Commit 29824999 authored by Cédric Moreau's avatar Cédric Moreau

Removed FOUNDER keychange, replaced by NEWCOMER

parent 2db741b7
......@@ -197,6 +197,16 @@ function KeyHelper (packetList) {
return certifs;
};
this.setOtherCertifications = function (certifs){
var primaryUser = key.getPrimaryUser();
if (primaryUser) {
primaryUser.user.otherCertifications = [];
certifs.forEach(function(cert){
primaryUser.user.otherCertifications.push(cert);
});
}
};
this.getCertificationsFromSignatory = function (newcomer){
var primaryUser = key.getPrimaryUser();
var certifs = new PacketList();
......
This diff is collapsed.
......@@ -221,83 +221,11 @@ function handleKey (server, key, isManaged, message) {
});
}
program
.command('gen-root [host] [port] [difficulty]')
.description('Tries to generate the root keyblock of the keychain using already received keys & memberships')
.action(service(DO_NOT_LISTEN_HTTP, ucoin.createWOTServer, function (host, port, difficulty, server, conf) {
var Membership = server.conn.model('Membership');
var KeychainService = server.KeychainService;
async.waterfall([
function (next){
if (!host || !port) {
next('usage: gen-root [host] [port]');
return;
}
Membership.find({ eligible: true }, next);
},
function (mss, next){
if (mss.length == 0) {
next('No membership was received, no changes to add.');
return;
}
var uids = [];
mss.forEach(function(ms){
uids.push(ms.userid);
});
if (mss.length > 0) {
inquirer.prompt([{
type: "checkbox",
name: "uids",
message: "Initial members of the Web of Trust",
choices: uids,
default: uids[0]
}], function (answers) {
next(null, answers.uids);
});
} else {
logger.info('No membership were found, trying to write an empty block');
next(null, []);
}
},
function (uids, next){
KeychainService.generateRoot(uids, next);
},
function (root, next){
var wiz = wizard(server);
async.waterfall([
function (next){
wiz.configOpenpgp(conf, next);
},
function (next){
wiz.configKey(conf, next);
},
function (next){
signature(conf.pgpkey, conf.pgppasswd, conf.openpgpjs, next);
},
function (sigFunc, next){
proveAndSend(server, root, sigFunc, difficulty, host, port, next);
},
], next);
},
], function (err) {
if (err) {
logger.error(err);
}
server.disconnect();
process.exit();
});
}));
program
.command('gen-empty-next [host] [port] [difficulty]')
.description('Tries to generate the next keyblock of the keychain without any changes')
.action(service(DO_NOT_LISTEN_HTTP, ucoin.createWOTServer, generateAndSend("generateEmptyNext")));
program
.command('gen-pulse [host] [port] [difficulty]')
.description('Tries to generate a pulse keyblock (#1), containing root signatures')
.action(service(DO_NOT_LISTEN_HTTP, ucoin.createWOTServer, generateAndSend("generatePulse")));
program
.command('gen-newcomers [host] [port] [difficulty]')
.description('Tries to generate a newcomers (#2+) keyblock, containing only newcomers changes')
......
......@@ -200,7 +200,7 @@ A keychange is a document describing changes to be applied to a [Public key](#p
Field | Data
--------------------- | ------------------------------------------
T | Type of change: either `F`,`N`,`U`,`L` or `B` for respectively `FOUNDER`,`NEWCOMER`,`UPDATE`,`LEAVER` and `BACK` meaning.
T | Type of change: either `N`,`U`,`L` or `B` for respectively `NEWCOMER`,`UPDATE`,`LEAVER` and `BACK` meaning.
KeyPackets | OpenPGP key material field. Value is an OpenPGP packet list base64 encoded. Allowed packets are public key, user ID, self-certification, subkey and subkey binding packets.
CertificationPackets | OpenPGP key material field. Value is an OpenPGP packet list base64 encoded. Allowed packets are other keys' certification packets.
Membership | Field for writing [Membership](#membership) document data.
......@@ -211,9 +211,6 @@ Depending the provided `T` type, fields have different format requirements. Belo
Type | Field | Requirement
----------- | ---------------------|----------------------------
`FOUNDER` | KeyPackets | Must contain a single public key, plus a single user ID and self-certification packet. May contain subkeys and subkey bindings.
`FOUNDER` | CertificationPackets | Must NOT be provided.
`FOUNDER` | Membership | Must contain an `IN` membership with a `USER_ID` field matching exactly `KeyPackets` user ID.
`NEWCOMER` | KeyPackets | Same rule as `FOUNDER`.
`NEWCOMER` | CertificationPackets | May contain any number of other keys' certification packets.
`NEWCOMER` | Membership | Must contain an `IN` membership with a `USER_ID` field matching exactly `KeyPackets` user ID.
......@@ -305,7 +302,7 @@ Each keyblock, other than the keyblock#0 must follow these rules:
* previous block `MembersCount` + the sum of all `+` count minus the sum of all `-` count from `MembersChanges` of this keyblock
* `FOUNDER` type can be present **only** for keyblock#0
* For a given `PUBLIC_KEY_FINGERPRINT`:
* First keychange must be either `FOUNDER` or `NEWCOMER`
* First keychange must be `NEWCOMER`
* `NEWCOMER` type can be present only 1 time and cannot follow a keychange
* `UPDATE` type cannot follow `LEAVE` type and must follow a keychange
* `LEAVE` type cannot follow `LEAVE` type and must follow a keychange
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment