suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V4 keys: prefer subkeys for encryption

Browse Source
This commit is contained in:
Thomas Oberndörfer 2013-02-28 10:11:53 +01:00
parent 4a00c3b7a7
commit a5c1740729
3 changed files with 27 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
resources/openpgp.js
View File

@ -7353,7 +7353,7 @@ function openpgp_config() {
keyserver: "keyserver.linux.it" // "pgp.mit.edu:11371"
};
this.versionstring ="OpenPGP.js v.1.20130213";
this.versionstring ="OpenPGP.js v.1.20130228";
this.commentstring ="http://openpgpjs.org";
/**
* reads the config out of the HTML5 local storage
@ -9110,16 +9110,19 @@ function openpgp_msg_publickey() {
* @returns null if no encryption key has been found
*/
function getEncryptionKey() {
if (this.publicKeyPacket.publicKeyAlgorithm != 17 && this.publicKeyPacket.publicKeyAlgorithm != 3
&& this.publicKeyPacket.verifyKey())
return this.publicKeyPacket;
else if (this.publicKeyPacket.version == 4) // V3 keys MUST NOT have subkeys.
for (var j = 0; j < this.subKeys.length; j++)
// V4: by convention subkeys are prefered for encryption service
// V3: keys MUST NOT have subkeys
for (var j = 0; j < this.subKeys.length; j++)
if (this.subKeys[j].publicKeyAlgorithm != 17 &&
this.subKeys[j].publicKeyAlgorithm != 3 &&
this.subKeys[j].verifyKey()) {
return this.subKeys[j];
}
// if no valid subkey for encryption, use primary key
if (this.publicKeyPacket.publicKeyAlgorithm != 17 && this.publicKeyPacket.publicKeyAlgorithm != 3
&& this.publicKeyPacket.verifyKey()) {
return this.publicKeyPacket;
}
return null;
}

20
resources/openpgp.min.js vendored
View File

@ -285,7 +285,7 @@ JXG.Util.asciiCharCodeAt=function(b,a){var c=b.charCodeAt(a);if(255<c)switch(c){
151;break;case 732:c=152;break;case 8482:c=153;break;case 353:c=154;break;case 8250:c=155;break;case 339:c=156;break;case 382:c=158;break;case 376:c=159}return c};
JXG.Util.utf8Decode=function(b){var a=[],c=0,d=0,e=0,f;if(!JXG.exists(b))return"";for(;c<b.length;)d=b.charCodeAt(c),128>d?(a.push(String.fromCharCode(d)),c++):191<d&&224>d?(e=b.charCodeAt(c+1),a.push(String.fromCharCode((d&31)<<6|e&63)),c+=2):(e=b.charCodeAt(c+1),f=b.charCodeAt(c+2),a.push(String.fromCharCode((d&15)<<12|(e&63)<<6|f&63)),c+=3);return a.join("")};
JXG.Util.genUUID=function(){for(var b="0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz".split(""),a=Array(36),c=0,d,e=0;36>e;e++)8==e||13==e||18==e||23==e?a[e]="-":14==e?a[e]="4":(2>=c&&(c=33554432+16777216*Math.random()|0),d=c&15,c>>=4,a[e]=b[19==e?d&3|8:d]);return a.join("")};
function openpgp_config(){this.config=null;this.default_config={prefer_hash_algorithm:2,encryption_cipher:9,compression:1,show_version:!0,show_comment:!0,integrity_protect:!0,composition_behavior:0,keyserver:"keyserver.linux.it"};this.versionstring="OpenPGP.js v.1.20130213";this.commentstring="http://openpgpjs.org";this.debug=!1;this.read=function(){var b=JSON.parse(window.localStorage.getItem("config"));null==b?(this.config=this.default_config,this.write()):this.config=b};this.write=function(){window.localStorage.setItem("config",
function openpgp_config(){this.config=null;this.default_config={prefer_hash_algorithm:2,encryption_cipher:9,compression:1,show_version:!0,show_comment:!0,integrity_protect:!0,composition_behavior:0,keyserver:"keyserver.linux.it"};this.versionstring="OpenPGP.js v.1.20130228";this.commentstring="http://openpgpjs.org";this.debug=!1;this.read=function(){var b=JSON.parse(window.localStorage.getItem("config"));null==b?(this.config=this.default_config,this.write()):this.config=b};this.write=function(){window.localStorage.setItem("config",
JSON.stringify(this.config))}}var b64s="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";function s2r(b){var a,c,d,e="",f=0,g=0,h=b.length;for(d=0;d<h;d++)c=b.charCodeAt(d),0==g?(e+=b64s.charAt(c>>2&63),a=(c&3)<<4):1==g?(e+=b64s.charAt(a|c>>4&15),a=(c&15)<<2):2==g&&(e+=b64s.charAt(a|c>>6&3),f+=1,0==f%60&&(e+="\n"),e+=b64s.charAt(c&63)),f+=1,0==f%60&&(e+="\n"),g+=1,3==g&&(g=0);0<g&&(e+=b64s.charAt(a),f+=1,0==f%60&&(e+="\n"),e+="=",f+=1);1==g&&(0==f%60&&(e+="\n"),e+="=");return e}
function r2s(b){var a,c,d="",e=0,f=0,g=b.length;for(c=0;c<g;c++)a=b64s.indexOf(b.charAt(c)),0<=a&&(e&&(d+=String.fromCharCode(f|a>>6-e&255)),e=e+2&7,f=a<<e&255);return d}
function openpgp_encoding_deArmor(b){var a=getPGPMessageType(b);if(2!=a){b=b.split("-----");data={openpgp:openpgp_encoding_base64_decode(b[2].split("\n\n")[1].split("\n=")[0].replace(/\n- /g,"\n")),type:a};if(verifyCheckSum(data.openpgp,b[2].split("\n\n")[1].split("\n=")[1].split("\n")[0]))return data;util.print_error("Ascii armor integrity check on message failed: '"+b[2].split("\n\n")[1].split("\n=")[1].split("\n")[0]+"' should be '"+getCheckSum(data))}else{b=b.split("-----");a={text:b[2].replace(/\n- /g,
@ -342,15 +342,15 @@ b;){var e=openpgp_packet.read_packet(a,b,a.length-b);if(null==e){util.print_erro
e.signatureType+" @"+b);b+=e.packetLength+e.headerLength;break;case 7:this.subKeys[this.subKeys.length]=e;b+=e.packetLength+e.headerLength;b+=e.read_nodes(this.privateKeyPacket,a,b,a.length-b);break;case 17:this.userAttributes[this.userAttributes.length]=e;b+=e.packetLength+e.headerLength;b+=e.read_nodes(this.privateKeyPacket,a,b,a.length-b);break;case 13:this.userIds[this.userIds.length]=e;b+=e.packetLength+e.headerLength;b+=e.read_nodes(this.privateKeyPacket,a,b,a.length-b);break;default:return this.position=
c-this.privateKeyPacket.packetLength-this.privateKeyPacket.headerLength,this.len=b-c}}this.position=c-this.privateKeyPacket.packetLength-this.privateKeyPacket.headerLength;return this.len=b-c};this.decryptSecretMPIs=function(b){return this.privateKeyPacket.decryptSecretMPIs(b)};this.getSubKeyIds=function(){if(4==this.privateKeyPacket.publicKey.version)var b=[];for(var a=0;a<this.subKeys.length;a++)b[a]=str_sha1(this.subKeys[a].publicKey.header+this.subKeys[a].publicKey.data).substring(12,20);return b};
this.getKeyId=function(){return this.privateKeyPacket.publicKey.getKeyId()}}
function openpgp_msg_publickey(){this.tostring="OPENPGP PUBLIC KEY\n";this.publicKeyPacket=this.bindingSignature=null;this.userIds=[];this.userAttributes=[];this.revocationSignatures=[];this.subKeys=[];this.arbitraryPacket=[];this.directSignatures=[];this.verifyCertificationSignatures=function(){for(var b=[],a=0;a<this.userIds.length;a++)b[a]=this.userIds[a].verifyCertificationSignatures(this.publicKeyPacket);return b};this.getEncryptionKey=function(){if(17!=this.publicKeyPacket.publicKeyAlgorithm&&
3!=this.publicKeyPacket.publicKeyAlgorithm&&this.publicKeyPacket.verifyKey())return this.publicKeyPacket;if(4==this.publicKeyPacket.version)for(var b=0;b<this.subKeys.length;b++)if(17!=this.subKeys[b].publicKeyAlgorithm&&3!=this.subKeys[b].publicKeyAlgorithm&&this.subKeys[b].verifyKey())return this.subKeys[b];return null};this.getSigningKey=function(){if(17==this.publicKeyPacket.publicKeyAlgorithm||2!=this.publicKeyPacket.publicKeyAlgorithm)return this.publicKeyPacket;if(4==this.publicKeyPacket.version)for(var b=
0;b<this.subKeys.length;b++)if((17==this.subKeys[b].publicKeyAlgorithm||2!=this.subKeys[b].publicKeyAlgorithm)&&this.subKeys[b].verifyKey())return this.subKeys[b];return null};this.read_nodes=function(b,a,c,d){this.publicKeyPacket=b;for(b=c;a.length!=b;){var e=openpgp_packet.read_packet(a,b,a.length-b);if(null==e){util.print_error("openpgp.msg.publickey read_nodes:\n[pub_key]parsing ends here @:"+b+" l:"+d);break}else switch(e.tagType){case 2:32==e.signatureType?this.revocationSignatures[this.revocationSignatures.length]=
e:16==e.signatureType||17==e.signatureType||18==e.signatureType||19==e.signatureType?this.certificationSignature=e:25==e.signatureType?this.bindingSignature=e:31==e.signatureType?this.directSignatures[this.directSignatures.length]=e:util.print_error("openpgp.msg.publickey read_nodes:\nunknown signature type directly on key "+e.signatureType);b+=e.packetLength+e.headerLength;break;case 14:this.subKeys[this.subKeys.length]=e;b+=e.packetLength+e.headerLength;b+=e.read_nodes(this.publicKeyPacket,a,b,
a.length-b);break;case 17:this.userAttributes[this.userAttributes.length]=e;b+=e.packetLength+e.headerLength;b+=e.read_nodes(this.publicKeyPacket,a,b,a.length-b);break;case 13:this.userIds[this.userIds.length]=e;b+=e.packetLength+e.headerLength;b+=e.read_nodes(this.publicKeyPacket,a,b,a.length-b);break;default:return this.data=a,this.position=c-this.publicKeyPacket.packetLength-this.publicKeyPacket.headerLength,this.len=b-c}}this.data=a;this.position=c-(this.publicKeyPacket.packetLength-this.publicKeyPacket.headerLength);
return this.len=b-c};this.write=function(){};this.toString=function(){for(var b=" OPENPGP Public Key\n length: "+this.len+"\n",b=b+" Revocation Signatures:\n",a=0;a<this.revocationSignatures.length;a++)b+=" "+this.revocationSignatures[a].toString();b+=" User Ids:\n";for(a=0;a<this.userIds.length;a++)b+=" "+this.userIds[a].toString();b+=" User Attributes:\n";for(a=0;a<this.userAttributes.length;a++)b+=" "+this.userAttributes[a].toString();b+=" Public Key SubKeys:\n";for(a=0;a<
this.subKeys.length;a++)b+=" "+this.subKeys[a].toString();return b};this.validate=function(){for(var b=0;b<this.revocationSignatures.length;b++)if(this.revocationSignatures[b].verify(this.publicKeyPacket.header+this.publicKeyPacket.data,this.publicKeyPacket))return!1;if(0!=this.subKeys.length){for(var a=!1,b=0;b<this.subKeys.length;b++)if(3==this.subKeys[b].verifyKey()){a=!0;break}if(!a)return!1}a=!1;for(b=0;b<this.userIds.length;b++)if(0==this.userIds[b].verify(this.publicKeyPacket)){a=!0;break}return!a?
!1:!0};this.getFingerprint=function(){return this.publicKeyPacket.getFingerprint()};this.getKeyId=function(){return this.publicKeyPacket.getKeyId()};this.verifyBasicSignatures=function(){for(var b=0;b<this.revocationSignatures.length;b++)if(this.revocationSignatures[b].verify(this.publicKeyPacket.header+this.publicKeyPacket.data,this.publicKeyPacket))return!1;if(0!=this.subKeys.length){for(var a=!1,b=0;b<this.subKeys.length;b++)if(null!=this.subKeys[b]&&3==this.subKeys[b].verifyKey()){a=!0;break}if(!a)return!1}a=
this.getKeyId();for(b=0;b<this.userIds.length;b++)for(var c=0;c<this.userIds[b].certificationRevocationSignatures.length;c++)if(this.userIds[b].certificationSignatures[c].getIssuer==a&&4!=this.userIds[b].certificationSignatures[c].verifyBasic(this.publicKeyPacket))return!1;return!0};this.getSubKeyAsKey=function(b){var a=new openpgp_msg_publickey;a.userIds=this.userIds;a.userAttributes=this.userAttributes;a.publicKeyPacket=this.subKeys[b];return a}}
function openpgp_msg_publickey(){this.tostring="OPENPGP PUBLIC KEY\n";this.publicKeyPacket=this.bindingSignature=null;this.userIds=[];this.userAttributes=[];this.revocationSignatures=[];this.subKeys=[];this.arbitraryPacket=[];this.directSignatures=[];this.verifyCertificationSignatures=function(){for(var b=[],a=0;a<this.userIds.length;a++)b[a]=this.userIds[a].verifyCertificationSignatures(this.publicKeyPacket);return b};this.getEncryptionKey=function(){for(var b=0;b<this.subKeys.length;b++)if(17!=
this.subKeys[b].publicKeyAlgorithm&&3!=this.subKeys[b].publicKeyAlgorithm&&this.subKeys[b].verifyKey())return this.subKeys[b];return 17!=this.publicKeyPacket.publicKeyAlgorithm&&3!=this.publicKeyPacket.publicKeyAlgorithm&&this.publicKeyPacket.verifyKey()?this.publicKeyPacket:null};this.getSigningKey=function(){if(17==this.publicKeyPacket.publicKeyAlgorithm||2!=this.publicKeyPacket.publicKeyAlgorithm)return this.publicKeyPacket;if(4==this.publicKeyPacket.version)for(var b=0;b<this.subKeys.length;b++)if((17==
this.subKeys[b].publicKeyAlgorithm||2!=this.subKeys[b].publicKeyAlgorithm)&&this.subKeys[b].verifyKey())return this.subKeys[b];return null};this.read_nodes=function(b,a,c,d){this.publicKeyPacket=b;for(b=c;a.length!=b;){var e=openpgp_packet.read_packet(a,b,a.length-b);if(null==e){util.print_error("openpgp.msg.publickey read_nodes:\n[pub_key]parsing ends here @:"+b+" l:"+d);break}else switch(e.tagType){case 2:32==e.signatureType?this.revocationSignatures[this.revocationSignatures.length]=e:16==e.signatureType||
17==e.signatureType||18==e.signatureType||19==e.signatureType?this.certificationSignature=e:25==e.signatureType?this.bindingSignature=e:31==e.signatureType?this.directSignatures[this.directSignatures.length]=e:util.print_error("openpgp.msg.publickey read_nodes:\nunknown signature type directly on key "+e.signatureType);b+=e.packetLength+e.headerLength;break;case 14:this.subKeys[this.subKeys.length]=e;b+=e.packetLength+e.headerLength;b+=e.read_nodes(this.publicKeyPacket,a,b,a.length-b);break;case 17:this.userAttributes[this.userAttributes.length]=
e;b+=e.packetLength+e.headerLength;b+=e.read_nodes(this.publicKeyPacket,a,b,a.length-b);break;case 13:this.userIds[this.userIds.length]=e;b+=e.packetLength+e.headerLength;b+=e.read_nodes(this.publicKeyPacket,a,b,a.length-b);break;default:return this.data=a,this.position=c-this.publicKeyPacket.packetLength-this.publicKeyPacket.headerLength,this.len=b-c}}this.data=a;this.position=c-(this.publicKeyPacket.packetLength-this.publicKeyPacket.headerLength);return this.len=b-c};this.write=function(){};this.toString=
function(){for(var b=" OPENPGP Public Key\n length: "+this.len+"\n",b=b+" Revocation Signatures:\n",a=0;a<this.revocationSignatures.length;a++)b+=" "+this.revocationSignatures[a].toString();b+=" User Ids:\n";for(a=0;a<this.userIds.length;a++)b+=" "+this.userIds[a].toString();b+=" User Attributes:\n";for(a=0;a<this.userAttributes.length;a++)b+=" "+this.userAttributes[a].toString();b+=" Public Key SubKeys:\n";for(a=0;a<this.subKeys.length;a++)b+=" "+this.subKeys[a].toString();
return b};this.validate=function(){for(var b=0;b<this.revocationSignatures.length;b++)if(this.revocationSignatures[b].verify(this.publicKeyPacket.header+this.publicKeyPacket.data,this.publicKeyPacket))return!1;if(0!=this.subKeys.length){for(var a=!1,b=0;b<this.subKeys.length;b++)if(3==this.subKeys[b].verifyKey()){a=!0;break}if(!a)return!1}a=!1;for(b=0;b<this.userIds.length;b++)if(0==this.userIds[b].verify(this.publicKeyPacket)){a=!0;break}return!a?!1:!0};this.getFingerprint=function(){return this.publicKeyPacket.getFingerprint()};
this.getKeyId=function(){return this.publicKeyPacket.getKeyId()};this.verifyBasicSignatures=function(){for(var b=0;b<this.revocationSignatures.length;b++)if(this.revocationSignatures[b].verify(this.publicKeyPacket.header+this.publicKeyPacket.data,this.publicKeyPacket))return!1;if(0!=this.subKeys.length){for(var a=!1,b=0;b<this.subKeys.length;b++)if(null!=this.subKeys[b]&&3==this.subKeys[b].verifyKey()){a=!0;break}if(!a)return!1}a=this.getKeyId();for(b=0;b<this.userIds.length;b++)for(var c=0;c<this.userIds[b].certificationRevocationSignatures.length;c++)if(this.userIds[b].certificationSignatures[c].getIssuer==
a&&4!=this.userIds[b].certificationSignatures[c].verifyBasic(this.publicKeyPacket))return!1;return!0};this.getSubKeyAsKey=function(b){var a=new openpgp_msg_publickey;a.userIds=this.userIds;a.userAttributes=this.userAttributes;a.publicKeyPacket=this.subKeys[b];return a}}
function openpgp_packet_compressed(){this.tagType=8;this.decompressedData=null;this.read_packet=function(b,a,c){this.packetLength=c;var d=a;this.type=b.charCodeAt(d++);this.compressedData=b.substring(a+1,a+c);return this};this.toString=function(){return"5.6. Compressed Data Packet (Tag 8)\n length: "+this.packetLength+"\n Compression Algorithm = "+this.type+"\n Compressed Data: Byte ["+util.hexstrdump(this.compressedData)+"]\n"};this.compress=function(b,a){this.type=b;this.decompressedData=
a;switch(this.type){case 0:this.compressedData=this.decompressedData;break;case 1:util.print_error("Compression algorithm ZIP [RFC1951] is not implemented.");break;case 2:util.print_error("Compression algorithm ZLIB [RFC1950] is not implemented.");break;case 3:util.print_error("Compression algorithm BZip2 [BZ2] is not implemented.");break;default:util.print_error("Compression algorithm unknown :"+this.type)}this.packetLength=this.compressedData.length+1;return this.compressedData};this.decompress=
function(){if(null!=this.decompressedData)return this.decompressedData;if(null==this.type)return null;switch(this.type){case 0:this.decompressedData=this.compressedData;break;case 1:util.print_info("Decompressed packet [Type 1-ZIP]: "+this.toString());var b=this.compressedData,b=s2r(b).replace(/\n/g,""),b=new JXG.Util.Unzip(JXG.Util.Base64.decodeAsArray(b));this.decompressedData=unescape(b.deflate()[0][0]);break;case 2:util.print_info("Decompressed packet [Type 2-ZLIB]: "+this.toString());if(8==this.compressedData.charCodeAt(0)%

13
src/openpgp.msg.publickey.js
View File

@ -216,16 +216,19 @@ function openpgp_msg_publickey() {
* @returns null if no encryption key has been found
*/
function getEncryptionKey() {
if (this.publicKeyPacket.publicKeyAlgorithm != 17 && this.publicKeyPacket.publicKeyAlgorithm != 3
&& this.publicKeyPacket.verifyKey())
return this.publicKeyPacket;
else if (this.publicKeyPacket.version == 4) // V3 keys MUST NOT have subkeys.
for (var j = 0; j < this.subKeys.length; j++)
// V4: by convention subkeys are prefered for encryption service
// V3: keys MUST NOT have subkeys
for (var j = 0; j < this.subKeys.length; j++)
if (this.subKeys[j].publicKeyAlgorithm != 17 &&
this.subKeys[j].publicKeyAlgorithm != 3 &&
this.subKeys[j].verifyKey()) {
return this.subKeys[j];
}
// if no valid subkey for encryption, use primary key
if (this.publicKeyPacket.publicKeyAlgorithm != 17 && this.publicKeyPacket.publicKeyAlgorithm != 3
&& this.publicKeyPacket.verifyKey()) {
return this.publicKeyPacket;
}
return null;
}