suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Slightly simplifies key.js; adds key.verifyKeyPackets which should be run before getEncryption/SigningKeyPacket

Browse Source
This commit is contained in:
Mahrud Sayrafi 2018-03-04 07:00:44 -08:00 committed by Sanjana Rajan
parent 354b961b67
commit ec22dabac3
9 changed files with 373 additions and 367 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/config/config.js
View File

@ -53,6 +53,8 @@ export default {
* @property {Boolean} password_collision_check
*/
password_collision_check: false,
/** @property {Boolean} revocations_expire If true, expired revocation signatures are ignored */
revocations_expire: false,
/** @property {Boolean} use_native Use native Node.js crypto/zlib and WebCrypto APIs when available */
use_native: true,

7
src/crypto/public_key/elliptic/key.js
View File

@ -234,13 +234,6 @@ const ECDSASignature = nodeCrypto ?
);
}) : undefined;
const ECParameters = nodeCrypto ?
asn1.define('ECParameters', function() {
this.choice({
namedCurve: this.objid()
});
}) : undefined;
const ECPrivateKey = nodeCrypto ?
asn1.define('ECPrivateKey', function() {
this.seq().obj(

671
src/key.js
View File

File diff suppressed because it is too large Load Diff

30
src/message.js
View File

@ -148,24 +148,23 @@ Message.prototype.decryptSessionKeys = async function(privateKeys, passwords) {
if (!symESKeyPacketlist) {
throw new Error('No symmetrically encrypted session key packet found.');
}
await Promise.all(symESKeyPacketlist.map(async function(packet) {
await Promise.all(symESKeyPacketlist.map(async function(keyPacket) {
await Promise.all(passwords.map(async function(password) {
try {
await packet.decrypt(password);
keyPackets.push(packet);
await keyPacket.decrypt(password);
keyPackets.push(keyPacket);
} catch (err) {}
}));
}));
} else if (privateKeys) {
const pkESKeyPacketlist = this.packets.filterByTag(enums.packet.publicKeyEncryptedSessionKey);
if (!pkESKeyPacketlist) {
throw new Error('No public key encrypted session key packet found.');
}
await Promise.all(pkESKeyPacketlist.map(async function(packet) {
await Promise.all(pkESKeyPacketlist.map(async function(keyPacket) {
const privateKeyPackets = privateKeys.reduce(function(acc, privateKey) {
return acc.concat(privateKey.getKeyPackets(packet.publicKeyId));
}, []);
return acc.concat(privateKey.getKeyPackets(keyPacket.publicKeyId));
}, new packet.List());
await Promise.all(privateKeyPackets.map(async function(privateKeyPacket) {
if (!privateKeyPacket) {
return;
@ -174,8 +173,8 @@ Message.prototype.decryptSessionKeys = async function(privateKeys, passwords) {
throw new Error('Private key is not decrypted.');
}
try {
await packet.decrypt(privateKeyPacket);
keyPackets.push(packet);
await keyPacket.decrypt(privateKeyPacket);
keyPackets.push(keyPacket);
} catch (err) {}
}));
}));
@ -302,7 +301,7 @@ export async function encryptSessionKey(sessionKey, symAlgo, publicKeys, passwor
if (publicKeys) {
const results = await Promise.all(publicKeys.map(async function(key) {
await key.verifyPrimaryUser();
await key.verifyKeyPackets(undefined, date);
const encryptionKeyPacket = key.getEncryptionKeyPacket(undefined, date);
if (!encryptionKeyPacket) {
throw new Error('Could not find valid key packet for encryption in key ' + key.primaryKey.getKeyId().toHex());
@ -318,7 +317,6 @@ export async function encryptSessionKey(sessionKey, symAlgo, publicKeys, passwor
}));
packetlist.concat(results);
}
if (passwords) {
const testDecrypt = async function(keyPacket, password) {
try {
@ -396,7 +394,7 @@ Message.prototype.sign = async function(privateKeys=[], signature=null, date=new
if (privateKey.isPublic()) {
throw new Error('Need private key for signing');
}
await privateKey.verifyPrimaryUser();
await privateKey.verifyKeyPackets(undefined, date);
const signingKeyPacket = privateKey.getSigningKeyPacket(undefined, date);
if (!signingKeyPacket) {
throw new Error('Could not find valid key packet for signing in key ' +
@ -475,10 +473,11 @@ export async function createSignaturePackets(literalDataPacket, privateKeys, sig
if (privateKey.isPublic()) {
throw new Error('Need private key for signing');
}
await privateKey.verifyPrimaryUser();
await privateKey.verifyKeyPackets(undefined, date);
const signingKeyPacket = privateKey.getSigningKeyPacket(undefined, date);
if (!signingKeyPacket) {
throw new Error('Could not find valid key packet for signing in key ' + privateKey.primaryKey.getKeyId().toHex());
throw new Error('Could not find valid key packet for signing in key ' +
privateKey.primaryKey.getKeyId().toHex());
}
if (!signingKeyPacket.isDecrypted) {
throw new Error('Private key is not decrypted.');
@ -545,15 +544,14 @@ export async function createVerificationObjects(signatureList, literalDataList,
return Promise.all(signatureList.map(async function(signature) {
let keyPacket = null;
await Promise.all(keys.map(async function(key) {
await key.verifyPrimaryUser();
// Look for the unique key packet that matches issuerKeyId of signature
await key.verifyKeyPackets(signature.issuerKeyId, date);
const result = key.getSigningKeyPacket(signature.issuerKeyId, date);
if (result) {
keyPacket = result;
}
}));
// Look for the unique key packet that matches issuerKeyId of signature
const verifiedSig = {
keyid: signature.issuerKeyId,
valid: keyPacket ? await signature.verify(keyPacket, literalDataList[0]) : null

14
src/packet/packetlist.js
View File

@ -177,6 +177,19 @@ Packetlist.prototype.some = async function (callback) {
return false;
};
/**
* Executes the callback function once for each element,
* returns true if all callbacks returns a truthy value
*/
Packetlist.prototype.every = function (callback) {
for (let i = 0; i < this.length; i++) {
if (!callback(this[i], i, this)) {
return false;
}
}
return true;
};
/**
* Traverses packet tree and returns first matching packet
* @param {module:enums.packet} type The packet type
@ -240,6 +253,7 @@ Packetlist.prototype.concat = function (packetlist) {
this.push(packetlist[i]);
}
}
return this;
};
/**

1
src/packet/signature.js
View File

@ -86,6 +86,7 @@ export default function Signature(date=new Date()) {
this.embeddedSignature = null;
this.verified = null;
this.revoked = null;
}
/**

2
src/type/keyid.js
View File

@ -53,7 +53,7 @@ Keyid.prototype.toHex = function() {
};
Keyid.prototype.equals = function(keyid) {
return this.bytes === keyid.bytes;
return keyid.isWildcard() || this.bytes === keyid.bytes;
};
Keyid.prototype.isNull = function() {

7
test/general/key.js
View File

@ -1278,10 +1278,11 @@ describe('Key', function() {
});
});
it('Find a valid subkey binding signature among many invalid ones', function(done) {
it('Find a valid subkey binding signature among many invalid ones', function() {
const k = openpgp.key.readArmored(valid_binding_sig_among_many_expired_sigs_pub).keys[0];
expect(k.getEncryptionKeyPacket()).to.not.be.null;
done();
return k.verifyKeyPackets().then(() => {
expect(k.getEncryptionKeyPacket()).to.not.be.null;
})
});
});

6
test/general/signature.js
View File

@ -448,8 +448,7 @@ describe("Signature", function() {
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
const keyids = esMsg.getEncryptionKeyIds();
privKey.decryptKeyPacket(keyids, 'hello world');
esMsg.getEncryptionKeyIds().map(keyId => privKey.decrypt('hello world', keyId));
return openpgp.decrypt({ privateKeys: privKey, publicKeys:[pubKey], message:esMsg }).then(function(decrypted) {
expect(decrypted.data).to.exist;
@ -483,8 +482,7 @@ describe("Signature", function() {
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
const keyids = esMsg.getEncryptionKeyIds();
privKey.decryptKeyPacket(keyids, 'hello world');
esMsg.getEncryptionKeyIds().map(keyId => privKey.decrypt('hello world', keyId));
return openpgp.decrypt({ privateKeys: privKey, publicKeys:[pubKey], message:esMsg }).then(function(decrypted) {
expect(decrypted.data).to.exist;