Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
duniter
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Container registry
Model registry
Monitor
Service Desk
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
nodes
typescript
duniter
Commits
84850a29
Commit
84850a29
authored
10 years ago
by
Cédric Moreau
Browse files
Options
Downloads
Patches
Plain Diff
Cleaning old unused code
parent
7a7e2779
Branches
Branches containing commit
Tags
Tags containing commit
No related merge requests found
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
app/models/keyblock.js
+0
-53
0 additions, 53 deletions
app/models/keyblock.js
app/service/KeychainService.js
+2
-288
2 additions, 288 deletions
app/service/KeychainService.js
with
2 additions
and
341 deletions
app/models/keyblock.js
+
0
−
53
View file @
84850a29
...
@@ -117,59 +117,6 @@ KeyBlockSchema.methods = {
...
@@ -117,59 +117,6 @@ KeyBlockSchema.methods = {
return
pubkeys
;
return
pubkeys
;
},
},
getTierCertificationPackets
:
function
()
{
var
certifications
=
[];
this
.
publicKeys
.
forEach
(
function
(
obj
){
var
fingerprint
=
obj
.
fingerprint
;
var
packets
=
new
openpgp
.
packet
.
List
();
var
base64decoded
=
base64
.
decode
(
obj
.
packets
);
packets
.
read
(
base64decoded
);
packets
=
packets
.
filterByTag
(
openpgp
.
enums
.
packet
.
signature
);
packets
.
forEach
(
function
(
p
){
if
(
p
.
tag
==
openpgp
.
enums
.
packet
.
signature
)
{
var
signaturesToKeep
=
[
openpgp
.
enums
.
signature
.
cert_generic
,
openpgp
.
enums
.
signature
.
cert_persona
,
openpgp
.
enums
.
signature
.
cert_casual
,
openpgp
.
enums
.
signature
.
cert_positive
];
var
selfSig
=
fingerprint
.
match
(
new
RegExp
(
p
.
issuerKeyId
.
toHex
().
toUpperCase
()
+
'
$
'
));
if
(
~
signaturesToKeep
.
indexOf
(
p
.
signatureType
)
&&
!
selfSig
)
certifications
.
push
(
p
);
}
});
});
return
certifications
;
},
getTierCertificationPacketsFor
:
function
(
fingerprint
)
{
var
certifications
=
[];
this
.
publicKeys
.
forEach
(
function
(
obj
){
if
(
obj
.
fingerprint
==
fingerprint
)
{
var
fingerprint
=
obj
.
fingerprint
;
var
packets
=
new
openpgp
.
packet
.
List
();
var
base64decoded
=
base64
.
decode
(
obj
.
packets
);
packets
.
read
(
base64decoded
);
packets
=
packets
.
filterByTag
(
openpgp
.
enums
.
packet
.
signature
);
packets
.
forEach
(
function
(
p
){
if
(
p
.
tag
==
openpgp
.
enums
.
packet
.
signature
)
{
var
signaturesToKeep
=
[
openpgp
.
enums
.
signature
.
cert_generic
,
openpgp
.
enums
.
signature
.
cert_persona
,
openpgp
.
enums
.
signature
.
cert_casual
,
openpgp
.
enums
.
signature
.
cert_positive
];
var
selfSig
=
fingerprint
.
match
(
new
RegExp
(
p
.
issuerKeyId
.
toHex
().
toUpperCase
()
+
'
$
'
));
p
.
target
=
fingerprint
;
if
(
~
signaturesToKeep
.
indexOf
(
p
.
signatureType
)
&&
!
selfSig
)
certifications
.
push
(
p
);
}
});
}
});
return
certifications
;
},
getMemberships
:
function
()
{
getMemberships
:
function
()
{
var
notFoundMembership
=
0
;
var
notFoundMembership
=
0
;
var
mss
=
{};
var
mss
=
{};
...
...
This diff is collapsed.
Click to expand it.
app/service/KeychainService.js
+
2
−
288
View file @
84850a29
...
@@ -275,6 +275,8 @@ function KeyService (conn, conf, PublicKeyService) {
...
@@ -275,6 +275,8 @@ function KeyService (conn, conf, PublicKeyService) {
return
;
return
;
}
}
// TODO: check subkeys?
// Check against signature
// Check against signature
var
entity
=
new
Membership
(
ms
);
var
entity
=
new
Membership
(
ms
);
var
armoredPubkey
=
key
.
getArmored
();
var
armoredPubkey
=
key
.
getArmored
();
...
@@ -352,126 +354,6 @@ function KeyService (conn, conf, PublicKeyService) {
...
@@ -352,126 +354,6 @@ function KeyService (conn, conf, PublicKeyService) {
}
}
}
}
/**
* Find the pubkey matching fingerprint + test its validity against WoT constraints (signatures).
**/
function
getValidMemberPubkey
(
now
,
block
,
fingerprint
,
done
)
{
var
wotKey
;
async
.
waterfall
([
function
(
next
){
getMemberOrNewcomerPubkey
(
block
,
fingerprint
,
next
);
},
function
(
wotPubkey
,
next
)
{
wotKey
=
wotPubkey
;
// Check signatures' quantity + distance to WoT
var
nbLinks
=
wotKey
.
getSignatories
().
length
;
// wotKey.getSignatories().forEach(function(link){
// if (Math.max(now - link.timestamp, 0) < LINK_DURATION) {
// nbLinks++;
// }
// });
// Check against quantity
if
(
block
.
number
>
0
&&
nbLinks
<
LINK_QUANTITY_MIN
)
{
next
(
'
Not enough links to join the Web of Trust
'
);
return
;
}
Key
.
getMembers
(
next
);
},
function
(
members
,
next
){
// Check against distance to the WoT
async
.
forEach
(
members
,
function
(
member
,
callback
){
findExistingPath
(
wotKey
,
member
,
MAX_STEPS
,
callback
);
},
next
);
},
function
(
next
){
next
(
null
,
wotKey
.
armor
());
},
],
done
);
}
/**
* Find a member's pubkey, wether it is in the memory block or persisted keychain,
* and returns it as WOTPubkey object.
**/
function
getMemberOrNewcomerPubkey
(
block
,
fingerprint
,
done
)
{
var
wotPubkey
;
block
.
publicKeys
.
forEach
(
function
(
pk
){
if
(
pk
.
fingerprint
==
fingerprint
)
wotPubkey
=
new
WOTPubkey
(
fingerprint
,
pk
.
packets
);
});
// New PubKey
if
(
wotPubkey
)
{
async
.
waterfall
([
function
(
next
)
{
// Check each pubkey packet has a UserID, and only one
// Check the self-certification exists with pubkey
// Only one self-certification
if
(
!
wotPubkey
.
hasOnlyOneValidUserID
())
{
next
(
'
One and only one UserID required & allowed for a pubkey
'
);
return
;
}
if
(
wotPubkey
.
getSelfCertifications
().
length
!=
1
)
{
next
(
'
Only one self certification allowed for a key
'
);
return
;
}
// Check each pubkey is here for first time
// Check no KeyID conflict
Key
.
isMember
(
fingerprint
.
substring
(
24
),
next
);
},
function
(
isMember
,
next
){
if
(
isMember
)
{
next
(
'
Cannot add a pubkey for an existing member
'
);
return
;
}
// Check signatures (good signature + from member)
if
(
block
.
number
==
0
)
{
// No tier-signature allowed (no existing member to justify it)
if
(
wotPubkey
.
getSignatories
().
length
>
0
)
{
next
(
'
No tier-certification allowed for root keyblock
'
);
return
;
}
else
next
();
}
else
{
async
.
forEach
(
wotPubkey
.
getSignatories
(),
function
(
signatory
,
callback
){
async
.
waterfall
([
function
(
next
){
getMemberPubkey
(
signatory
.
keyID
,
next
);
},
function
(
wotKey
,
next
){
// Tiers certif: only from members
if
(
!
signatory
.
packet
.
verify
(
wotPubkey
.
userid
,
tierPubkey
))
{
next
(
'
Signature verification failed for userid
'
);
return
;
}
next
();
},
],
callback
);
},
next
);
}
},
],
function
(
err
)
{
done
(
err
,
wotPubkey
);
});
}
else
{
// Existing pubkey
async
.
waterfall
([
function
(
next
){
PublicKey
.
getTheOne
(
fingerprint
,
next
);
},
function
(
pubk
,
next
){
next
(
null
,
new
WOTPubkey
(
fingerprint
,
pubk
.
keychain
));
},
function
(
wotPubk
,
next
){
var
certifs
=
block
.
getTierCertificationPacketsFor
(
wotPubk
.
fingerprint
);
wotPubk
.
addAll
(
certifs
);
next
(
null
,
wotPubk
);
},
],
done
);
}
}
function
checkProofOfWork
(
block
,
done
)
{
function
checkProofOfWork
(
block
,
done
)
{
var
powRegexp
=
new
RegExp
(
'
^0{
'
+
MINIMUM_ZERO_START
+
'
}
'
);
var
powRegexp
=
new
RegExp
(
'
^0{
'
+
MINIMUM_ZERO_START
+
'
}
'
);
if
(
!
block
.
hash
.
match
(
powRegexp
))
if
(
!
block
.
hash
.
match
(
powRegexp
))
...
@@ -480,32 +362,6 @@ function KeyService (conn, conf, PublicKeyService) {
...
@@ -480,32 +362,6 @@ function KeyService (conn, conf, PublicKeyService) {
done
();
done
();
}
}
/**
* Find a member's pubkey, wether it is in the memory block or persisted keychain,
* and returns it as WOTPubkey object.
**/
function
getMemberPubkey
(
fingerprint
,
done
)
{
async
.
waterfall
([
function
(
next
){
Key
.
isMember
(
fingerprint
,
next
);
},
function
(
isMember
,
next
){
if
(
!
isMember
)
{
next
(
'
Not a member key
'
);
return
;
}
PublicKey
.
getTheOne
(
fingerprint
,
next
);
},
function
(
pubkey
,
next
){
next
(
null
,
new
WOTPubkey
(
fingerprint
,
pubkey
.
keychain
));
},
],
done
);
}
function
findExistingPath
(
wotKey
,
member
,
maxSteps
,
callback
)
{
callback
(
'
No path found!
'
);
}
function
checkKicked
(
block
,
newLinks
,
done
)
{
function
checkKicked
(
block
,
newLinks
,
done
)
{
var
membersChanges
=
block
.
membersChanges
;
var
membersChanges
=
block
.
membersChanges
;
async
.
waterfall
([
async
.
waterfall
([
...
@@ -556,23 +412,6 @@ function KeyService (conn, conf, PublicKeyService) {
...
@@ -556,23 +412,6 @@ function KeyService (conn, conf, PublicKeyService) {
],
done
);
],
done
);
}
}
function
checkCertificationsUpdates
(
block
,
done
)
{
// Only *members* signatures can be here (not newcomers, nor leaving members)
if
(
block
.
number
==
0
)
{
done
();
return
;
}
var
certifications
=
block
.
getTierCertificationPackets
();
async
.
forEach
(
certifications
,
function
(
cert
,
callback
){
Key
.
isStayingMember
(
cert
.
issuerKeyId
.
toHex
().
toUpperCase
(),
function
(
err
,
willBeMember
)
{
if
(
!
willBeMember
||
err
)
callback
(
err
||
'
Signatory is not a member
'
);
else
callback
();
});
},
done
);
}
function
updateMembers
(
block
,
done
)
{
function
updateMembers
(
block
,
done
)
{
async
.
forEach
(
block
.
membersChanges
,
function
(
mc
,
callback
){
async
.
forEach
(
block
.
membersChanges
,
function
(
mc
,
callback
){
var
isPlus
=
mc
[
0
]
==
'
+
'
;
var
isPlus
=
mc
[
0
]
==
'
+
'
;
...
@@ -732,131 +571,6 @@ function KeyService (conn, conf, PublicKeyService) {
...
@@ -732,131 +571,6 @@ function KeyService (conn, conf, PublicKeyService) {
},
done
);
},
done
);
}
}
function
WOTPubkey
(
fingerprint
,
rawPackets
)
{
this
.
packets
=
new
openpgp
.
packet
.
List
();
var
that
=
this
;
// Get signatories' certification packet of the userid (not checked yet)
this
.
addAll
=
function
(
packets
)
{
var
thePackets
=
new
openpgp
.
packet
.
List
();
var
base64decoded
=
base64
.
decode
(
packets
);
thePackets
.
read
(
base64decoded
);
thePackets
=
thePackets
.
filterByTag
(
openpgp
.
enums
.
packet
.
publicKey
,
openpgp
.
enums
.
packet
.
publicSubkey
,
openpgp
.
enums
.
packet
.
userid
,
openpgp
.
enums
.
packet
.
signature
);
thePackets
.
forEach
(
function
(
p
){
if
(
p
.
tag
==
openpgp
.
enums
.
packet
.
signature
)
{
var
signaturesToKeep
=
[
openpgp
.
enums
.
signature
.
cert_generic
,
openpgp
.
enums
.
signature
.
cert_persona
,
openpgp
.
enums
.
signature
.
cert_casual
,
openpgp
.
enums
.
signature
.
cert_positive
,
openpgp
.
enums
.
signature
.
subkey_binding
];
if
(
~
signaturesToKeep
.
indexOf
(
p
.
signatureType
))
that
.
packets
.
push
(
p
);
}
else
that
.
packets
.
push
(
p
);
});
}
this
.
addAll
(
rawPackets
);
// Get signatories' certification packet of the userid (not checked yet)
this
.
getSignatories
=
function
()
{
var
signatories
=
[];
this
.
packets
.
filterByTag
(
openpgp
.
enums
.
packet
.
signature
).
forEach
(
function
(
packet
){
var
issuerKeyId
=
packet
.
issuerKeyId
.
toHex
().
toUpperCase
();
var
isSelfSig
=
fingerprint
.
match
(
new
RegExp
(
issuerKeyId
+
'
$
'
));
if
(
!
isSelfSig
)
{
signatories
.
push
({
keyID
:
issuerKeyId
,
packet
:
packet
});
}
});
return
signatories
;
};
// Get signatories' certification packet of the userid (not checked yet)
this
.
hasOnlyOneValidUserID
=
function
()
{
return
this
.
getPubKey
().
getPrimaryUser
()
!=
null
&&
this
.
getUserIDs
().
length
==
1
;
};
// Get signatories' certification packet of the userid (not checked yet)
this
.
getSelfCertifications
=
function
()
{
var
certifs
=
[];
this
.
packets
.
filterByTag
(
openpgp
.
enums
.
packet
.
signature
).
forEach
(
function
(
packet
){
var
signaturesToKeep
=
[
openpgp
.
enums
.
signature
.
cert_generic
,
openpgp
.
enums
.
signature
.
cert_persona
,
openpgp
.
enums
.
signature
.
cert_casual
,
openpgp
.
enums
.
signature
.
cert_positive
];
if
(
~
signaturesToKeep
.
indexOf
(
packet
.
signatureType
))
{
var
issuerKeyId
=
packet
.
issuerKeyId
.
toHex
().
toUpperCase
();
var
isSelfSig
=
fingerprint
.
match
(
new
RegExp
(
issuerKeyId
+
'
$
'
));
if
(
isSelfSig
)
{
certifs
.
push
({
keyID
:
issuerKeyId
,
packet
:
packet
});
}
}
});
return
certifs
;
};
this
.
getPurePubkey
=
function
()
{
return
new
openpgp
.
key
.
Key
(
this
.
getPurePackets
());
};
// Get signatories' certification packet of the userid (not checked yet)
this
.
getPurePackets
=
function
()
{
var
purePackets
=
[];
var
packets
=
this
.
packets
.
filterByTag
(
openpgp
.
enums
.
packet
.
publicKey
,
openpgp
.
enums
.
packet
.
publicSubkey
,
openpgp
.
enums
.
packet
.
userid
,
openpgp
.
enums
.
packet
.
signature
);
packets
.
forEach
(
function
(
packet
){
var
signaturesToKeep
=
[
openpgp
.
enums
.
signature
.
cert_generic
,
openpgp
.
enums
.
signature
.
cert_persona
,
openpgp
.
enums
.
signature
.
cert_casual
,
openpgp
.
enums
.
signature
.
cert_positive
,
openpgp
.
enums
.
signature
.
subkey_binding
];
if
(
~
signaturesToKeep
.
indexOf
(
packet
.
signatureType
))
{
var
issuerKeyId
=
packet
.
issuerKeyId
.
toHex
().
toUpperCase
();
var
isSelfSig
=
fingerprint
.
match
(
new
RegExp
(
issuerKeyId
+
'
$
'
));
if
(
isSelfSig
)
{
purePackets
.
push
(
packet
);
}
}
});
return
purePackets
;
};
this
.
getPubKey
=
function
()
{
return
new
openpgp
.
key
.
Key
(
this
.
packets
);
};
this
.
getUserIDs
=
function
()
{
var
pk
=
this
.
getPubKey
();
return
pk
.
getUserIds
();
}
this
.
armor
=
function
()
{
var
armor
=
new
openpgp
.
key
.
Key
(
this
.
packets
).
armor
();
return
armor
;
}
}
this
.
current
=
function
(
done
)
{
this
.
current
=
function
(
done
)
{
KeyBlock
.
current
(
function
(
err
,
kb
)
{
KeyBlock
.
current
(
function
(
err
,
kb
)
{
done
(
err
,
kb
||
null
);
done
(
err
,
kb
||
null
);
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment