Verifiy user id signatures

This commit is contained in:
Tankred Hase 2016-06-10 14:37:39 +02:00
parent 9be7feab04
commit d5aba3257c

View File

@ -47,21 +47,35 @@ class PGP {
util.throw(400, 'Invalid PGP key: only one key can be uploaded'); util.throw(400, 'Invalid PGP key: only one key can be uploaded');
} }
let key = { let key = r.keys[0];
keyId: r.keys[0].primaryKey.getKeyId().toHex(), let primaryKey = key.primaryKey;
fingerprint: r.keys[0].primaryKey.fingerprint,
userIds: this.parseUserIds(r.keys[0].getUserIds()), // public key document that is stored in the database
created: r.keys[0].primaryKey.created, let keyDoc = {
algorithm: r.keys[0].primaryKey.algorithm, keyId: primaryKey.getKeyId().toHex(),
keySize: r.keys[0].primaryKey.getBitSize(), fingerprint: primaryKey.fingerprint,
userIds: this.parseUserIds(key.getUserIds()),
created: primaryKey.created,
algorithm: primaryKey.algorithm,
keySize: primaryKey.getBitSize(),
publicKeyArmored publicKeyArmored
}; };
if (!util.isKeyId(key.keyId) || !util.isFingerPrint(key.fingerprint)) { // accept version 4 keys only
if (!util.isKeyId(keyDoc.keyId) || !util.isFingerPrint(keyDoc.fingerprint)) {
util.throw(400, 'Invalid PGP key: only v4 keys are accepted'); util.throw(400, 'Invalid PGP key: only v4 keys are accepted');
} }
return key; // verify user id signatures
for (let user of key.users) {
for (let cert of user.selfCertifications) {
if (!user.isValidSelfCertificate(primaryKey, cert)) {
util.throw(400, 'Invalid PGP key: invalid user id signatures');
}
}
}
return keyDoc;
} }
/** /**