suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix key expiration time. Add key revocation unit test.

Browse Source
This commit is contained in:
Thomas Oberndörfer 2013-12-12 12:05:00 +01:00
parent d22facc61c
commit ff8d93f956
3 changed files with 115 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
resources/openpgp.js
View File

File diff suppressed because one or more lines are too long

37
src/packet/signature.js
View File

@ -44,14 +44,14 @@ module.exports = function packet_signature() {
this.created = new Date(); this.created = new Date();
this.signatureExpirationTime = null; this.signatureExpirationTime = null;
this.signatureNeverExpires = null; this.signatureNeverExpires = true;
this.exportable = null; this.exportable = null;
this.trustLevel = null; this.trustLevel = null;
this.trustAmount = null; this.trustAmount = null;
this.regularExpression = null; this.regularExpression = null;
this.revocable = null; this.revocable = null;
this.keyExpirationTime = null; this.keyExpirationTime = null;
this.keyNeverExpires = null; this.keyNeverExpires = true;
this.preferredSymmetricAlgorithms = null; this.preferredSymmetricAlgorithms = null;
this.revocationKeyClass = null; this.revocationKeyClass = null;
this.revocationKeyAlgorithm = null; this.revocationKeyAlgorithm = null;
@ -225,7 +225,7 @@ module.exports = function packet_signature() {
result += write_sub_packet(sub.signature_creation_time, util.writeDate(this.created)); result += write_sub_packet(sub.signature_creation_time, util.writeDate(this.created));
} }
if (this.signatureExpirationTime !== null) { if (this.signatureExpirationTime !== null) {
result += write_sub_packet(sub.signature_expiration_time, util.writeDate(this.signatureExpirationTime)); result += write_sub_packet(sub.signature_expiration_time, util.writeNumber(this.signatureExpirationTime, 4));
} }
if (this.exportable !== null) { if (this.exportable !== null) {
result += write_sub_packet(sub.exportable_certification, String.fromCharCode(this.exportable ? 1 : 0)); result += write_sub_packet(sub.exportable_certification, String.fromCharCode(this.exportable ? 1 : 0));
@ -241,7 +241,7 @@ module.exports = function packet_signature() {
result += write_sub_packet(sub.revocable, String.fromCharCode(this.revocable ? 1 : 0)); result += write_sub_packet(sub.revocable, String.fromCharCode(this.revocable ? 1 : 0));
} }
if (this.keyExpirationTime !== null) { if (this.keyExpirationTime !== null) {
result += write_sub_packet(sub.key_expiration_time, util.writeDate(this.keyExpirationTime)); result += write_sub_packet(sub.key_expiration_time, util.writeNumber(this.keyExpirationTime, 4));
} }
if (this.preferredSymmetricAlgorithms !== null) { if (this.preferredSymmetricAlgorithms !== null) {
bytes = util.bin2str(this.preferredSymmetricAlgorithms); bytes = util.bin2str(this.preferredSymmetricAlgorithms);
@ -361,11 +361,11 @@ module.exports = function packet_signature() {
this.created = util.readDate(bytes.substr(mypos)); this.created = util.readDate(bytes.substr(mypos));
break; break;
case 3: case 3:
// Signature Expiration Time // Signature Expiration Time in seconds
var time = util.readDate(bytes.substr(mypos)); var seconds = util.readNumber(bytes.substr(mypos));
this.signatureNeverExpires = time.getTime() == 0; this.signatureNeverExpires = seconds == 0;
this.signatureExpirationTime = time; this.signatureExpirationTime = seconds;
break; break;
case 4: case 4:
@ -386,11 +386,11 @@ module.exports = function packet_signature() {
this.revocable = bytes.charCodeAt(mypos++) == 1; this.revocable = bytes.charCodeAt(mypos++) == 1;
break; break;
case 9: case 9:
// Key Expiration Time // Key Expiration Time in seconds
var time = util.readDate(bytes.substr(mypos)); var seconds = util.readNumber(bytes.substr(mypos));
this.keyExpirationTime = time; this.keyExpirationTime = seconds;
this.keyNeverExpires = time.getTime() == 0; this.keyNeverExpires = seconds == 0;
break; break;
case 11: case 11:
@ -593,7 +593,7 @@ module.exports = function packet_signature() {
var mpicount = 0; var mpicount = 0;
// Algorithm-Specific Fields for RSA signatures: // Algorithm-Specific Fields for RSA signatures:
// - multiprecision number (MPI) of RSA signature value m**d mod n. // - multiprecision number (MPI) of RSA signature value m**d mod n.
if (publicKeyAlgorithm > 0 && publicKeyAlgorithm < 4) if (publicKeyAlgorithm > 0 && publicKeyAlgorithm < 4)
mpicount = 1; mpicount = 1;
// Algorithm-Specific Fields for DSA signatures: // Algorithm-Specific Fields for DSA signatures:
@ -615,4 +615,15 @@ module.exports = function packet_signature() {
return this.verified; return this.verified;
} }
/**
* Verifies signature expiration date
* @return {Boolean} true if expired
*/
this.isExpired = function() {
if (!this.signatureNeverExpires) {
return Date.now() > (this.created.getTime() + this.signatureExpirationTime*1000);
}
return false;
}
} }

66
test/general/signature.js
View File

@ -169,6 +169,58 @@ var pub_key_arm3 =
'=ummy', '=ummy',
'-----END PGP PUBLIC KEY BLOCK-----'].join('\n'); '-----END PGP PUBLIC KEY BLOCK-----'].join('\n');
var pub_revoked =
['-----BEGIN PGP PUBLIC KEY BLOCK-----',
'Version: GnuPG v2.0.19 (GNU/Linux)',
'',
'mQENBFKpincBCADhZjIihK15f3l+j87JgeLp9eUTSbn+g3gOFSR73TOMyBHMPt8O',
'KwuA+TN2sM86AooOR/2B2MjHBUZqrgeJe+sk5411yXezyYdQGZ8vlq/FeLeNF70D',
'JrvIC6tsEe2F9F7ICO7o7G+k5yveLaYQNU/okiP8Gj79XW3wN77+yAMwpQzBsrwa',
'UO/X4mDV59h1DdrTuN4g8SZhAmY/JfT7YCZuQ8ivOs9n7xPdbGpIQWGWjJLVWziC',
'7uvxN4eFOlCqvc6JwmS/xyYGKL2B3RcQuY+OlvQ3wxKFEGDfG73HtWBd2soB7/7p',
'w53mVcz5sLhkOWjMTj+VDDZ3jas+7VznaAbVABEBAAGJAToEIAECACQFAlKpj3od',
'HQNUZXN0aW5nIHJldm9rZSBjb21wbGV0ZSBrZXkACgkQO+K1SH0WBbOtJgf/XqJF',
'dfWJjXBPEdfDbnXW+OZcvVgUMEEKEKsS1MiB21BEQpsTiuOLLgDOnEKRDjT1Z9H/',
'6owkb1+iLOZRGcJIdXxxAi2W0hNwx3qSiYkJIaYIm6dhoTy77lAmrPGwjoBETflU',
'CdWWgYFUGQVNPnpCi0AizoHXX2S4zaVlLnDthss+/FtIiuiYAIbMzB902nhF0oKH',
'v5PTrm1IpbstchjHITtrRi4tdbyvpAmZFC6a+ydylijNyKkMeoMy0S+6tIAyaTym',
'V5UthMH/Kk2n3bWNY4YnjDcQpIPlPF1cEnqq2c47nYxHuYdGJsw9l1F88J0enL72',
'56LWk5waecsz6XOYXrQTVjMgS2V5IDx2M0BrZXkuY29tPokBMQQwAQIAGwUCUqmP',
'BRQdIFRlc3RpbmcgcmV2b2RlIHVpZAAKCRA74rVIfRYFszHUB/oCAV+IMzZF6uad',
'v0Gi+Z2qCY1Eqshdxv4i7J2G3174YGF9+0hMrHwsxBkVQ/oLZKBFjfP7Z1RZXxso',
'ts0dBho3XWZr3mrEk6Au6Ss+pbGNqq2XytV+CB3xY0DKX1Q0BJOEhgcSNn187jqd',
'XoKLuK/hy0Bk6YkXe1lv6HqkFxYGNB2MW0wSPjrfnjjHkM29bM0Q/JNVY4o/osmY',
'zoY/hc59fKBm5uBBL7kEtSkMO0KPVzqhvMCi5qW9/V9+vNn//WWOY+fAXYKa1cBo',
'aMykBfE2gGf/alIV9dFpHl+TkIT8lD8sY5dBmiKHN4D38PhuLdFWHXLe4ww7kqXt',
'JrD0bchKiQE/BBMBAgApBQJSqYp3AhsDBQkJZgGABwsJCAcDAgEGFQgCCQoLBBYC',
'AwECHgECF4AACgkQO+K1SH0WBbOOAwgAx9Qr6UciDbN2Bn1254YH6j5HZbVXGTA/',
'uQhZZGAYE/wDuZ5u8Z2U4giEZ3dwtblqRZ6WROmtELXn+3bGGbYjczHEFOKt4D/y',
'HtrjCtQX04eS+FfL453n7aaQbpmHou22UvV0hik+iagMbIrYnB6nqaui9k8HrGzE',
'1HE1AeC5UTlopEHb/KQRGLUmAlr8oJEhDVXLEq41exNTArJWa9QlimFZeaG+vcbz',
'2QarcmIXmZ3o+1ARwZKTK/20oCpF6/gUGnY3KMvpLYdW88Qznsp+7yWhpC1nchfW',
'7frQmuQa94yb5PN7kBJ83yF/SZiDggZ8YfcCf1DNcbw8bjPYyFNW3bkBDQRSqYp3',
'AQgA1Jgpmxwr2kmP2qj8FW9sQceylHJr4gUfSQ/4KPZbGFZhzK+xdEluBJOzxNbf',
'LQXhQOHbWFmlNrGpoVDawZbA5FL7w5WHYMmNY1AADmmP0uHbHqdOvOyz/boo3fU0',
'dcl0wOjo06vsUqLf8/3skQstUFjwLzjI2ebXWHXj5OSqZsoFvj+/P/NaOeVuAwFx',
'50vfUK19o40wsRoprgxmZOIL4uMioQ/V/QUr++ziahwqFwDQmqmj0bAzV/bIklSJ',
'jrLfs7amX8qiGPn8K5UyWzYMa2q9r0Srt/9wx+FoSRbqRvsqLFYoU3d745zX1W7o',
'dFcDddGMv5LMPnvNR+Qm7PUlowARAQABiQE0BCgBAgAeBQJSqY5XFx0DVGVzdGlu',
'ZyBzdWJrZXkgcmV2b2tlAAoJEDvitUh9FgWzsUoH/1MrYYo7aQErScnhbIVQ5qpB',
'qnqBTiyVGa3cqSPKUkT552dRs6TwsjFKnOs68MIZQ6qfliZE/ApKPQhxaHgmfWKI',
'Q09Qv04SKHqo9njX6E3q257DnvmQiv6c9PRA3G/p2doBrj3joaOVm/ZioiCZdf2W',
'l6akAf7j5DbcVRh8BQigM4EUhsVjBvGPYxqVNIM4aWHMTG62CaREa9g1PWOobASU',
'jX47B7/FFP4zCLkeb+znDMwc8jKWeUBp5sUGhWo74wFiD5Dp2Zz50qRi1u05nJXg',
'bIib7pwmH2CeDwmPRi/HRUrKBcqFzSYG5QVggQ5KMIU9M7zmvd8mDYE8MQbTLbaJ',
'ASUEGAECAA8FAlKpincCGwwFCQlmAYAACgkQO+K1SH0WBbPbnQgAxcYAS3YplyBI',
'ddNJQNvyrWnnuGXoGGKgkE8+LUR3rX3NK/c4pF7EFgrNxKIPrWZoIu7m1XNqoK3g',
'PwRXJfPPQWalVrhhOajtYipXumQVAe+q8DyxAZ5YJGrUvR9b96GRel9G+HsRlR1M',
'NV62ZXFdXVgg9FZJHDR8fa1Zy93xC0JSKu4ZoCrH5ybw+DPCngogDl4KwgdV5y4e',
'EAZpGDSq7PrdsgZTiSuepwVw116GWJm1zecmh6FdpZL/ZrE6EfYcCGJqJiVfDiCR',
'jgvGbcTzxnvrRmDevmJUdXBSAE11OYQuDGlhgFCU0o9cdX+k+QqP5wNycXhoJ+yk',
'pMiJM+NJAQ==',
'=ok+o',
'-----END PGP PUBLIC KEY BLOCK-----'].join('\n');
var tests = [function() { var tests = [function() {
var priv_key = openpgp.key.readArmored(priv_key_arm1).packets; var priv_key = openpgp.key.readArmored(priv_key_arm1).packets;
@ -417,6 +469,20 @@ var pub_key_arm3 =
verified = verified && cleartextSig.signatures[0].valid; verified = verified && cleartextSig.signatures[0].valid;
return new unit.result("Sign text with openpgp.signClearMessage and verify with openpgp.verifyClearSignedMessage leads to same cleartext and valid signatures", verified); return new unit.result("Sign text with openpgp.signClearMessage and verify with openpgp.verifyClearSignedMessage leads to same cleartext and valid signatures", verified);
}, function() {
var pubKey = openpgp.key.readArmored(pub_revoked);
var verified = pubKey.packets[1].verify(pubKey.packets[0], {key: pubKey.packets[0]});
return new unit.result("Verify revocation signature", verified);
}, function() {
var pubKey = openpgp.key.readArmored(pub_revoked);
var verified = !pubKey.packets[4].keyNeverExpires && pubKey.packets[4].keyExpirationTime == 5*365*24*60*60;
return new unit.result("Verify key expiration date", verified);
}]; }];
var results = []; var results = [];