Refactor key generation to use callback

* TODO: reactive native web crypto in rsa.js:142 * TODO: generate publicExponent Uint8Array from argument E in rsa.js:148 * TODO: signing with generated web crypto key fails with "Could not find valid key packet for signing in key"
2014-09-30 15:38:02 +02:00 · 2014-09-30 15:38:02 +02:00 · cbe4a17ccb
commit cbe4a17ccb
parent d6963f2017
12 changed files with 650 additions and 583 deletions
--- a/package.json
+++ b/package.json
@ -1,7 +1,7 @@
 {
  "name": "openpgp",
  "description": "OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.",
-  "version": "0.7.2",
+  "version": "0.8.0-dev",
  "homepage": "http://openpgpjs.org/",
  "engines": {
    "node": ">=0.8"
--- a/src/crypto/crypto.js
+++ b/src/crypto/crypto.js
@ -178,15 +178,19 @@ module.exports = {
    }
  },
-  generateMpi: function(algo, bits) {
+  generateMpi: function(algo, bits, callback) {
    var result = (function() {
    switch (algo) {
      case 'rsa_encrypt':
      case 'rsa_encrypt_sign':
      case 'rsa_sign':
        //remember "publicKey" refers to the crypto/public_key dir
        var rsa = new publicKey.rsa();
-          var keyObject = rsa.generate(bits, "10001");
+        rsa.generate(bits, "10001", function(err, keyObject) {
          if (err) {
            callback(err);
            return;
          }
          var output = [];
          output.push(keyObject.n);
          output.push(keyObject.ee);
@ -194,17 +198,21 @@ module.exports = {
          output.push(keyObject.p);
          output.push(keyObject.q);
          output.push(keyObject.u);
          return output;
        default:
          throw new Error('Unsupported algorithm for key generation.');
      }
    })();
          callback(null, mapResult(output));
        });
        break;
      default:
        callback(new Error('Unsupported algorithm for key generation.'));
    }
    function mapResult(result) {
      return result.map(function(bn) {
        var mpi = new type_mpi();
        mpi.fromBigInteger(bn);
        return mpi;
      });
    }
  },
--- a/src/crypto/public_key/rsa.js
+++ b/src/crypto/public_key/rsa.js
@ -133,13 +133,15 @@ function RSA() {
  // Generate a new random private key B bits long, using public expt E
-  function generate(B, E) {
+  function generate(B, E, callback) {
    //
-    // Web Crypto RSA keygen proposal example
+    // Native RSA keygen using Web Crypto
    //
-    if (typeof window !== 'undefined' && window.crypto && window.crypto.subtle) {
+    if (false && typeof window !== 'undefined' && window.crypto && (window.crypto.subtle || window.crypto.webkitSubtle)) {
      var subtle = window.crypto.subtle || window.crypto.webkitSubtle;
      var keyGenOpt = {
        name: 'RSASSA-PKCS1-v1_5',
        modulusLength: B, // the specified keysize in bits
@ -151,52 +153,34 @@ function RSA() {
      var extractable = true; // make generated key extractable
-      window.crypto.subtle.generateKey(keyGenOpt, extractable, ['sign', 'verify'])
+      subtle.generateKey(keyGenOpt, extractable, ['sign', 'verify'])
-        .then(onGenerated)
+        .then(onGenerated, callback)
-        .then(onExported);
+        .then(onExported, callback);
      return;
    }
    function onGenerated(key) {
      // export the generated keys as JsonWebKey (JWK)
      // https://tools.ietf.org/html/draft-ietf-jose-json-web-key-33
-      var p1 = window.crypto.subtle.exportKey('jwk', key.privateKey);
+      return subtle.exportKey('jwk', key.privateKey);
      var p2 = window.crypto.subtle.exportKey('jwk', key.publicKey);
      return window.Promise.all([p1, p2]);
    }
-    function onExported(exported) {
+    function onExported(jwk) {
      // Exported JWK has the following encoded parameters: n, p, q, qi, ...
      var privKey = exported[0];
      var pubKey = exported[1];
      console.log('Exported private key: ', privKey);
      console.log('Exported public key: ', pubKey);
      var d = privKey.d;
      var dp = privKey.dp;
      var dq = privKey.dq;
      var e = privKey.e;
      var n = privKey.n;
      var p = privKey.p;
      var q = privKey.q;
      var qi = privKey.qi;
      // map JWK parameters to local BigInteger type system
      var key = new keyObject();
-      key.n = new BigInteger(util.hexstrdump(base64(n)), 16);
+      key.n = new BigInteger(util.hexstrdump(base64(jwk.n)), 16);
      key.ee = new BigInteger(E, 16);
-      key.d = new BigInteger(util.hexstrdump(base64(d)), 16);
+      key.d = new BigInteger(util.hexstrdump(base64(jwk.d)), 16);
-      key.p = new BigInteger(util.hexstrdump(base64(p)), 16);
+      key.p = new BigInteger(util.hexstrdump(base64(jwk.p)), 16);
-      key.q = new BigInteger(util.hexstrdump(base64(q)), 16);
+      key.q = new BigInteger(util.hexstrdump(base64(jwk.q)), 16);
      key.u = key.p.modInverse(key.q);
      function base64(base64url) {
-        return base64url.replace(/-/g, '+').replace(/_/g, '/')
+        return base64url.replace(/-/g, '+').replace(/_/g, '/');
      }
-      // TODO: add async style callback
+      callback(null, key);
    }
    //
@ -236,7 +220,8 @@ function RSA() {
        break;
      }
    }
-    return key;
+
    callback(null, key);
  }
  this.encrypt = encrypt;
--- a/src/key.js
+++ b/src/key.js
@ -910,7 +910,9 @@ function readArmored(armoredText) {
 * @return {module:key~Key}
 * @static
 */
-function generate(options) {
+function generate(options, callback) {
  var packetlist, secretKeyPacket, userIdPacket, dataToSign, signaturePacket, secretSubkeyPacket, subkeySignaturePacket;
  options.keyType = options.keyType || enums.publicKey.rsa_encrypt_sign;
  // RSA Encrypt-Only and RSA Sign-Only are deprecated and SHOULD NOT be generated
  if (options.keyType !== enums.publicKey.rsa_encrypt_sign) {
@ -921,22 +923,29 @@ function generate(options) {
    options.unlocked = true;
  }
-  var packetlist = new packet.List();
+  packetlist = new packet.List();
-  var secretKeyPacket = new packet.SecretKey();
+  secretKeyPacket = new packet.SecretKey();
  secretKeyPacket.algorithm = enums.read(enums.publicKey, options.keyType);
-  secretKeyPacket.generate(options.numBits);
+  secretKeyPacket.generate(options.numBits, onSecretKeyGenerated);
  function onSecretKeyGenerated(err) {
    if (err) {
      callback(err);
      return;
    }
    if (options.passphrase) {
      secretKeyPacket.encrypt(options.passphrase);
    }
-  var userIdPacket = new packet.Userid();
+    userIdPacket = new packet.Userid();
    userIdPacket.read(options.userId);
-  var dataToSign = {};
+    dataToSign = {};
    dataToSign.userid = userIdPacket;
    dataToSign.key = secretKeyPacket;
-  var signaturePacket = new packet.Signature();
+    signaturePacket = new packet.Signature();
    signaturePacket.signatureType = enums.signature.cert_generic;
    signaturePacket.publicKeyAlgorithm = options.keyType;
    signaturePacket.hashAlgorithm = config.prefer_hash_algorithm;
@ -960,9 +969,17 @@ function generate(options) {
    }
    signaturePacket.sign(secretKeyPacket, dataToSign);
-  var secretSubkeyPacket = new packet.SecretSubkey();
+    secretSubkeyPacket = new packet.SecretSubkey();
    secretSubkeyPacket.algorithm = enums.read(enums.publicKey, options.keyType);
-  secretSubkeyPacket.generate(options.numBits);
+    secretSubkeyPacket.generate(options.numBits, onSecretSubkeyGenerated);
  }
  function onSecretSubkeyGenerated(err) {
    if (err) {
      callback(err);
      return;
    }
    if (options.passphrase) {
      secretSubkeyPacket.encrypt(options.passphrase);
    }
@ -970,7 +987,7 @@ function generate(options) {
    dataToSign = {};
    dataToSign.key = secretKeyPacket;
    dataToSign.bind = secretSubkeyPacket;
-  var subkeySignaturePacket = new packet.Signature();
+    subkeySignaturePacket = new packet.Signature();
    subkeySignaturePacket.signatureType = enums.signature.subkey_binding;
    subkeySignaturePacket.publicKeyAlgorithm = options.keyType;
    subkeySignaturePacket.hashAlgorithm = config.prefer_hash_algorithm;
@ -988,7 +1005,8 @@ function generate(options) {
      secretSubkeyPacket.clearPrivateMPIs();
    }
-  return new Key(packetlist);
+    callback(null, new Key(packetlist));
  }
 }
 /**
--- a/src/openpgp.js
+++ b/src/openpgp.js
@ -224,24 +224,28 @@ function verifyClearSignedMessage(publicKeys, msg, callback) {
 * @param {String}  options.userId     assumes already in form of "User Name <username@email.com>"
 * @param {String}  options.passphrase The passphrase used to encrypt the resulting private key
 * @param {Boolean} [options.unlocked=false]    The secret part of the generated key is unlocked
- * @param  {function} callback (optional) callback(error, result) for async style
+ * @param  {function} callback(error, result) The required callback
 * @return {Object} {key: module:key~Key, privateKeyArmored: String, publicKeyArmored: String}
 * @static
 */
 function generateKeyPair(options, callback) {
-  if (useWorker(callback)) {
+  if (!callback) {
    throw new Error('Callback must be set for key generation!');
  }
  // use web worker if web crypto apis are not supported
  if (!useWebCrypto() && useWorker(callback)) {
    asyncProxy.generateKeyPair(options, callback);
    return;
  }
-  return execute(function() {
+  key.generate(options, function(err, newKey) {
    var result = {};
    var newKey = key.generate(options);
    result.key = newKey;
    result.privateKeyArmored = newKey.armor();
    result.publicKeyArmored = newKey.toPublic().armor();
-    return result;
+    callback(null, result);
-  }, callback);
+  });
 }
 //
@ -257,12 +261,20 @@ function useWorker(callback) {
  }
  if (!asyncProxy) {
-    throw new Error('You need to set the worker path!');
+    console.log('You need to set the worker path!');
    return false;
  }
  return true;
 }
 /**
 * Check for WebCrypto support
 */
 function useWebCrypto() {
  return typeof window !== 'undefined' && window.crypto && (window.crypto.subtle || window.crypto.webkitSubtle);
 }
 /**
 * Command pattern that handles async calls gracefully
 */
--- a/src/packet/secret_key.js
+++ b/src/packet/secret_key.js
@ -270,9 +270,19 @@ SecretKey.prototype.decrypt = function (passphrase) {
  return true;
 };
-SecretKey.prototype.generate = function (bits) {
+SecretKey.prototype.generate = function (bits, callback) {
-  this.mpi = crypto.generateMpi(this.algorithm, bits);
+  var self = this;
-  this.isDecrypted = true;
+
  crypto.generateMpi(self.algorithm, bits, function(err, mpi) {
    if (err) {
      callback(err);
      return;
    }
    self.mpi = mpi;
    self.isDecrypted = true;
    callback();
  });
 };
 /**
--- a/src/worker/worker.js
+++ b/src/worker/worker.js
@ -110,12 +110,20 @@ onmessage = function (event) {
      break;
    case 'generate-key-pair':
      try {
-        data = window.openpgp.generateKeyPair(msg.options);
+        window.openpgp.generateKeyPair(msg.options, function(error, data) {
          if (error) {
            err = error.message;
            response({event: 'method-return', data: data, err: err});
            return;
          }
          data.key = data.key.toPacketlist();
          response({event: 'method-return', data: data, err: err});
        });
      } catch (e) {
        err = e.message;
      }
        response({event: 'method-return', data: data, err: err});
      }
      break;
    case 'decrypt-key':
      try {
--- a/test/general/basic.js
+++ b/test/general/basic.js
@ -8,8 +8,11 @@ var chai = require('chai'),
 describe('Basic', function() {
  describe("Key generation/encryption/decryption", function() {
-    var testHelper = function(passphrase, userid, message) {
+    var testHelper = function(passphrase, userid, message, done) {
-      var key = openpgp.generateKeyPair({numBits: 512, userId: userid, passphrase: passphrase});
+      var opt = {numBits: 512, userId: userid, passphrase: passphrase};
      openpgp.generateKeyPair(opt, function(err, key) {
        expect(err).to.not.exist;
        expect(key).to.exist;
        expect(key.key).to.exist;
        expect(key.privateKeyArmored).to.exist;
@ -50,15 +53,16 @@ describe('Basic', function() {
        expect(decrypted).to.exist;
        expect(decrypted.signatures[0].valid).to.be.true;
        expect(decrypted.text).to.equal(message);
        done();
      });
    };
    it('ASCII Text', function (done) {
-      testHelper('password', 'Test McTestington <test@example.com>', 'hello world');
+      testHelper('password', 'Test McTestington <test@example.com>', 'hello world', done);
      done();
    });
    it('Unicode Text', function (done) {
-      testHelper('●●●●', '♔♔♔♔ <test@example.com>', 'łäóć');
+      testHelper('●●●●', '♔♔♔♔ <test@example.com>', 'łäóć', done);
      done();
    });
    it('should fail to verify signature for wrong public key', function (done) {
@ -66,7 +70,9 @@ describe('Basic', function() {
      var passphrase = 'password';
      var message = 'hello world';
-      var key = openpgp.generateKeyPair({numBits: 512, userId: userid, passphrase: passphrase});
+      var opt = {numBits: 512, userId: userid, passphrase: passphrase};
      openpgp.generateKeyPair(opt, function(err, key) {
        expect(err).to.not.exist;
        var privKeys = openpgp.key.readArmored(key.privateKeyArmored);
        var publicKeys = openpgp.key.readArmored(key.publicKeyArmored);
@ -81,7 +87,9 @@ describe('Basic', function() {
        var msg = openpgp.message.readArmored(encrypted);
        expect(msg).to.exist;
-      var anotherKey = openpgp.generateKeyPair({numBits: 512, userId: userid, passphrase: passphrase});
+        openpgp.generateKeyPair(opt, function(err, anotherKey) {
          expect(err).to.not.exist;
          var anotherPubKey = openpgp.key.readArmored(anotherKey.publicKeyArmored).keys[0];
          var decrypted = openpgp.decryptAndVerifyMessage(privKey, [anotherPubKey], msg);
@ -90,6 +98,8 @@ describe('Basic', function() {
          expect(decrypted.text).to.equal(message);
          done();
        });
      });
    });
    it('Performance test', function (done) {
      // init test data
@ -103,7 +113,9 @@ describe('Basic', function() {
      var userid = 'Test McTestington <test@example.com>';
      var passphrase = 'password';
-      var key = openpgp.generateKeyPair({numBits: 512, userId: userid, passphrase: passphrase});
+      var opt = {numBits: 512, userId: userid, passphrase: passphrase};
      openpgp.generateKeyPair(opt, function(err, key) {
        expect(err).to.not.exist;
        var info = '\npassphrase: ' + passphrase + '\n' + 'userid: ' + userid + '\n' + 'message: ' + message;
@ -145,6 +157,7 @@ describe('Basic', function() {
        done();
      });
    });
  });
  describe("Message encryption/decryption", function() {
    var pub_key =
--- a/test/general/key.js
+++ b/test/general/key.js
@ -618,7 +618,7 @@ var pgp_desktop_priv =
    expect(prefAlgo).to.equal(openpgp.config.encryption_cipher);
  });
-  it('Preferences of generated key', function() {
+  it('Preferences of generated key', function(done) {
    var testPref = function(key) {
      // key flags
      var keyFlags = openpgp.enums.keyFlags;
@ -633,10 +633,14 @@ var pgp_desktop_priv =
      var compr = openpgp.enums.compression;
      expect(key.users[0].selfCertifications[0].preferredCompressionAlgorithms).to.eql([compr.zlib, compr.zip]);
      expect(key.users[0].selfCertifications[0].features).to.eql(openpgp.config.integrity_protect ? [1] : null); // modification detection
-    }
+    };
-    var key = openpgp.generateKeyPair({numBits: 512, userId: 'test', passphrase: 'hello'});
+    var opt = {numBits: 512, userId: 'test', passphrase: 'hello'};
    openpgp.generateKeyPair(opt, function(err, key) {
      expect(err).to.not.exist;
      testPref(key.key);
      testPref(openpgp.key.readArmored(key.publicKeyArmored).keys[0]);
      done();
    });
  });
  it('User attribute packet read & write', function() {
@ -653,11 +657,15 @@ var pgp_desktop_priv =
    expect(primUser.selfCertificate).to.be.an.instanceof(openpgp.packet.Signature);
  });
-  it('Generated key is not unlocked by default', function() {
+  it('Generated key is not unlocked by default', function(done) {
-    var key = openpgp.generateKeyPair({numBits: 512, userId: 'test', passphrase: '123'});
+    var opt = {numBits: 512, userId: 'test', passphrase: '123'};
    openpgp.generateKeyPair(opt, function(err, key) {
      expect(err).to.not.exist;
      var msg = openpgp.message.fromText('hello').encrypt([key.key]);
      msg = msg.decrypt.bind(msg, key.key);
      expect(msg).to.throw('Private key is not decrypted.');
      done();
    });
  });
 });
--- a/test/general/packet.js
+++ b/test/general/packet.js
@ -117,10 +117,12 @@ describe("Packet", function() {
  });
  it('Public key encrypted symmetric key packet', function(done) {
-		var rsa = new openpgp.crypto.publicKey.rsa(),
+    var rsa = new openpgp.crypto.publicKey.rsa();
 			mpi = rsa.generate(512, "10001")
-		var mpi = [mpi.n, mpi.ee, mpi.d, mpi.p, mpi.q, mpi.u];
+    rsa.generate(512, "10001", function(error, mpiGen) {
      expect(error).to.not.exist;
      var mpi = [mpiGen.n, mpiGen.ee, mpiGen.d, mpiGen.p, mpiGen.q, mpiGen.u];
      mpi = mpi.map(function(k) {
              var mpi = new openpgp.MPI();
@ -148,6 +150,7 @@ describe("Packet", function() {
      expect(msg2[0].sessionKeyAlgorithm).to.equal(enc.sessionKeyAlgorithm);
      done();
    });
  });
  it('Secret key packet (reading, unencrpted)', function(done) {
    var armored_key =
@ -240,7 +243,6 @@ describe("Packet", function() {
        '=iSaK\n' +
        '-----END PGP MESSAGE-----';
    var key = new openpgp.packet.List();
    key.read(openpgp.armor.decode(armored_key).data);
    key = key[3];
@ -380,11 +382,12 @@ describe("Packet", function() {
    var key = new openpgp.packet.List();
    key.push(new openpgp.packet.SecretKey);
-		var rsa = new openpgp.crypto.publicKey.rsa(),
+    var rsa = new openpgp.crypto.publicKey.rsa();
 			mpi = rsa.generate(512, "10001")
    rsa.generate(512, "10001", function(err, mipGen) {
        expect(err).to.not.exist;
-		var mpi = [mpi.n, mpi.ee, mpi.d, mpi.p, mpi.q, mpi.u];
+        var mpi = [mipGen.n, mipGen.ee, mipGen.d, mipGen.p, mipGen.q, mipGen.u];
        mpi = mpi.map(function(k) {
                var mpi = new openpgp.MPI();
@ -405,14 +408,17 @@ describe("Packet", function() {
        expect(key[0].mpi.toString()).to.equal(key2[0].mpi.toString());
        done();
    });
  });
  it('Writing and verification of a signature packet.', function(done) {
    var key = new openpgp.packet.SecretKey();
-		var rsa = new openpgp.crypto.publicKey.rsa,
+    var rsa = new openpgp.crypto.publicKey.rsa;
 			mpi = rsa.generate(512, "10001")
-		var mpi = [mpi.n, mpi.ee, mpi.d, mpi.p, mpi.q, mpi.u];
+    rsa.generate(512, "10001", function(err, mpiGen) {
        expect(err).to.not.exist;
        var mpi = [mpiGen.n, mpiGen.ee, mpiGen.d, mpiGen.p, mpiGen.q, mpiGen.u];
        mpi = mpi.map(function(k) {
                var mpi = new openpgp.MPI();
@ -447,4 +453,5 @@ describe("Packet", function() {
        expect(verified).to.be.true;
        done();
    });
  });
 });
--- a/test/general/signature.js
+++ b/test/general/signature.js
@ -636,13 +636,19 @@ describe("Signature", function() {
    expect(result[0].valid).to.be.true;
  });
-  it('Sign message with key without password', function() {
+  it('Sign message with key without password', function(done) {
-    var key = openpgp.generateKeyPair({numBits: 512, userId: 'ABC', passphrase: null}).key;
+    var opt = {numBits: 512, userId: 'ABC', passphrase: null};
    openpgp.generateKeyPair(opt, function(err, gen) {
      expect(err).to.not.exist;
      var key = gen.key;
      var message = openpgp.message.fromText('hello world');
      message = message.sign([key]);
      expect(message).to.exist;
      done();
    });
  });
 });
--- a/test/worker/api.js
+++ b/test/worker/api.js
@ -427,14 +427,6 @@ describe('High level API', function() {
      });
    });
    it('Generate 1024-bit RSA/RSA key sync', function () {
      var key = openpgp.generateKeyPair({numBits: 1024, userId: 'Test McTestington <test@example.com>', passphrase: 'hello world'});
      expect(key).to.exist;
      expect(key.publicKeyArmored).to.match(/^-----BEGIN PGP PUBLIC/);
      expect(key.privateKeyArmored).to.match(/^-----BEGIN PGP PRIVATE/);
      expect(key.key).to.be.an.instanceof(openpgp.key.Key);
    });
  });
  describe('Decrypt secret key', function() {