Commit 23b58c2f authored by Cédric Moreau's avatar Cédric Moreau

Generating a root keyblock through gen-root command

parent 34231be7
......@@ -37,7 +37,10 @@ function KeyHelper (packetList) {
};
this.getBase64publicKey = function (){
return key.getKeyPacket() && base64.encode(key.getKeyPacket().write());
var packets = new PacketList();
if (key.getKeyPacket())
packets.push(key.getKeyPacket());
return base64.encode(packets.write());
};
this.getBase64primaryUser = function (){
......@@ -66,7 +69,7 @@ function KeyHelper (packetList) {
this.getBase64subkeys = function (){
var bSubkeys = [];
(key.subKeys || []).forEach(function(subkeyWrapper){
if (subkeyWrapper.isValidSigningKey(key) || subkeyWrapper.isValidEncryptionKey(key)) {
if (subkeyWrapper.isValidSigningKey(key.primaryKey) || subkeyWrapper.isValidEncryptionKey(key.primaryKey)) {
var packets = new PacketList();
packets.push(subkeyWrapper.subKey);
packets.push(subkeyWrapper.bindingSignature);
......@@ -75,4 +78,19 @@ function KeyHelper (packetList) {
});
return bSubkeys;
};
this.getPotentials = function (){
var potentials = [];
if (that.hasValidUdid2()) {
potentials.push(that.getBase64publicKey());
potentials.push(that.getBase64primaryUser());
that.getBase64primaryUserOtherCertifications().forEach(function(base64SubKey){
potentials.push(base64SubKey);
});
that.getBase64subkeys().forEach(function(base64SubKey){
potentials.push(base64SubKey);
});
}
return potentials;
};
}
......@@ -84,7 +84,30 @@ PublicKeySchema.methods = {
getRaw: function () {
return this.raw;
}
},
getWritablePacketsWithoutOtherCertifications: function (){
var wrappedKey = KHelper.fromArmored(this.raw);
var packets = new openpgp.packet.List();
var potentials = wrappedKey.getPotentials();
var pubkeyPkt = wrappedKey.getBase64publicKey();
// Pubkey packet
if (~potentials.indexOf(pubkeyPkt)) {
packets.read(base64.decode(pubkeyPkt));
}
// UserID packets
var userIDPkt = wrappedKey.getBase64primaryUser();
if (~potentials.indexOf(userIDPkt)) {
packets.read(base64.decode(userIDPkt));
}
// SubKey packets
wrappedKey.getBase64subkeys().forEach(function(subKPkt){
if (~potentials.indexOf(subKPkt)) {
packets.read(base64.decode(subKPkt));
}
});
return packets;
},
};
PublicKeySchema.statics.getTheOne = function (keyID, done) {
......@@ -216,17 +239,7 @@ PublicKeySchema.statics.persist = function (pubkey, done) {
// Merges packets
storedKey.update(comingKey);
var kh = KHelper.fromPackets(storedKey.toPacketlist());
var potentials = [];
if (kh.hasValidUdid2()) {
potentials.push(kh.getBase64publicKey());
potentials.push(kh.getBase64primaryUser());
kh.getBase64primaryUserOtherCertifications().forEach(function(base64SubKey){
potentials.push(base64SubKey);
});
kh.getBase64subkeys().forEach(function(base64SubKey){
potentials.push(base64SubKey);
});
}
var potentials = kh.getPotentials();
potentials.forEach(function(encoded){
var md5ed = md5(encoded);
if (foundKeys[0].registered.indexOf(md5ed) == -1 && foundKeys[0].eligible.indexOf(md5ed) == -1) {
......
var jpgp = require('../lib/jpgp');
var async = require('async');
var _ = require('underscore');
var openpgp = require('openpgp');
var merkle = require('merkle');
var base64 = require('../lib/base64');
var unix2dos = require('../lib/unix2dos');
var dos2unix = require('../lib/dos2unix');
var parsers = require('../lib/streams/parsers/doc');
var logger = require('../lib/logger')('membership');
var moment = require('moment');
var jpgp = require('../lib/jpgp');
var async = require('async');
var _ = require('underscore');
var openpgp = require('openpgp');
var merkle = require('merkle');
var base64 = require('../lib/base64');
var unix2dos = require('../lib/unix2dos');
var dos2unix = require('../lib/dos2unix');
var parsers = require('../lib/streams/parsers/doc');
var keyhelper = require('../lib/keyhelper');
var logger = require('../lib/logger')('membership');
var moment = require('moment');
module.exports.get = function (conn, conf, PublicKeyService) {
return new KeyService(conn, conf, PublicKeyService);
......@@ -91,7 +92,7 @@ function KeyService (conn, conf, PublicKeyService) {
next(null, true); // Key is already in the chain
else {
// Key is not in the keychain: valid if it has a valid udid2 (implying pubkey + self certificatio)
var wrappedKey = require('../lib/keyhelper').fromArmored(pubkey.raw);
var wrappedKey = keyhelper.fromArmored(pubkey.raw);
next(null, wrappedKey.hasValidUdid2());
}
},
......@@ -681,15 +682,15 @@ function KeyService (conn, conf, PublicKeyService) {
var join = { pubkey: null, ms: null };
async.waterfall([
function (next){
Membership.find({ userid: uid }, next);
Membership.find({ userid: uid, eligible: true }, next);
},
function (mss, next){
if (mss.length == 0) {
next('Membership not found?!')
next('Membership of ' + uid + ' not found');
return;
}
else if (mss.length > 1) {
next('Multiple membership found! Stopping.')
next('Multiple memberships for same user found! Stopping.')
return;
}
else {
......@@ -700,8 +701,18 @@ function KeyService (conn, conf, PublicKeyService) {
},
function (pubk, next){
join.pubkey = pubk;
joinData[join.pubkey.fingerprint] = join;
next();
if (!pubk.keychain && pubk.eligible.length > 0) {
// Not in the keychain, with eligible packets, potential new member
var wrappedKey = keyhelper.fromArmored(pubk.raw);
// Just require a good udid2
if (!wrappedKey.hasValidUdid2()) {
next('User ' + uid + ' does not have a valid udid2');
return;
}
joinData[join.pubkey.fingerprint] = join;
next();
}
else next('Already in the keychain, or no eligible packet');
},
], callback);
}, function(err){
......@@ -721,10 +732,9 @@ function KeyService (conn, conf, PublicKeyService) {
// Public keys
block.publicKeys = [];
_(joinData).values().forEach(function(join){
var key = openpgp.key.readArmored(join.pubkey.raw).keys[0];
var pkData = {
fingerprint: join.pubkey.fingerprint,
packets: base64.encode(key.toPacketlist().write())
packets: base64.encode(join.pubkey.getWritablePacketsWithoutOtherCertifications().write())
};
block.publicKeys.push(pkData);
});
......
......@@ -233,18 +233,13 @@ program
next('usage: gen-root [host] [port]');
return;
}
KeychainService.current(function (err, current) {
if (current) {
next('Local keychain is already started.');
return;
}
else next();
})
},
function (next){
Membership.find({}, next);
Membership.find({ eligible: true }, next);
},
function (mss, next){
if (mss.length == 0) {
next('No membership was received, no changes to add.');
return;
}
var uids = [];
mss.forEach(function(ms){
uids.push(ms.userid);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment