suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Internally use createSignaturePacket helper whenever possible

Browse Source
This commit is contained in:
larabr 2023-09-29 13:00:44 +02:00
parent 1fd9d2f0c5
commit b6fbab0443
2 changed files with 24 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/key/factory.js
View File

@ -197,50 +197,50 @@ async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options, conf
const dataToSign = {}; const dataToSign = {};
dataToSign.userID = userIDPacket; dataToSign.userID = userIDPacket;
dataToSign.key = secretKeyPacket; dataToSign.key = secretKeyPacket;
const signaturePacket = new SignaturePacket();
signaturePacket.signatureType = enums.signature.certGeneric; const signatureProperties = {};
signaturePacket.publicKeyAlgorithm = secretKeyPacket.algorithm; signatureProperties.signatureType = enums.signature.certGeneric;
signaturePacket.hashAlgorithm = await helper.getPreferredHashAlgo(null, secretKeyPacket, undefined, undefined, config); signatureProperties.keyFlags = [enums.keyFlags.certifyKeys | enums.keyFlags.signData];
signaturePacket.keyFlags = [enums.keyFlags.certifyKeys | enums.keyFlags.signData]; signatureProperties.preferredSymmetricAlgorithms = createPreferredAlgos([
signaturePacket.preferredSymmetricAlgorithms = createPreferredAlgos([
// prefer aes256, aes128, then aes192 (no WebCrypto support: https://www.chromium.org/blink/webcrypto#TOC-AES-support) // prefer aes256, aes128, then aes192 (no WebCrypto support: https://www.chromium.org/blink/webcrypto#TOC-AES-support)
enums.symmetric.aes256, enums.symmetric.aes256,
enums.symmetric.aes128, enums.symmetric.aes128,
enums.symmetric.aes192 enums.symmetric.aes192
], config.preferredSymmetricAlgorithm); ], config.preferredSymmetricAlgorithm);
if (config.aeadProtect) { if (config.aeadProtect) {
signaturePacket.preferredAEADAlgorithms = createPreferredAlgos([ signatureProperties.preferredAEADAlgorithms = createPreferredAlgos([
enums.aead.eax, enums.aead.eax,
enums.aead.ocb enums.aead.ocb
], config.preferredAEADAlgorithm); ], config.preferredAEADAlgorithm);
} }
signaturePacket.preferredHashAlgorithms = createPreferredAlgos([ signatureProperties.preferredHashAlgorithms = createPreferredAlgos([
// prefer fast asm.js implementations (SHA-256) // prefer fast asm.js implementations (SHA-256)
enums.hash.sha256, enums.hash.sha256,
enums.hash.sha512 enums.hash.sha512
], config.preferredHashAlgorithm); ], config.preferredHashAlgorithm);
signaturePacket.preferredCompressionAlgorithms = createPreferredAlgos([ signatureProperties.preferredCompressionAlgorithms = createPreferredAlgos([
enums.compression.zlib, enums.compression.zlib,
enums.compression.zip, enums.compression.zip,
enums.compression.uncompressed enums.compression.uncompressed
], config.preferredCompressionAlgorithm); ], config.preferredCompressionAlgorithm);
if (index === 0) { if (index === 0) {
signaturePacket.isPrimaryUserID = true; signatureProperties.isPrimaryUserID = true;
} }
// integrity protection always enabled // integrity protection always enabled
signaturePacket.features = [0]; signatureProperties.features = [0];
signaturePacket.features[0] |= enums.features.modificationDetection; signatureProperties.features[0] |= enums.features.modificationDetection;
if (config.aeadProtect) { if (config.aeadProtect) {
signaturePacket.features[0] |= enums.features.aead; signatureProperties.features[0] |= enums.features.aead;
} }
if (config.v5Keys) { if (config.v5Keys) {
signaturePacket.features[0] |= enums.features.v5Keys; signatureProperties.features[0] |= enums.features.v5Keys;
} }
if (options.keyExpirationTime > 0) { if (options.keyExpirationTime > 0) {
signaturePacket.keyExpirationTime = options.keyExpirationTime; signatureProperties.keyExpirationTime = options.keyExpirationTime;
signaturePacket.keyNeverExpires = false; signatureProperties.keyNeverExpires = false;
} }
await signaturePacket.sign(secretKeyPacket, dataToSign, options.date);
const signaturePacket = await helper.createSignaturePacket(dataToSign, null, secretKeyPacket, signatureProperties, options.date, undefined, undefined, undefined, config);
return { userIDPacket, signaturePacket }; return { userIDPacket, signaturePacket };
})).then(list => { })).then(list => {

17
src/key/helper.js
View File

@ -86,23 +86,20 @@ export async function createBindingSignature(subkey, primaryKey, options, config
const dataToSign = {}; const dataToSign = {};
dataToSign.key = primaryKey; dataToSign.key = primaryKey;
dataToSign.bind = subkey; dataToSign.bind = subkey;
const subkeySignaturePacket = new SignaturePacket(); const signatureProperties = { signatureType: enums.signature.subkeyBinding };
subkeySignaturePacket.signatureType = enums.signature.subkeyBinding;
subkeySignaturePacket.publicKeyAlgorithm = primaryKey.algorithm;
subkeySignaturePacket.hashAlgorithm = await getPreferredHashAlgo(null, primaryKey, undefined, undefined, config);
if (options.sign) { if (options.sign) {
subkeySignaturePacket.keyFlags = [enums.keyFlags.signData]; signatureProperties.keyFlags = [enums.keyFlags.signData];
subkeySignaturePacket.embeddedSignature = await createSignaturePacket(dataToSign, null, subkey, { signatureProperties.embeddedSignature = await createSignaturePacket(dataToSign, null, subkey, {
signatureType: enums.signature.keyBinding signatureType: enums.signature.keyBinding
}, options.date, undefined, undefined, undefined, config); }, options.date, undefined, undefined, undefined, config);
} else { } else {
subkeySignaturePacket.keyFlags = [enums.keyFlags.encryptCommunication | enums.keyFlags.encryptStorage]; signatureProperties.keyFlags = [enums.keyFlags.encryptCommunication | enums.keyFlags.encryptStorage];
} }
if (options.keyExpirationTime > 0) { if (options.keyExpirationTime > 0) {
subkeySignaturePacket.keyExpirationTime = options.keyExpirationTime; signatureProperties.keyExpirationTime = options.keyExpirationTime;
subkeySignaturePacket.keyNeverExpires = false; signatureProperties.keyNeverExpires = false;
} }
await subkeySignaturePacket.sign(primaryKey, dataToSign, options.date); const subkeySignaturePacket = await createSignaturePacket(dataToSign, null, primaryKey, signatureProperties, options.date, undefined, undefined, undefined, config);
return subkeySignaturePacket; return subkeySignaturePacket;
} }