From e8adeef2780d98511a128c889b7e8742c50134f9 Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Fri, 20 Apr 2018 20:26:24 +0200
Subject: [PATCH] Implement Issuer Fingerprint subpacket

---
 src/enums.js            |  1 +
 src/packet/signature.js | 28 +++++++++++++++++++++++++++-
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/src/enums.js b/src/enums.js
index 5a3cc072..790685ec 100644
--- a/src/enums.js
+++ b/src/enums.js
@@ -373,6 +373,7 @@ export default {
     features: 30,
     signature_target: 31,
     embedded_signature: 32,
+    issuer_fingerprint: 33,
     preferred_aead_algorithms: 34
   },
 
diff --git a/src/packet/signature.js b/src/packet/signature.js
index 943d0925..355a3d29 100644
--- a/src/packet/signature.js
+++ b/src/packet/signature.js
@@ -84,6 +84,8 @@ function Signature(date=new Date()) {
   this.signatureTargetHashAlgorithm = null;
   this.signatureTargetHash = null;
   this.embeddedSignature = null;
+  this.issuerKeyVersion = null;
+  this.issuerFingerprint = null;
   this.preferredAeadAlgorithms = null;
 
   this.verified = null;
@@ -223,6 +225,13 @@ Signature.prototype.sign = async function (key, data) {
 
   const arr = [new Uint8Array([4, signatureType, publicKeyAlgorithm, hashAlgorithm])];
 
+  if (key.version === 5) {
+    // We could also generate this subpacket for version 4 keys, but for
+    // now we don't.
+    this.issuerKeyVersion = key.version;
+    this.issuerFingerprint = key.getFingerprintBytes();
+  }
+
   this.issuerKeyId = key.getKeyId();
 
   // Add hashed subpackets
@@ -293,7 +302,9 @@ Signature.prototype.write_all_sub_packets = function () {
     bytes = util.concatUint8Array([bytes, this.revocationKeyFingerprint]);
     arr.push(write_sub_packet(sub.revocation_key, bytes));
   }
-  if (!this.issuerKeyId.isNull()) {
+  if (!this.issuerKeyId.isNull() && this.issuerKeyVersion !== 5) {
+    // If the version of [the] key is greater than 4, this subpacket
+    // MUST NOT be included in the signature.
     arr.push(write_sub_packet(sub.issuer, this.issuerKeyId.write()));
   }
   if (this.notation !== null) {
@@ -356,6 +367,11 @@ Signature.prototype.write_all_sub_packets = function () {
   if (this.embeddedSignature !== null) {
     arr.push(write_sub_packet(sub.embedded_signature, this.embeddedSignature.write()));
   }
+  if (this.issuerFingerprint !== null) {
+    bytes = [new Uint8Array([this.issuerKeyVersion]), this.issuerFingerprint];
+    bytes = util.concatUint8Array(bytes);
+    arr.push(write_sub_packet(sub.issuer_fingerprint, bytes));
+  }
   if (this.preferredAeadAlgorithms !== null) {
     bytes = util.str_to_Uint8Array(util.Uint8Array_to_str(this.preferredAeadAlgorithms));
     arr.push(write_sub_packet(sub.preferred_aead_algorithms, bytes));
@@ -536,6 +552,16 @@ Signature.prototype.read_sub_packet = function (bytes) {
       this.embeddedSignature = new Signature();
       this.embeddedSignature.read(bytes.subarray(mypos, bytes.length));
       break;
+    case 33:
+      // Issuer Fingerprint
+      this.issuerKeyVersion = bytes[mypos++];
+      this.issuerFingerprint = bytes.subarray(mypos, bytes.length);
+      if (this.issuerKeyVersion === 5) {
+        this.issuerKeyId.read(this.issuerFingerprint);
+      } else {
+        this.issuerKeyId.read(this.issuerFingerprint.subarray(-8));
+      }
+      break;
     case 34:
       // Preferred AEAD Algorithms
       read_array.call(this, 'preferredAeadAlgorithms', bytes.subarray(mypos, bytes.length));