keybase-proofs
Version:
Publicly-verifiable proofs of identity
1,211 lines (1,138 loc) • 66 kB
JavaScript
// Generated by IcedCoffeeScript 108.0.12
(function() {
var Base, GenericBinding, OuterLink, SHA256, Verifier, WordArray, add_ids, akatch, base64_extract, base64u, bufeq_secure, bufferify, cieq, compare_hash_buf_to_str, constants, errors, errsan, expand_json, has_revoke, hash_sig, iced, isString, json_stringify_sorted, katch, kbpgp, make_esc, make_ids, pgp_utils, proof_text_check_to_med_id, proof_type_to_string, purepack, sig_id_to_med_id, sig_id_to_short_id, streq_secure, stub_json, trim, triplesec, unix_time, util, __iced_k, __iced_k_noop, _ref, _ref1, _ref2, _ref3,
__indexOf = [].indexOf || function(item) { for (var i = 0, l = this.length; i < l; i++) { if (i in this && this[i] === item) return i; } return -1; },
__slice = [].slice,
__hasProp = {}.hasOwnProperty,
__extends = function(child, parent) { for (var key in parent) { if (__hasProp.call(parent, key)) child[key] = parent[key]; } function ctor() { this.constructor = child; } ctor.prototype = parent.prototype; child.prototype = new ctor(); child.__super__ = parent.prototype; return child; };
iced = require('iced-runtime');
__iced_k = __iced_k_noop = function() {};
_ref = require('./constants'), proof_type_to_string = _ref.proof_type_to_string, constants = _ref.constants;
pgp_utils = require('pgp-utils');
_ref1 = pgp_utils.util, trim = _ref1.trim, katch = _ref1.katch, akatch = _ref1.akatch, bufeq_secure = _ref1.bufeq_secure, json_stringify_sorted = _ref1.json_stringify_sorted, unix_time = _ref1.unix_time, base64u = _ref1.base64u, streq_secure = _ref1.streq_secure;
triplesec = require('triplesec');
WordArray = triplesec.WordArray;
SHA256 = triplesec.hash.SHA256;
kbpgp = require('kbpgp');
make_esc = require('iced-error').make_esc;
util = require('util');
base64_extract = require('./b64extract').base64_extract;
_ref2 = require('./errors'), errors = _ref2.errors, errsan = _ref2.errsan;
purepack = require('purepack');
bufferify = require('./util').bufferify;
_ref3 = require('./expand'), expand_json = _ref3.expand_json, stub_json = _ref3.stub_json;
exports.hash_sig = hash_sig = function(sig_body) {
return (new SHA256).bufhash(sig_body);
};
add_ids = function(sig_body, out) {
var hash, id, short_id;
hash = hash_sig(sig_body);
id = hash.toString('hex');
short_id = sig_id_to_short_id(hash);
out.id = id;
out.med_id = sig_id_to_med_id(hash);
return out.short_id = short_id;
};
exports.make_ids = make_ids = function(sig_body) {
var out;
out = {};
add_ids(sig_body, out);
return out;
};
sig_id_to_med_id = function(sig_id) {
return base64u.encode(sig_id);
};
sig_id_to_short_id = function(sig_id) {
return base64u.encode(sig_id.slice(0, constants.short_id_bytes));
};
has_revoke = function(o) {
var _ref4, _ref5;
if ((o != null ? o.revoke : void 0) == null) {
return false;
} else if (o.revoke.sig_id != null) {
return true;
} else if (((_ref4 = o.revoke.sig_ids) != null ? _ref4.length : void 0) > 0) {
return true;
} else if (o.revoke.kid != null) {
return true;
} else if (((_ref5 = o.revoke.kids) != null ? _ref5.length : void 0) > 0) {
return true;
} else {
return false;
}
};
proof_text_check_to_med_id = function(proof_text_check) {
var med_id;
med_id = make_ids(Buffer.from(proof_text_check, 'base64')).med_id;
return med_id;
};
isString = function(x) {
return (typeof x === 'string') || (x instanceof String);
};
exports.cieq = cieq = function(a, b) {
return (a != null) && (b != null) && (isString(a)) && (isString(b)) && (a.toLowerCase() === b.toLowerCase());
};
compare_hash_buf_to_str = function(b, s) {
if ((b == null) && (s == null)) {
return true;
} else if ((b == null) || (s == null)) {
return false;
} else {
return bufeq_secure(b, Buffer.from(s, 'hex'));
}
};
Verifier = (function() {
function Verifier(_arg, sig_eng, base) {
this.armored = _arg.armored, this.id = _arg.id, this.short_id = _arg.short_id, this.skip_ids = _arg.skip_ids, this.make_ids = _arg.make_ids, this.strict = _arg.strict, this.now = _arg.now, this.critical_clock_skew_secs = _arg.critical_clock_skew_secs, this.skip_clock_skew_check = _arg.skip_clock_skew_check, this.inner = _arg.inner, this.outer = _arg.outer, this.expansions = _arg.expansions, this.assert_pgp_hash = _arg.assert_pgp_hash, this.require_packet_hash = _arg.require_packet_hash;
this.sig_eng = sig_eng;
this.base = base;
}
Verifier.prototype.km = function() {
return this.sig_eng.get_km();
};
Verifier.prototype.get_etime = function() {
if ((this.json.ctime != null) && this.json.expire_in) {
return this.json.ctime + this.json.expire_in;
} else {
return null;
}
};
Verifier.prototype.verify = function(cb) {
var esc, json_obj, json_str, payload, ___iced_passed_deferral, __iced_deferrals, __iced_k;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
esc = make_esc(cb, "Verifier::verfiy");
(function(_this) {
return (function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify"
});
_this._parse_and_process({
armored: _this.armored
}, esc(__iced_deferrals.defer({
assign_fn: (function() {
return function() {
return payload = arguments[0];
};
})(),
lineno: 94
})));
__iced_deferrals._fulfill();
});
})(this)((function(_this) {
return function() {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify"
});
_this._check_json({
payload: payload,
expansions: _this.expansions
}, esc(__iced_deferrals.defer({
assign_fn: (function() {
return function() {
json_obj = arguments[0];
return json_str = arguments[1];
};
})(),
lineno: 95
})));
__iced_deferrals._fulfill();
})(function() {
(function(__iced_k) {
if (!_this.skip_clock_skew_check) {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify"
});
_this._check_ctime(esc(__iced_deferrals.defer({
lineno: 96
})));
__iced_deferrals._fulfill();
})(__iced_k);
} else {
return __iced_k();
}
})(function() {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify"
});
_this._check_expired(esc(__iced_deferrals.defer({
lineno: 97
})));
__iced_deferrals._fulfill();
})(function() {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify"
});
_this._check_version({
v: 1
}, esc(__iced_deferrals.defer({
lineno: 98
})));
__iced_deferrals._fulfill();
})(function() {
return cb(null, json_obj, json_str);
});
});
});
});
};
})(this));
};
Verifier.prototype.verify_v2 = function(cb) {
var esc, inner_buf, json_obj, json_str, outer_obj, outer_raw, ___iced_passed_deferral, __iced_deferrals, __iced_k;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
esc = make_esc(cb, "Verifier::verfiy");
(function(_this) {
return (function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify_v2"
});
_this._parse_and_process({
armored: _this.armored
}, esc(__iced_deferrals.defer({
assign_fn: (function() {
return function() {
return outer_raw = arguments[0];
};
})(),
lineno: 105
})));
__iced_deferrals._fulfill();
});
})(this)((function(_this) {
return function() {
inner_buf = Buffer.from(_this.inner, 'utf8');
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify_v2"
});
_this._check_json({
payload: inner_buf,
expansions: _this.expansions
}, esc(__iced_deferrals.defer({
assign_fn: (function() {
return function() {
json_obj = arguments[0];
return json_str = arguments[1];
};
})(),
lineno: 107
})));
__iced_deferrals._fulfill();
})(function() {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify_v2"
});
_this._check_inner_outer_match({
outer_raw: outer_raw,
inner_obj: json_obj,
inner_buf: inner_buf
}, esc(__iced_deferrals.defer({
assign_fn: (function() {
return function() {
return outer_obj = arguments[0];
};
})(),
lineno: 108
})));
__iced_deferrals._fulfill();
})(function() {
(function(__iced_k) {
if (!_this.skip_clock_skew_check) {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify_v2"
});
_this._check_ctime(esc(__iced_deferrals.defer({
lineno: 109
})));
__iced_deferrals._fulfill();
})(__iced_k);
} else {
return __iced_k();
}
})(function() {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify_v2"
});
_this._check_expired(esc(__iced_deferrals.defer({
lineno: 110
})));
__iced_deferrals._fulfill();
})(function() {
(function(__iced_k) {
if (_this.json.high_skip != null) {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier.verify_v2"
});
_this._sanity_check_high_skip(esc(__iced_deferrals.defer({
lineno: 111
})));
__iced_deferrals._fulfill();
})(__iced_k);
} else {
return __iced_k();
}
})(function() {
return cb(null, outer_obj, json_obj, json_str);
});
});
});
});
});
};
})(this));
};
Verifier.prototype._check_inner_outer_match = function(_arg, cb) {
var a, b, err, esc, inner_buf, inner_obj, outer, outer_raw, ___iced_passed_deferral, __iced_deferrals, __iced_k;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
outer_raw = _arg.outer_raw, inner_obj = _arg.inner_obj, inner_buf = _arg.inner_buf;
esc = make_esc(cb, "_check_inner_outer_match");
(function(_this) {
return (function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier._check_inner_outer_match"
});
OuterLink.parse({
raw: outer_raw
}, esc(__iced_deferrals.defer({
assign_fn: (function() {
return function() {
return outer = arguments[0];
};
})(),
lineno: 118
})));
__iced_deferrals._fulfill();
});
})(this)((function(_this) {
return function() {
var _ref4, _ref5, _ref6, _ref7;
err = (a = outer.type) !== (b = _this.base._type_v2(has_revoke(inner_obj.body))) ? new Error("Type mismatch: " + (errsan(a)) + " != " + (errsan(b))) : (a = outer.version) !== (b = constants.versions.sig_v2) ? new Error("Bad version: " + (errsan(a)) + " != " + (errsan(b))) : (a = outer.version) !== (b = inner_obj.body.version) ? new Error("Version mismatch: " + (errsan(a)) + " != " + (errsan(b))) : !bufeq_secure((a = outer.hash), (b = hash_sig(inner_buf))) ? new Error("hash mismatch: " + (a != null ? a.toString('hex') : void 0) + " != " + (b != null ? b.toString('hex') : void 0)) : (a = outer.seqno) !== (b = inner_obj.seqno) ? (err = new errors.WrongSeqnoError("wrong seqno: " + (errsan(a)) + " != " + (errsan(b))), err.seqno = b, err) : !compare_hash_buf_to_str((a = outer.prev), (b = inner_obj.prev)) ? new Error("wrong prev: " + (a != null ? a.toString('hex') : void 0) + " != " + (errsan(b))) : (a = outer.get_seq_type()) !== (b = inner_obj.seq_type || constants.seq_types.PUBLIC) ? new Error("wrong seq type: " + (errsan(a)) + " != " + (errsan(b))) : (a = outer.get_ignore_if_unsupported()) !== (b = inner_obj.ignore_if_unsupported || false) ? new Error("wrong ignore_if_unsupported value: " + (errsan(a)) + " != " + (errsan(b))) : (a = (_ref4 = outer.get_high_skip()) != null ? _ref4.seqno : void 0) !== (b = ((_ref5 = inner_obj.high_skip) != null ? _ref5.seqno : void 0)) ? new errors.BadHighSkipError("wrong high_skip seqno: " + (errsan(a)) + " != " + (errsan(b))) : !compare_hash_buf_to_str((a = (_ref6 = outer.get_high_skip()) != null ? _ref6.hash : void 0), (b = ((_ref7 = inner_obj.high_skip) != null ? _ref7.hash : void 0))) ? new errors.BadHighSkipError("wrong high_skip hash value: " + (a != null ? a.toString('hex') : void 0) + " != " + (errsan(b))) : null;
return cb(err, outer);
};
})(this));
};
Verifier.prototype._check_ids = function(body, cb) {
var err, id, short_id, _ref4;
_ref4 = make_ids(body), short_id = _ref4.short_id, id = _ref4.id;
err = !((this.id != null) && streq_secure(id, this.id)) ? new Error("Long IDs aren't equal; wanted " + (errsan(id)) + " but got " + (errsan(this.id))) : !((this.short_id != null) && streq_secure(short_id, this.short_id)) ? new Error("Short IDs aren't equal: wanted " + (errsan(short_id)) + " but got " + (errsan(this.short_id))) : null;
return cb(err);
};
Verifier.prototype._get_now = function() {
if (this.now != null) {
return this.now;
} else {
return unix_time();
}
};
Verifier.prototype._get_critical_clock_skew_secs = function() {
return this.critical_clock_skew_secs || constants.critical_clock_skew_secs;
};
Verifier.prototype._check_ctime = function(cb) {
var diff, epoch, err, now;
now = this._get_now();
if (this.json.ctime == null) {
err = new Error("no ctime given");
} else {
diff = Math.abs(now - this.json.ctime);
if (Math.abs(diff) > this._get_critical_clock_skew_secs()) {
epoch = now > this.json.ctime ? "past" : "future";
err = new errors.ClockSkewError("your computer's clock is wrong: signature is dated " + diff + " seconds in the " + epoch);
err.diff = diff;
}
}
return cb(err);
};
Verifier.prototype._check_version = function(_arg, cb) {
var err, v, x;
v = _arg.v;
err = (x = this.json.body.version) === v ? null : new Error("Expected inner signature version " + v + " but got " + (errsan(x)));
return cb(err);
};
Verifier.prototype._check_expired = function(cb) {
var err, expired, now;
err = null;
now = this._get_now();
if (this.json.ctime == null) {
err = new Error("No `ctime` in signature");
} else if (this.json.expire_in == null) {
err = new Error("No `expire_in` in signature");
} else if (!this.json.expire_in) {
this.etime = null;
} else if ((expired = now - this.json.ctime - this.json.expire_in) > 0) {
err = new Error("Expired " + expired + "s ago");
} else {
this.etime = this.json.ctime + this.json.expire_in;
}
return cb(err);
};
Verifier.prototype._sanity_check_high_skip = function(cb) {
var err, high_skip, seqno, _ref4;
err = null;
_ref4 = this.json, seqno = _ref4.seqno, high_skip = _ref4.high_skip;
if (high_skip.hash && (high_skip.seqno == null)) {
err = new errors.BadHighSkipError("Cannot provide high_skip hash but not high_skip seqno.");
} else if (seqno === 1 && high_skip.seqno !== 0) {
err = new errors.BadHighSkipError("First seqno must provide high_skip seqno 0, if high_skip is provided.");
} else if (high_skip.seqno === 0 && (high_skip.hash != null)) {
err = new errors.BadHighSkipError("Cannot provide high_skip hash with high_skip seqno 0.");
} else if (high_skip.seqno > 0 && (high_skip.hash == null)) {
err = new errors.BadHighSkipError("Must provide high_skip_hash with positive high_skip_seqno.");
} else if (high_skip.seqno < 0) {
err = new errors.BadHighSkipError("high_skip seqno should be non-negative.");
}
return cb(err);
};
Verifier.prototype._parse_and_process = function(_arg, cb) {
var armored, body, err, payload, ___iced_passed_deferral, __iced_deferrals, __iced_k;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
armored = _arg.armored;
err = null;
(function(_this) {
return (function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier._parse_and_process"
});
_this.sig_eng.unbox(armored, __iced_deferrals.defer({
assign_fn: (function() {
return function() {
err = arguments[0];
payload = arguments[1];
return body = arguments[2];
};
})(),
lineno: 217
}), {
assert_pgp_hash: _this.assert_pgp_hash,
require_packet_hash: _this.require_packet_hash
});
__iced_deferrals._fulfill();
});
})(this)((function(_this) {
return function() {
(function(__iced_k) {
if ((err == null) && !_this.skip_ids) {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier._parse_and_process"
});
_this._check_ids(body, __iced_deferrals.defer({
assign_fn: (function() {
return function() {
return err = arguments[0];
};
})(),
lineno: 219
}));
__iced_deferrals._fulfill();
})(__iced_k);
} else {
return __iced_k();
}
})(function() {
var _ref4;
if ((err == null) && _this.make_ids) {
_ref4 = make_ids(body), _this.short_id = _ref4.short_id, _this.id = _ref4.id;
}
return cb(err, payload);
});
};
})(this));
};
Verifier.prototype._check_json = function(_arg, cb) {
var e, err, esc, expansions, json_str_buf, json_str_utf8, json_str_utf8_trimmed, json_tmp, ours, payload, ___iced_passed_deferral, __iced_deferrals, __iced_k, _ref4;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
payload = _arg.payload, expansions = _arg.expansions;
esc = make_esc(cb);
json_str_buf = payload;
json_str_utf8 = json_str_buf.toString('utf8');
json_str_utf8_trimmed = trim(json_str_utf8);
err = null;
if (!/^[\x20-\x7e]+$/.test(json_str_utf8_trimmed)) {
err = new Error("All JSON proof characters must be in the visible ASCII set (properly escaped UTF8 is permissible)");
return cb(err);
}
_ref4 = katch((function() {
return JSON.parse(json_str_buf);
})), e = _ref4[0], json_tmp = _ref4[1];
if (e != null) {
err = new Error("Couldn't parse JSON signed message: " + e.message);
return cb(err);
}
if (this.strict && ((ours = trim(json_stringify_sorted(json_tmp))) !== json_str_utf8_trimmed)) {
err = new Error("non-canonical JSON found in strict mode (" + (errsan(ours)) + " v " + (errsan(json_str_utf8_trimmed)) + ")");
return cb(err);
}
(function(_this) {
return (function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier._check_json"
});
akatch((function() {
return expand_json({
json: json_tmp,
expansions: expansions
});
}), esc(__iced_deferrals.defer({
assign_fn: (function(__slot_1) {
return function() {
return __slot_1.json = arguments[0];
};
})(_this),
lineno: 245
})));
__iced_deferrals._fulfill();
});
})(this)((function(_this) {
return function() {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Verifier._check_json"
});
_this.base._v_check({
json: _this.json,
assert_pgp_hash: _this.assert_pgp_hash
}, esc(__iced_deferrals.defer({
lineno: 246
})));
__iced_deferrals._fulfill();
})(function() {
return cb(null, _this.json, json_str_utf8);
});
};
})(this));
};
return Verifier;
})();
Base = (function() {
function Base(_arg) {
this.sig_eng = _arg.sig_eng, this.seqno = _arg.seqno, this.user = _arg.user, this.host = _arg.host, this.prev = _arg.prev, this.client = _arg.client, this.merkle_root = _arg.merkle_root, this.revoke = _arg.revoke, this.seq_type = _arg.seq_type, this.ignore_if_unsupported = _arg.ignore_if_unsupported, this.high_skip = _arg.high_skip, this.eldest_kid = _arg.eldest_kid, this.expire_in = _arg.expire_in, this.ctime = _arg.ctime, this.stub_paths = _arg.stub_paths;
}
Base.prototype.proof_type_str = function() {
var t;
if ((t = this.proof_type()) != null) {
return proof_type_to_string[t];
} else {
return null;
}
};
Base.prototype._v_check_key = function(key) {
var checks, err;
checks = 0;
if ((key != null ? key.kid : void 0) != null) {
checks++;
err = this._v_check_kid(key.kid);
}
if ((err == null) && ((key != null ? key.fingerprint : void 0) != null)) {
checks++;
err = this._v_check_fingerprint(key);
}
if ((err == null) && checks === 0) {
err = new Error("need either a 'body.key.kid' or a 'body.key.fingerprint'");
}
return err;
};
Base.prototype._v_check_kid = function(kid) {
var a, err;
if (!bufeq_secure((a = this.km().get_ekid()), Buffer.from(kid, "hex"))) {
return err = new Error("Verification key doesn't match packet (via kid): " + (errsan(a.toString('hex'))) + " != " + (errsan(kid)));
} else {
return null;
}
};
Base.prototype._v_check_fingerprint = function(key) {
var a, fp, key_id;
if ((key_id = key != null ? key.key_id : void 0) == null) {
return new Error("Needed a body.key.key_id but none given");
} else if (!bufeq_secure((a = this.km().get_pgp_key_id()), Buffer.from(key_id, "hex"))) {
return new Error("Verification key doesn't match packet (via key ID): " + (errsan(a.toString('hex'))) + " != " + (errsan(key_id)));
} else if ((fp = key != null ? key.fingerprint : void 0) == null) {
return new Error("Needed a body.key.fingerprint but none given");
} else if (!bufeq_secure(this.km().get_pgp_fingerprint(), Buffer.from(fp, "hex"))) {
return new Error("Verifiation key doesn't match packet (via fingerprint)");
} else {
return null;
}
};
Base.prototype._v_include_pgp_details = function() {
return false;
};
Base.prototype._v_require_pgp_details = function() {
return false;
};
Base.prototype._v_pgp_details_dest = function(body) {
return body.key;
};
Base.prototype._v_pgp_km = function() {
return null;
};
Base.prototype._v_require_username = function() {
return true;
};
Base.prototype._v_require_uid = function() {
return true;
};
Base.prototype.full_pgp_hash = function(opts, cb) {
var esc, ___iced_passed_deferral, __iced_deferrals, __iced_k;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
(function(_this) {
return (function(__iced_k) {
if (_this._full_pgp_hash === void 0) {
esc = make_esc(cb);
(function(__iced_k) {
var _ref4;
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base.full_pgp_hash"
});
if ((_ref4 = _this._v_pgp_km()) != null) {
_ref4.pgp_full_hash({}, esc(__iced_deferrals.defer({
assign_fn: (function(__slot_1) {
return function() {
return __slot_1._full_pgp_hash = arguments[0];
};
})(_this),
lineno: 323
})));
}
__iced_deferrals._fulfill();
})(__iced_k);
} else {
return __iced_k();
}
});
})(this)((function(_this) {
return function() {
return cb(null, _this._full_pgp_hash);
};
})(this));
};
Base.prototype._add_pgp_details = function(_arg, cb) {
var body, dest, err, full_hash, ___iced_passed_deferral, __iced_deferrals, __iced_k;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
body = _arg.body;
if (!this._v_include_pgp_details()) {
return cb(null);
}
dest = this._v_pgp_details_dest(body);
(function(_this) {
return (function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base._add_pgp_details"
});
_this.full_pgp_hash({}, __iced_deferrals.defer({
assign_fn: (function() {
return function() {
err = arguments[0];
return full_hash = arguments[1];
};
})(),
lineno: 332
}));
__iced_deferrals._fulfill();
});
})(this)((function(_this) {
return function() {
if (err) {
} else if (typeof full_hash !== "undefined" && full_hash !== null) {
dest.full_hash = full_hash;
if (dest.fingerprint == null) {
dest.fingerprint = _this._v_pgp_km().get_pgp_fingerprint().toString('hex');
}
} else if (_this._v_require_pgp_details()) {
err = new Error("" + (_this.proof_type_str()) + " proofs require a PGP key");
}
return cb(err);
};
})(this));
};
Base.prototype._check_pgp_details = function(_arg, cb) {
var details, err, fp_in, fp_real, hash_in, hash_real, json, kid_in, kid_real, ___iced_passed_deferral, __iced_deferrals, __iced_k;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
json = _arg.json;
err = null;
details = this._v_pgp_details_dest(json.body);
(function(_this) {
return (function(__iced_k) {
if (((hash_in = details != null ? details.full_hash : void 0) == null) || ((fp_in = details != null ? details.fingerprint : void 0) == null) || ((kid_in = details != null ? details.kid : void 0) == null)) {
return __iced_k(_this._v_require_pgp_details() ? err = new Error("" + (_this.proof_type_str()) + " proofs require a PGP key's KID, fingerprint, and full_hash but one or more were missing.") : void 0);
} else {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base._check_pgp_details"
});
_this.full_pgp_hash({}, __iced_deferrals.defer({
assign_fn: (function() {
return function() {
err = arguments[0];
return hash_real = arguments[1];
};
})(),
lineno: 350
}));
__iced_deferrals._fulfill();
})(function() {
return __iced_k(err != null ? void 0 : typeof hash_real === "undefined" || hash_real === null ? err = new Error("A PGP key hash (" + hash_in + ") was in the sig body but no key was provided") : hash_in !== hash_real ? err = new Error("New PGP key's hash (" + hash_real + ") doesn't match hash in signature (" + hash_in + ")") : fp_in !== (fp_real = _this._v_pgp_km().get_pgp_fingerprint().toString('hex')) ? err = new Error("New PGP key's fingerprint (" + fp_real + ") doesn't match fingerprint in signature (" + fp_in + ")") : kid_in !== (kid_real = _this._v_pgp_km().get_ekid().toString('hex')) ? err = new Error("New PGP key's KID (" + kid_real + ") doesn't match KID in signature (" + kid_in + ")") : void 0);
});
}
});
})(this)((function(_this) {
return function() {
return cb(err);
};
})(this));
};
Base.prototype._v_check_user = function(_arg) {
var a, b, e, has_user_id, json, v, x, _ref10, _ref11, _ref12, _ref13, _ref14, _ref4, _ref5, _ref6, _ref7, _ref8, _ref9;
json = _arg.json;
has_user_id = false;
if (json != null ? (_ref4 = json.body) != null ? (_ref5 = _ref4.key) != null ? _ref5.username : void 0 : void 0 : void 0) {
if (!cieq((a = json != null ? (_ref6 = json.body) != null ? (_ref7 = _ref6.key) != null ? _ref7.username : void 0 : void 0 : void 0), (b = this.user.local.username))) {
return new Error("Wrong local user: got '" + (errsan(a)) + "' but wanted '" + (errsan(b)) + "'");
} else {
has_user_id = true;
}
} else if (this._v_require_username()) {
return new Error("no username given, but was was required");
}
if (json != null ? (_ref8 = json.body) != null ? (_ref9 = _ref8.key) != null ? _ref9.uid : void 0 : void 0 : void 0) {
if ((a = json != null ? (_ref10 = json.body) != null ? (_ref11 = _ref10.key) != null ? _ref11.uid : void 0 : void 0 : void 0) !== (b = this.user.local.uid)) {
return new Error("Wrong local uid: got '" + (errsan(a)) + "' but wanted '" + (errsan(b)) + "'");
} else {
has_user_id = true;
}
} else if (this._v_require_uid()) {
return new Error("no uid given, but was was required");
}
if (((v = this.user.local.emails) != null) && ((e = json != null ? (_ref12 = json.body) != null ? (_ref13 = _ref12.key) != null ? _ref13.email : void 0 : void 0 : void 0) != null)) {
if (_ref14 = e.toLowerCase(), __indexOf.call((function() {
var _i, _len, _results;
_results = [];
for (_i = 0, _len = v.length; _i < _len; _i++) {
x = v[_i];
if (x != null) {
_results.push(x.toLowerCase());
}
}
return _results;
})(), _ref14) >= 0) {
has_user_id = true;
} else {
return new Error("given email '" + (errsan(e)) + "' doesn't match");
}
}
if (!has_user_id) {
return new Error("no UID or username given for signature");
}
return null;
};
Base.prototype._v_check = function(_arg, cb) {
var a, b, err, json, key, section_error, seq_type, ___iced_passed_deferral, __iced_deferrals, __iced_k, _ref4, _ref5, _ref6, _ref7;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
json = _arg.json;
seq_type = function(v) {
if (v != null) {
return v;
} else {
return constants.seq_types.PUBLIC;
}
};
err = this._v_check_user({
json: json
});
err = err != null ? err : !cieq((a = json != null ? (_ref4 = json.body) != null ? (_ref5 = _ref4.key) != null ? _ref5.host : void 0 : void 0 : void 0), (b = this.host)) ? new Error("Wrong host: got '" + (errsan(a)) + "' but wanted '" + (errsan(b)) + "'") : ((a = this._type()) != null) && ((b = json != null ? (_ref6 = json.body) != null ? _ref6.type : void 0 : void 0) !== a) ? new Error("Wrong signature type; got '" + (errsan(a)) + "' but wanted '" + (errsan(b)) + "'") : (a = this.seqno) && (a !== (b = json != null ? json.seqno : void 0)) ? (err = new errors.WrongSeqnoError("Wrong seqno; wanted '" + (errsan(a)) + "' but got '" + (errsan(b))), err.seqno = b, err) : (a = this.prev) && (a !== (b = json != null ? json.prev : void 0)) ? new Error("Wrong previous hash; wanted '" + (errsan(a)) + "' but got '" + (errsan(b)) + "'") : this.seqno && (a = seq_type(json != null ? json.seq_type : void 0)) !== (b = seq_type(this.seq_type)) ? new Error("Wrong seq_type: wanted '" + (errsan(b)) + "' but got '" + (errsan(a)) + "'") : (key = json != null ? (_ref7 = json.body) != null ? _ref7.key : void 0 : void 0) == null ? new Error("no 'body.key' block in signature") : ((a = json != null ? json.high_skip : void 0) != null) && ((b = this.high_skip) != null) ? a.seqno !== b.seqno ? new errors.BadHighSkipError("Wrong high_skip seqno: wanted '" + (errsan(b.seqno)) + "' but got '" + (errsan(a.seqno)) + "'") : a.hash !== b.hash ? new errors.BadHighSkipError("Wrong high_skip hash: wanted '" + (errsan(b.hash)) + "' but got '" + (errsan(a.hash)) + "'") : void 0 : (section_error = this._check_sections(json)) != null ? section_error : this._v_check_key(key);
(function(_this) {
return (function(__iced_k) {
if (err == null) {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base._v_check"
});
_this._check_pgp_details({
json: json
}, __iced_deferrals.defer({
assign_fn: (function() {
return function() {
return err = arguments[0];
};
})(),
lineno: 434
}));
__iced_deferrals._fulfill();
})(__iced_k);
} else {
return __iced_k();
}
});
})(this)((function(_this) {
return function() {
return cb(err);
};
})(this));
};
Base.prototype._required_sections = function() {
return ["key", "type", "version"];
};
Base.prototype._optional_sections = function() {
return ["client", "merkle_root"];
};
Base.prototype._is_wildcard_link = function() {
return false;
};
Base.prototype._check_sections = function(json) {
var section, _, _i, _len, _ref4, _ref5, _ref6;
_ref4 = this._required_sections();
for (_i = 0, _len = _ref4.length; _i < _len; _i++) {
section = _ref4[_i];
if (!(json != null ? (_ref5 = json.body) != null ? _ref5[section] : void 0 : void 0)) {
return new Error("Missing '" + section + "' section " + (json.seqno != null ? "in seqno " + json.seqno : "") + ", required for " + (errsan(json.body.type)) + " signatures");
}
}
if (!this._is_wildcard_link()) {
_ref6 = json != null ? json.body : void 0;
for (section in _ref6) {
_ = _ref6[section];
if (!((__indexOf.call(this._required_sections(), section) >= 0) || (__indexOf.call(this._optional_sections(), section) >= 0))) {
return new Error("'" + section + "' section " + (json.seqno != null ? "in seqno " + json.seqno : "") + " is not allowed for " + (errsan(json.body.type)) + " signatures");
}
}
}
return null;
};
Base.prototype.is_remote_proof = function() {
return false;
};
Base.prototype.has_revoke = function() {
return has_revoke(this);
};
Base.prototype._v_customize_json = function(ret) {};
Base.prototype._v_stub_paths = function() {
return null;
};
Base.prototype._do_stub_paths = function(_arg, cb) {
var esc, expansions, json, path, ___iced_passed_deferral, __iced_deferrals, __iced_k;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
json = _arg.json, expansions = _arg.expansions;
esc = make_esc(cb);
(function(_this) {
return (function(__iced_k) {
var _i, _len, _ref4, _results, _while;
_ref4 = _this.stub_paths || _this._v_stub_paths() || [];
_len = _ref4.length;
_i = 0;
_while = function(__iced_k) {
var _break, _continue, _next;
_break = __iced_k;
_continue = function() {
return iced.trampoline(function() {
++_i;
return _while(__iced_k);
});
};
_next = _continue;
if (!(_i < _len)) {
return _break();
} else {
path = _ref4[_i];
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base._do_stub_paths"
});
akatch((function() {
return stub_json({
path: path,
json: json,
expansions: expansions
});
}), esc(__iced_deferrals.defer({
lineno: 482
})));
__iced_deferrals._fulfill();
})(_next);
}
};
_while(__iced_k);
});
})(this)((function(_this) {
return function() {
return cb(null);
};
})(this));
};
Base.prototype.generate_json = function(_arg, cb) {
var ctime, e, ekid, err, esc, expansions, expire_in, fp, pick, ret, version, ___iced_passed_deferral, __iced_deferrals, __iced_k, _ref4;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
_ref4 = _arg != null ? _arg : {}, expire_in = _ref4.expire_in, version = _ref4.version;
err = null;
esc = make_esc(cb);
version || (version = constants.versions.sig_v1);
ctime = this.ctime != null ? this.ctime : (this.ctime = unix_time());
pick = function() {
var e, v, _i, _len;
v = 1 <= arguments.length ? __slice.call(arguments, 0) : [];
for (_i = 0, _len = v.length; _i < _len; _i++) {
e = v[_i];
if (e != null) {
return e;
}
}
return null;
};
ret = {
seqno: this.seqno,
prev: this.prev,
ctime: ctime,
tag: constants.tags.sig,
expire_in: pick(expire_in, this.expire_in, constants.expire_in),
body: {
version: version,
type: this._type(),
key: {
host: this.host,
username: this.user.local.username,
uid: this.user.local.uid
}
}
};
if ((ekid = this.km().get_ekid()) != null) {
ret.body.key.kid = ekid.toString('hex');
}
if ((fp = this.km().get_pgp_fingerprint()) != null) {
ret.body.key.fingerprint = fp.toString('hex');
ret.body.key.key_id = this.km().get_pgp_key_id().toString('hex');
}
if (this.eldest_kid != null) {
ret.body.key.eldest_kid = this.eldest_kid;
}
if ((e = this.user.local.email) != null) {
ret.body.key.email = e;
}
if (this.seq_type != null) {
ret.seq_type = this.seq_type;
}
if (this.ignore_if_unsupported != null) {
ret.ignore_if_unsupported = !!this.ignore_if_unsupported;
}
if (this.high_skip != null) {
ret.high_skip = this.high_skip;
}
if (this.client != null) {
ret.client = this.client;
}
if (this.merkle_root != null) {
ret.body.merkle_root = this.merkle_root;
}
if (this.has_revoke()) {
ret.body.revoke = this.revoke;
}
this._v_customize_json(ret);
(function(_this) {
return (function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base.generate_json"
});
_this._add_pgp_details({
body: ret.body
}, esc(__iced_deferrals.defer({
lineno: 550
})));
__iced_deferrals._fulfill();
});
})(this)((function(_this) {
return function() {
expansions = {};
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base.generate_json"
});
_this._do_stub_paths({
json: ret,
expansions: expansions
}, esc(__iced_deferrals.defer({
lineno: 552
})));
__iced_deferrals._fulfill();
})(function() {
return cb(err, json_stringify_sorted(ret), ret, expansions);
});
};
})(this));
};
Base.prototype._v_generate = function(opts, cb) {
return cb(null);
};
Base.prototype.generate = function(cb, _arg) {
var armored, dohash, esc, expansions, id, inner, json, json_obj, opts, out, pgp, raw, short_id, ___iced_passed_deferral, __iced_deferrals, __iced_k;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
dohash = (_arg != null ? _arg : {}).dohash;
esc = make_esc(cb, "generate");
out = null;
opts = {
version: constants.versions.sig_v1
};
(function(_this) {
return (function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base.generate"
});
_this._v_generate(opts, esc(__iced_deferrals.defer({
lineno: 566
})));
__iced_deferrals._fulfill();
});
})(this)((function(_this) {
return function() {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base.generate"
});
_this.generate_json(opts, esc(__iced_deferrals.defer({
assign_fn: (function() {
return function() {
json = arguments[0];
json_obj = arguments[1];
return expansions = arguments[2];
};
})(),
lineno: 567
})));
__iced_deferrals._fulfill();
})(function() {
inner = {
str: json,
obj: json_obj
};
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base.generate"
});
_this.sig_eng.box(json, esc(__iced_deferrals.defer({
assign_fn: (function() {
return function() {
pgp = arguments[0].pgp;
raw = arguments[0].raw;
return armored = arguments[0].armored;
};
})(),
lineno: 569
})), {
dohash: dohash
});
__iced_deferrals._fulfill();
})(function() {
var _ref4;
_ref4 = make_ids(raw), short_id = _ref4.short_id, id = _ref4.id;
out = {
pgp: pgp,
json: json,
id: id,
short_id: short_id,
raw: raw,
armored: armored,
inner: inner,
expansions: expansions
};
return cb(null, out);
});
});
};
})(this));
};
Base.prototype.generate_v2 = function(cb, _arg) {
var armored, dohash, esc, expansions, id, inner, o, opts, out, outer, pgp, raw, s, short_id, ___iced_passed_deferral, __iced_deferrals, __iced_k;
__iced_k = __iced_k_noop;
___iced_passed_deferral = iced.findDeferral(arguments);
dohash = (_arg != null ? _arg : {}).dohash;
this.seq_type || (this.seq_type = constants.seq_types.PUBLIC);
dohash || (dohash = false);
esc = make_esc(cb, "generate");
out = null;
opts = {
version: constants.versions.sig_v2
};
(function(_this) {
return (function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {
parent: ___iced_passed_deferral,
filename: "/Users/max/src/keybase/proofs/src/base.iced",
funcname: "Base.generate_v2"
});
_this._v_generate(opts, esc(__iced_deferrals.defer({
lineno: 584
})));
__iced_deferrals._fulfill();
});
})(this)((function(_this) {
return function() {
(function(__iced_k) {
__iced_deferrals = new iced.Deferrals(__iced_k, {