suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Only store newly created signatures as valid in the non-streaming case

Browse Source 
When streaming, we're not actually sure yet that signing won't fail.
This commit is contained in:
Daniel Huigens 2019-09-12 14:01:34 +02:00
parent 2877bac018
commit 91aa8b0d4c
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/packet/signature.js
View File

@ -190,13 +190,13 @@ Signature.prototype.sign = async function (key, data, detached = false, streamin
this.signature = stream.fromAsync(signed); this.signature = stream.fromAsync(signed);
} else { } else {
this.signature = await signed(); this.signature = await signed();
}
// Store the fact that this signature is valid, e.g. for when we call `await // Store the fact that this signature is valid, e.g. for when we call `await
// getLatestValidSignature(this.revocationSignatures, key, data)` later. Note // getLatestValidSignature(this.revocationSignatures, key, data)` later.
// that this only holds up if the key and data passed to verify are the same // Note that this only holds up if the key and data passed to verify are the
// as the ones passed to sign. // same as the ones passed to sign.
this.verified = true; this.verified = true;
}
return true; return true;
}; };