PublicKey: now parses pubkey and remember eligible packets

99a7b8f6 · Cédric Moreau · 04758be5 · 99a7b8f6 · 99a7b8f6 · 99a7b8f6
Commit 99a7b8f6 authored Aug 05, 2014 by Cédric Moreau
Show whitespace changes
Inline Side-by-side

Showing with 110 additions and 0 deletions

app/lib/keyhelper.js app/lib/keyhelper.js +78 -0

app/lib/md5.js app/lib/md5.js +7 -0

app/models/publickey.js app/models/publickey.js +25 -0

No files found.
--- a/app/lib/keyhelper.js
+++ b/app/lib/keyhelper.js
+var openpgp    = require('openpgp');
+var base64     = require('./base64');
+var PacketList = openpgp.packet.List;
+
+module.exports = {
+
+  fromPackets: function (packetList){
+    return new KeyHelper(packetList);
+  },
+
+  fromArmored: function (armored){
+    var readKeys = openpgp.key.readArmored(asciiArmored).keys;
+    var packets = new PacketList();
+    if(readKeys.length == 1){
+      packets = readKeys[0].toPacketList();
+    }
+    return new KeyHelper(packets);
+  }
+};
+
+var UDID2_FORMAT = /udid2;c;/;
+// var UDID2_FORMAT = /\(udid2;c;([A-Z-]*);([A-Z-]*);(\d{4}-\d{2}-\d{2});(e\+\d{2}\.\d{2}-\d{3}\.\d{2});(\d+)(;?)\)/;
+
+function KeyHelper (packetList) {
+
+  var that = this;
+  var key = new openpgp.key.Key(packetList);
+
+  this.getUserID = function (param, next){
+    var primaryUser = key.getPrimaryUser();
+    return primaryUser && primaryUser.user && primaryUser.user.userId && primaryUser.user.userId.userid;
+  };
+
+  this.hasValidUdid2 = function (param, next){
+    var userid = that.getUserID();
+    return userid != null && userid.match(UDID2_FORMAT);
+  };
+
+  this.getBase64publicKey = function (){
+    return key.getKeyPacket() && base64.encode(key.getKeyPacket().write());
+  };
+
+  this.getBase64primaryUser = function (){
+    var primaryUser = key.getPrimaryUser();
+    var packets = new PacketList();
+    if (primaryUser) {
+      packets.push(primaryUser.user.userId);
+      packets.push(primaryUser.selfCertificate);
+    }
+    return primaryUser && base64.encode(packets.write());
+  };
+
+  this.getBase64primaryUserOtherCertifications = function (){
+    var primaryUser = key.getPrimaryUser();
+    var certifs = [];
+    if (primaryUser) {
+      (primaryUser.user.otherCertifications || []).forEach(function(oCert){
+        certifs.push(base64.encode(oCert.write()));
+        // oCert.verify(key, { userid: primaryUser.user.userId, key: key }))) {
+      });
+    }
+    return certifs;
+  };
+
+  // Give base64 encoded signing subkey packets (subkey + binding)
+  this.getBase64subkeys = function (){
+    var bSubkeys = [];
+    (key.subKeys || []).forEach(function(subkeyWrapper){
+      if (subkeyWrapper.isValidSigningKey(key) || subkeyWrapper.isValidEncryptionKey(key)) {
+        var packets = new PacketList();
+        packets.push(subkeyWrapper.subKey);
+        packets.push(subkeyWrapper.bindingSignature);
+        bSubkeys.push(base64.encode(packets.write()));
+      }
+    });
+    return bSubkeys;
+  };
+}
--- a/app/lib/md5.js
+++ b/app/lib/md5.js
+
+module.exports = function (str){
+  return require("crypto")
+    .createHash("md5")
+    .update(str)
+    .digest("hex");
+};
--- a/app/models/publickey.js
+++ b/app/models/publickey.js
@@ -4,6 +4,10 @@ var async    = require('async');
 var sha1     = require('sha1');
 var _        = require('underscore');
 var Schema   = mongoose.Schema;
+var openpgp  = require('openpgp');
+var KHelper  = require('../lib/keyhelper');
+var base64   = require('../lib/base64');
+var md5      = require('../lib/md5');
 var unix2dos = require('../lib/unix2dos');
 var parsers  = require('../lib/streams/parsers/doc');
 var logger   = require('../lib/logger')('pubkey');
@@ -13,6 +17,8 @@ var PublicKeySchema = new Schema({
  fingerprint: { type: String, unique: true },
  subkeys: [String], // Array of keyId
  hashes: [String], // Array of ASCII armor representation fingerprints
+  registered: [String], // Array of md5 hashes of the known packets (base64 encoded)
+  eligible: [String], // Array of md5 hashes of the unknown packets (base64 encoded)
  name: String,
  email: String,
  comment: String,
@@ -209,6 +215,25 @@ PublicKeySchema.statics.persist = function (pubkey, done) {
          var storedKey = jpgp().certificate(foundKeys[0].raw).key;
          // Merges packets
          storedKey.update(comingKey);
+          var kh = KHelper.fromPackets(storedKey.toPacketlist());
+          var potentials = [];
+          if (kh.hasValidUdid2()) {
+            potentials.push(kh.getBase64publicKey());
+            potentials.push(kh.getBase64primaryUser());
+            kh.getBase64primaryUserOtherCertifications().forEach(function(base64SubKey){
+              potentials.push(base64SubKey);
+            });
+            kh.getBase64subkeys().forEach(function(base64SubKey){
+              potentials.push(base64SubKey);
+            });
+          }
+          potentials.forEach(function(encoded){
+            var md5ed = md5(encoded);
+            if (foundKeys[0].registered.indexOf(md5ed) == -1 && foundKeys[0].eligible.indexOf(md5ed) == -1)  {
+              foundKeys[0].eligible.push(md5ed);
+            }
+          });
+          // Check for unknown packets
          var mergedCert = jpgp().certificate(storedKey.armor());
          var raw = unix2dos(storedKey.armor());
          foundKeys[0].subkeys = mergedCert.subkeys;