Release 0.9.1

This commit is contained in:
Yarmo Mackenbach 2021-01-09 15:22:59 +01:00
parent 6e828ca588
commit 0d7c33bcf8
7 changed files with 64 additions and 11 deletions

View file

@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased] ## [Unreleased]
## [0.9.1] - 2021-01-09
## Changed
- Use signature data to find key location
## [0.9.0] - 2021-01-07 ## [0.9.0] - 2021-01-07
## Added ## Added
- Signature claims verification - Signature claims verification

52
dist/doip.js vendored
View file

@ -1193,7 +1193,7 @@ process.umask = function() { return 0; };
},{}],9:[function(require,module,exports){ },{}],9:[function(require,module,exports){
module.exports={ module.exports={
"name": "doipjs", "name": "doipjs",
"version": "0.9.0", "version": "0.9.1",
"description": "Decentralized OpenPGP Identity Proofs library in Node.js", "description": "Decentralized OpenPGP Identity Proofs library in Node.js",
"main": "src/index.js", "main": "src/index.js",
"dependencies": { "dependencies": {
@ -3015,16 +3015,24 @@ const verify = (signature, opts) => {
return new Promise(async (resolve, reject) => { return new Promise(async (resolve, reject) => {
let errors = [], let errors = [],
sigData sigData
try { try {
sigData = await openpgp.cleartext.readArmored(signature) sigData = await openpgp.cleartext.readArmored(signature)
} catch (error) { } catch (error) {
errors.push('invalid_signature') errors.push('invalid_signature')
reject({ errors: errors }) reject({ errors: errors })
return
} }
const issuerKeyId = sigData.signature.packets[0].issuerKeyId.toHex()
const signersUserId = sigData.signature.packets[0].signersUserId
const preferredKeyServer =
sigData.signature.packets[0].preferredKeyServer ||
'https://keys.openppg.org/'
const text = sigData.getText() const text = sigData.getText()
let sigKeys = [] let sigKeys = []
let sigClaims = [] let sigClaims = []
text.split('\n').forEach((line, i) => { text.split('\n').forEach((line, i) => {
const match = line.match(/^(.*)\=(.*)$/i) const match = line.match(/^(.*)\=(.*)$/i)
if (!match) { if (!match) {
@ -3044,12 +3052,35 @@ const verify = (signature, opts) => {
} }
}) })
if (sigKeys.length === 0) { let keyData, keyUri
errors.push('no_linked_keys')
// Try overruling key
if (sigKeys.length > 0) {
try {
keyUri = sigKeys[0]
keyData = await keys.fetch.uri(keyUri)
} catch(e) {}
}
// Try WKD
if (!keyData && signersUserId) {
try {
keyUri = `wkd:${signersUserId}`
keyData = await keys.fetch.uri(keyUri)
} catch(e) {}
}
// Try HKP
if (!keyData) {
try {
const match = preferredKeyServer.match(/^(.*\:\/\/)?([^/]*)(?:\/)?$/i)
keyUri = `hkp:${match[2]}:${issuerKeyId ? issuerKeyId : signersUserId}`
keyData = await keys.fetch.uri(keyUri)
} catch(e) {
errors.push('key_not_found')
reject({ errors: errors }) reject({ errors: errors })
return
}
} }
const keyData = await keys.fetch.uri(sigKeys[0])
const fingerprint = keyData.keyPacket.getFingerprint() const fingerprint = keyData.keyPacket.getFingerprint()
try { try {
@ -3058,14 +3089,25 @@ const verify = (signature, opts) => {
} catch (e) { } catch (e) {
errors.push('invalid_signature_verification') errors.push('invalid_signature_verification')
reject({ errors: errors }) reject({ errors: errors })
return
} }
const claimVerifications = await claims.verify(sigClaims, fingerprint, opts) const claimVerifications = await claims.verify(sigClaims, fingerprint, opts)
resolve({ resolve({
errors: errors, errors: errors,
publicKey: keyData, signature: {
data: sigData.signature,
issuerKeyId: issuerKeyId,
signersUserId: signersUserId,
preferredKeyServer: preferredKeyServer,
},
publicKey: {
data: keyData,
uri: keyUri,
fingerprint: fingerprint, fingerprint: fingerprint,
},
text: text,
claims: claimVerifications, claims: claimVerifications,
}) })
}) })

2
dist/doip.min.js vendored

File diff suppressed because one or more lines are too long

View file

@ -1,4 +1,4 @@
# doip.js <small>0.9.0</small> # doip.js <small>0.9.1</small>
<img src="doip.png" width="120"> <img src="doip.png" width="120">

View file

@ -1,5 +1,12 @@
# Changelog # Changelog
## [0.9.1]
[2021-01-09](https://codeberg.org/keyoxide/doipjs/releases/tag/0.9.1)
## Changed
- Use signature data to find key location
## [0.9.0] ## [0.9.0]
[2021-01-07](https://codeberg.org/keyoxide/doipjs/releases/tag/0.9.0) [2021-01-07](https://codeberg.org/keyoxide/doipjs/releases/tag/0.9.0)

View file

@ -15,7 +15,7 @@ npm install --save doipjs
Install on website by including the following HTML snippet: Install on website by including the following HTML snippet:
```html ```html
<script src="https://cdn.jsdelivr.net/npm/doipjs@0.9.0/dist/doip.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/doipjs@0.9.1/dist/doip.min.js"></script>
``` ```
Next step: [quick start (Node.js)](quickstart-nodejs.md) and [quick start (browser)](quickstart-browser.md) Next step: [quick start (Node.js)](quickstart-nodejs.md) and [quick start (browser)](quickstart-browser.md)

View file

@ -1,6 +1,6 @@
{ {
"name": "doipjs", "name": "doipjs",
"version": "0.9.0", "version": "0.9.1",
"description": "Decentralized OpenPGP Identity Proofs library in Node.js", "description": "Decentralized OpenPGP Identity Proofs library in Node.js",
"main": "src/index.js", "main": "src/index.js",
"dependencies": { "dependencies": {