From 9e7149108ab389b589a234ca6b748d4a32a6c8e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Obernd=C3=B6rfer?= Date: Fri, 15 Mar 2019 16:55:53 +0100 Subject: [PATCH] Fix user ID filtering. Do not filter out user attribute packets. --- src/service/pgp.js | 4 +- test/{ => fixtures}/key1.asc | 0 test/{ => fixtures}/key2.asc | 0 test/{ => fixtures}/key3.asc | 0 test/{ => fixtures}/key4.asc | 0 test/fixtures/key5.asc | 40 ++++++++++++++++++++ test/integration/app-test.js | 2 +- test/integration/email-test.js | 2 +- test/integration/public-key-test.js | 4 +- test/unit/pgp-test.js | 57 +++++++++++++++++++++++++++-- 10 files changed, 99 insertions(+), 10 deletions(-) rename test/{ => fixtures}/key1.asc (100%) rename test/{ => fixtures}/key2.asc (100%) rename test/{ => fixtures}/key3.asc (100%) rename test/{ => fixtures}/key4.asc (100%) create mode 100644 test/fixtures/key5.asc diff --git a/src/service/pgp.js b/src/service/pgp.js index 589f3f9..d1949ed 100644 --- a/src/service/pgp.js +++ b/src/service/pgp.js @@ -156,7 +156,7 @@ class PGP { async filterKeyByUserIds(userIds, armored) { const emails = userIds.map(({email}) => email); const {keys: [key]} = await openpgp.key.readArmored(armored); - key.users = key.users.filter(({userId: {email}}) => emails.includes(util.normalizeEmail(email))); + key.users = key.users.filter(({userId}) => !userId || emails.includes(util.normalizeEmail(userId.email))); return key.armor(); } @@ -189,7 +189,7 @@ class PGP { */ async removeUserId(email, publicKeyArmored) { const {keys: [key]} = await openpgp.key.readArmored(publicKeyArmored); - key.users = key.users.filter(({userId}) => util.normalizeEmail(userId.email) !== email); + key.users = key.users.filter(({userId}) => !userId || util.normalizeEmail(userId.email) !== email); return key.armor(); } } diff --git a/test/key1.asc b/test/fixtures/key1.asc similarity index 100% rename from test/key1.asc rename to test/fixtures/key1.asc diff --git a/test/key2.asc b/test/fixtures/key2.asc similarity index 100% rename from test/key2.asc rename to test/fixtures/key2.asc diff --git a/test/key3.asc b/test/fixtures/key3.asc similarity index 100% rename from test/key3.asc rename to test/fixtures/key3.asc diff --git a/test/key4.asc b/test/fixtures/key4.asc similarity index 100% rename from test/key4.asc rename to test/fixtures/key4.asc diff --git a/test/fixtures/key5.asc b/test/fixtures/key5.asc new file mode 100644 index 0000000..c8f84b7 --- /dev/null +++ b/test/fixtures/key5.asc @@ -0,0 +1,40 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2.0.22 (GNU/Linux) + +mI0EUmEvTgEEANyWtQQMOybQ9JltDqmaX0WnNPJeLILIM36sw6zL0nfTQ5zXSS3+ +fIF6P29lJFxpblWk02PSID5zX/DYU9/zjM2xPO8Oa4xo0cVTOTLj++Ri5mtr//f5 +GLsIXxFrBJhD/ghFsL3Op0GXOeLJ9A5bsOn8th7x6JucNKuaRB6bQbSPABEBAAG0 +JFRlc3QgTWNUZXN0aW5ndG9uIDx0ZXN0QGV4YW1wbGUuY29tPoi5BBMBAgAjBQJS +YS9OAhsvBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQSmNhOk1uQJQwDAP6 +AgrTyqkRlJVqz2pb46TfbDM2TDF7o9CBnBzIGoxBhlRwpqALz7z2kxBDmwpQa+ki +Bq3jZN/UosY9y8bhwMAlnrDY9jP1gdCo+H0sD48CdXybblNwaYpwqC8VSpDdTndf +9j2wE/weihGp/DAdy/2kyBCaiOY1sjhUfJ1GogF49rDRwc7BzAEQAAEBAAAAAAAA +AAAAAAAA/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQN +DAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/ +2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy +MjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAFABQDASIAAhEBAxEB/8QAHwAAAQUB +AQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQID +AAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0 +NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKT +lJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl +5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL +/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHB +CSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpj +ZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3 +uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIR +AxEAPwD3+iiigAooooA//9mIuQQTAQIAIwUCUzxDqQIbLwcLCQgHAwIBBhUIAgkK +CwQWAgMBAh4BAheAAAoJEEpjYTpNbkCU9PEEAKMMaXjhGdgDISBXAAEVXL6MB3x1 +d/7zBdnUljh1gM34TSKvbeZf7h/1DNgLbJFfSF3KiLViiqRVOumIkjwNIMZPqYtu +WoEcElY50mvTETzOKemCt1GYI0GhOY2uZOVRtQLrkX0CB9r5hEQalkrnjNKlbghj +LfOYu1uARF16cZUWuI0EUmEvTgEEAOkfz7QRWiWk+I6tdMqgEpOLKsFTLHOh3Inz +OZUnccxMRT++J2lDDMhLChz+d0MUxdBq6rrGoEIP2bYE9AjdR1DNedsuwAjnadYI +io6TMzk0ApagqHJcr1jhQfi/0sBhCCX+y0ghK8KAbiYnyXPMQFa9F19CbYaFvrj/ +dXk0N16bABEBAAGJAT0EGAECAAkFAlJhL04CGy4AqAkQSmNhOk1uQJSdIAQZAQIA +BgUCUmEvTgAKCRDghPdEbCAsl7qiBADZpokQgEhe2Cuz7xZIniTcM3itFdxdpRl/ +rrumN0P2cXbcHOMUfpnvwkgZrFEcl0ztvTloTxi7Mzx/c0iVPQXQ4ur9Mjaa5hT1 +/9TYNAG5/7ApMHrb48QtWCL0yxcLVC/+7+jUtm2abFMUU4PfnEqzFlkjY4mPalCm +o5tbbszw2VwFBADDZgDd8Vzfyo8r49jitnJNF1u+PLJf7XN6oijzCftAJDBez44Z +ofZ8ahPfkAhJe6opxaqgS47s4FIQVOEJcF9RgwLTU6uooSzA+b9XfNmQu7TWrXZQ +zBlpyHbxDAr9hmXLiKg0Pa11rOPXu7atTZ3C2Ic97WIyoaBUyhCKt8tz6Q== +=MVfN +-----END PGP PUBLIC KEY BLOCK----- diff --git a/test/integration/app-test.js b/test/integration/app-test.js index 825e009..6509c0c 100644 --- a/test/integration/app-test.js +++ b/test/integration/app-test.js @@ -26,7 +26,7 @@ describe('Koa App (HTTP Server) Integration Tests', function() { before(async () => { sandbox.stub(log); - publicKeyArmored = fs.readFileSync(`${__dirname}/../key1.asc`, 'utf8'); + publicKeyArmored = fs.readFileSync(`${__dirname}/../fixtures/key1.asc`, 'utf8'); mongo = new Mongo(); await mongo.init(config.mongo); diff --git a/test/integration/email-test.js b/test/integration/email-test.js index 7d32efb..b897dda 100644 --- a/test/integration/email-test.js +++ b/test/integration/email-test.js @@ -16,7 +16,7 @@ describe('Email Integration Tests', function() { const recipient = {name: 'Test User', email: 'safewithme.testuser@gmail.com'}; before(() => { - publicKeyArmored = require('fs').readFileSync(`${__dirname}/../key1.asc`, 'utf8'); + publicKeyArmored = require('fs').readFileSync(`${__dirname}/../fixtures/key1.asc`, 'utf8'); origin = { protocol: 'http', host: `localhost:${config.server.port}` diff --git a/test/integration/public-key-test.js b/test/integration/public-key-test.js index 8b62425..f34492f 100644 --- a/test/integration/public-key-test.js +++ b/test/integration/public-key-test.js @@ -27,8 +27,8 @@ describe('Public Key Integration Tests', function() { const origin = {host: 'localhost', protocol: 'http'}; before(async () => { - publicKeyArmored = require('fs').readFileSync(`${__dirname}/../key3.asc`, 'utf8'); - publicKeyArmored2 = require('fs').readFileSync(`${__dirname}/../key4.asc`, 'utf8'); + publicKeyArmored = require('fs').readFileSync(`${__dirname}/../fixtures/key3.asc`, 'utf8'); + publicKeyArmored2 = require('fs').readFileSync(`${__dirname}/../fixtures/key4.asc`, 'utf8'); sinon.stub(log, 'info'); mongo = new Mongo(); await mongo.init(config.mongo); diff --git a/test/unit/pgp-test.js b/test/unit/pgp-test.js index 409747d..33aaba7 100644 --- a/test/unit/pgp-test.js +++ b/test/unit/pgp-test.js @@ -11,13 +11,17 @@ describe('PGP Unit Tests', () => { let key1Armored; let key2Armored; let key3Armored; + let key5Armored; + + before(() => { + key1Armored = fs.readFileSync(`${__dirname}/../fixtures/key1.asc`, 'utf8'); + key2Armored = fs.readFileSync(`${__dirname}/../fixtures/key2.asc`, 'utf8'); + key3Armored = fs.readFileSync(`${__dirname}/../fixtures/key3.asc`, 'utf8'); + key5Armored = fs.readFileSync(`${__dirname}/../fixtures/key5.asc`, 'utf8'); + }); beforeEach(() => { sandbox.stub(log); - - key1Armored = fs.readFileSync(`${__dirname}/../key1.asc`, 'utf8'); - key2Armored = fs.readFileSync(`${__dirname}/../key2.asc`, 'utf8'); - key3Armored = fs.readFileSync(`${__dirname}/../key3.asc`, 'utf8'); pgp = new PGP(); }); @@ -195,4 +199,49 @@ describe('PGP Unit Tests', () => { expect(parsed.length).to.equal(0); }); }); + + describe('filterKeyByUserIds', () => { + it('should filter user IDs', async () => { + const email = 'test1@example.com'; + const {keys: [key]} = await openpgp.key.readArmored(key3Armored); + expect(key.users.length).to.equal(4); + const filtered = await pgp.filterKeyByUserIds([{email}], key3Armored); + const {keys: [filteredKey]} = await openpgp.key.readArmored(filtered); + expect(filteredKey.users.length).to.equal(1); + expect(filteredKey.users[0].userId.email).to.equal(email); + }); + + it('should not filter user attributes', async () => { + const email = 'test@example.com'; + const {keys: [key]} = await openpgp.key.readArmored(key5Armored); + expect(key.users.length).to.equal(2); + const filtered = await pgp.filterKeyByUserIds([{email}], key5Armored); + const {keys: [filteredKey]} = await openpgp.key.readArmored(filtered); + expect(filteredKey.users.length).to.equal(2); + expect(filteredKey.users[0].userId).to.exist; + expect(filteredKey.users[1].userAttribute).to.exist; + }); + }); + + describe('removeUserId', () => { + it('should remove user IDs', async () => { + const email = 'test1@example.com'; + const {keys: [key]} = await openpgp.key.readArmored(key3Armored); + expect(key.users.length).to.equal(4); + const reduced = await pgp.removeUserId(email, key3Armored); + const {keys: [reducedKey]} = await openpgp.key.readArmored(reduced); + expect(reducedKey.users.length).to.equal(3); + expect(reducedKey.users.includes(({userId}) => userId.email === email)).to.be.false; + }); + + it('should not remove user attributes', async () => { + const email = 'test@example.com'; + const {keys: [key]} = await openpgp.key.readArmored(key5Armored); + expect(key.users.length).to.equal(2); + const reduced = await pgp.removeUserId(email, key5Armored); + const {keys: [reducedKey]} = await openpgp.key.readArmored(reduced); + expect(reducedKey.users.length).to.equal(1); + expect(reducedKey.users[0].userAttribute).to.exist; + }); + }); });