suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Verify subkey revocation signatures according to: http://www.rfc-editor.org/errata_search.php?rfc=4880&eid=3298

Browse Source
This commit is contained in:
Thomas Oberndörfer 2014-02-04 17:44:22 +01:00
parent ce1239f4e8
commit a9c9f78dd4
4 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/key.js
View File

@ -640,7 +640,7 @@ SubKey.prototype.verify = function(primaryKey) {
// check subkey revocation signature
if (this.revocationSignature && !this.revocationSignature.isExpired() &&
(this.revocationSignature.verified ||
this.revocationSignature.verify(primaryKey, {key: this.subKey}))) {
this.revocationSignature.verify(primaryKey, {key:primaryKey, bind: this.subKey}))) {
return enums.keyStatus.revoked;
}
// check V3 expiration time

2
src/packet/signature.js
View File

@ -551,6 +551,7 @@ Signature.prototype.toSign = function (type, data) {
break;
case t.subkey_binding:
case t.subkey_revocation:
case t.key_binding:
return this.toSign(t.key, data) + this.toSign(t.key, {
key: data.bind
@ -563,7 +564,6 @@ Signature.prototype.toSign = function (type, data) {
return data.key.writeOld();
case t.key_revocation:
case t.subkey_revocation:
return this.toSign(t.key, data);
case t.timestamp:
return '';

2
test/general/key.js
View File

@ -278,7 +278,7 @@ describe('Key', function() {
done();
});
it.skip('Verify status of revoked subkey', function(done) {
it('Verify status of revoked subkey', function(done) {
var pubKeys = openpgp.key.readArmored(pub_sig_test);
expect(pubKeys).to.exist;
expect(pubKeys.err).to.not.exist;

4
test/general/signature.js
View File

@ -545,10 +545,10 @@ describe("Signature", function() {
done();
});
it.skip('Verify subkey revocation signature', function(done) {
it('Verify subkey revocation signature', function(done) {
var pubKey = openpgp.key.readArmored(pub_revoked).keys[0];
var verified = pubKey.subKeys[0].revocationSignature.verify(pubKey.primaryKey, {key: pubKey.subKeys[0].subKey});
var verified = pubKey.subKeys[0].revocationSignature.verify(pubKey.primaryKey, {key: pubKey.primaryKey, bind: pubKey.subKeys[0].subKey});
expect(verified).to.be.true;
done();