expect(firstKey.key.primaryKey).to.exist;
|
||||
expect(firstKey.key.subKeys).to.have.length(1);
|
||||
expect(firstKey.key.subKeys[0].subKey).to.exist;
|
||||
expect(firstKey.key.subKeys[0].keyPacket).to.exist;
|
||||
|
||||
const hi = firstKey.key;
|
||||
const primaryKey = hi.primaryKey;
|
||||
const subKey = hi.subKeys[0].subKey;
|
||||
const subKey = hi.subKeys[0].keyPacket;
|
||||
expect(primaryKey.params[0].getName()).to.equal("ed25519");
|
||||
expect(primaryKey.algorithm).to.equal('eddsa');
|
||||
expect(subKey.params[0].getName()).to.equal('curve25519');
|
||||
|
|
@ -254,8 +254,8 @@ describe('X25519 Cryptography', function () {
|
|||
const bye = secondKey.key;
|
||||
expect(bye.primaryKey.params[0].getName()).to.equal('ed25519');
|
||||
expect(bye.primaryKey.algorithm).to.equal('eddsa');
|
||||
expect(bye.subKeys[0].subKey.params[0].getName()).to.equal('curve25519');
|
||||
expect(bye.subKeys[0].subKey.algorithm).to.equal('ecdh');
|
||||
expect(bye.subKeys[0].keyPacket.params[0].getName()).to.equal('curve25519');
|
||||
expect(bye.subKeys[0].keyPacket.algorithm).to.equal('ecdh');
|
||||
|
||||
// Self Certificate is valid
|
||||
const user = bye.users[0];
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user