diff --git a/lib/keysigner/ca.js b/lib/keysigner/ca.js
index c32076a1e9c8618825ccbce3d4a5bd9608b2dc5e..e8ecf9208460511edf9bb887dca0a178953e7c50 100644
--- a/lib/keysigner/ca.js
+++ b/lib/keysigner/ca.js
@@ -29,7 +29,7 @@ function certify(hostname, email, publicKey, expiration, cb) {
if (expiration == null)
return cb("expiration cannot be null");
- cert.sign(publicKey, {email: email},
+ cert.sign({publicKey: publicKey, principal: {email: email}},
{issuer: hostname, issuedAt: new Date(), expiresAt: expiration},
null,
secret_key, cb);
diff --git a/lib/secrets.js b/lib/secrets.js
index eb674481e89d6b0487284c8c9597d6e4027e3988..da6528c760e7b35c9152aa0b47990871a07d5607 100644
--- a/lib/secrets.js
+++ b/lib/secrets.js
@@ -115,5 +115,7 @@ exports.publicKeyCreationDate = function(name, dir) {
};
exports.loadPublicKey = function(name, dir) {
- return jwcrypto.loadPublicKey(JSON.stringify(readAndParseCert(name, dir)['public-key']));
+ var parsedCert = readAndParseCert(name, dir);
+ var pkString = parsedCert['public-key'] || parsedCert.publicKey;
+ return jwcrypto.loadPublicKey(JSON.stringify(pkString));
};
diff --git a/package.json b/package.json
index c09dacddebe7e947f0db18657cf6912983410e16..8c79cee69d1cfc0b31f18819db2833459e945e99 100644
--- a/package.json
+++ b/package.json
@@ -18,7 +18,7 @@
"express": "2.5.0",
"gobbledygook": "0.0.3",
"mustache": "0.3.1-dev",
- "jwcrypto": "0.3.2",
+ "jwcrypto": "https://github.com/mozilla/jwcrypto/tarball/2012-07-new-data-formats",
"mysql": "0.9.5",
"nodemailer": "0.1.24",
"mkdirp": "0.3.0",
diff --git a/scripts/serve_example_primary.js b/scripts/serve_example_primary.js
index 974c4e88b3158c64ed0ea1b63a2ca9d057baafd4..e5400ce1a08c9c60eb5f830031f8d1c67873e5a4 100755
--- a/scripts/serve_example_primary.js
+++ b/scripts/serve_example_primary.js
@@ -90,7 +90,9 @@ exampleServer.post("/api/cert_key", function (req, res) {
var expiration = new Date();
var pubkey = jwcrypto.loadPublicKeyFromObject(req.body.pubkey);
expiration.setTime(new Date().valueOf() + req.body.duration * 1000);
- jwcrypto.cert.sign(pubkey, {email: user + "@" + domain}, {issuer: domain, expiresAt: expiration, issuedAt: new Date()}, {}, _privKey, function(err, cert) {
+ jwcrypto.cert.sign({publicKey: pubkey, principal: {email: user + "@" + domain}},
+ {issuer: domain, expiresAt: expiration, issuedAt: new Date()},
+ {}, _privKey, function(err, cert) {
res.json({ cert: cert });
});
});
diff --git a/tests/add-email-with-assertion-test.js b/tests/add-email-with-assertion-test.js
index e6e0688ea47dfd29fd26e39bc96bed566d3622fc..181cf262247090c795a6a38e83e4c4066eb42de6 100755
--- a/tests/add-email-with-assertion-test.js
+++ b/tests/add-email-with-assertion-test.js
@@ -68,7 +68,7 @@ suite.addBatch({
var expiration = new Date();
expiration.setTime(new Date().valueOf() + 60 * 60 * 1000);
- jwcrypto.cert.sign(g_keypair.publicKey, {email: TEST_EMAIL}, {issuer: TEST_DOMAIN, expiresAt: expiration, issuedAt: new Date()}, null, g_privKey, this.callback);
+ jwcrypto.cert.sign({publicKey: g_keypair.publicKey, principal: {email: TEST_EMAIL}}, {issuer: TEST_DOMAIN, expiresAt: expiration, issuedAt: new Date()}, null, g_privKey, this.callback);
},
"works swimmingly": function(err, cert) {
assert.isString(cert);
diff --git a/tests/auth-with-assertion-test.js b/tests/auth-with-assertion-test.js
index d82156e74b885c7b8749423c5ef051c56b6a4b43..385b96f8104e84b5d43f9a291ab0af6547464c43 100755
--- a/tests/auth-with-assertion-test.js
+++ b/tests/auth-with-assertion-test.js
@@ -88,7 +88,7 @@ suite.addBatch({
// sign this innerkeypair with the key from g_cert (g_keypair)
jwcrypto.cert.sign(
- innerKeypair.publicKey, {email: OTHER_EMAIL},
+ {publicKey: innerKeypair.publicKey, principal: {email: OTHER_EMAIL}},
{issuedAt: new Date(), expiresAt: expirationDate},
{}, primaryUser._keyPair.secretKey,
function(err, innerCert) {
diff --git a/tests/conformance-test.js b/tests/conformance-test.js
index 205cb628990567b2092ca932885bc68dfb26fbf8..5082ce4b23e4f0efe82495d4f0b8a2576aa334f7 100755
--- a/tests/conformance-test.js
+++ b/tests/conformance-test.js
@@ -193,7 +193,7 @@ suite.addBatch({
suite.addBatch({
"sign a cert": {
topic: function() {
- jwcrypto.cert.sign(userKeypair.publicKey, {email: EMAIL},
+ jwcrypto.cert.sign({publicKey: userKeypair.publicKey, principal: {email: EMAIL}},
{issuedAt: now, issuer: ISSUER, expiresAt: in_a_minute},
{},
domainKeypair.secretKey, this.callback);
diff --git a/tests/lib/primary.js b/tests/lib/primary.js
index 40d3a5200f22020b3e827bb8b33671838583c8fe..a00e3232fec7f78c55b8f847c19d83fb2c580ba4 100644
--- a/tests/lib/primary.js
+++ b/tests/lib/primary.js
@@ -30,7 +30,7 @@ User.prototype.setup = function(cb) {
var expiration = new Date();
expiration.setTime(new Date().valueOf() + 60 * 60 * 1000);
- jwcrypto.cert.sign(self._keyPair.publicKey, {email: self.options.email},
+ jwcrypto.cert.sign({publicKey: self._keyPair.publicKey, principal: {email: self.options.email}},
{expiresAt: expiration, issuer: self.options.domain, issuedAt: new Date()},
{}, self.options.privKey || g_privKey, function(err, signedCert) {
if (err) return cb(err);
diff --git a/tests/stalled-mysql-test.js b/tests/stalled-mysql-test.js
index 889dad843334ea4895a75cf3b40b63c81760827b..46b529baa6d2ab661e975122016de5a493a8d005 100755
--- a/tests/stalled-mysql-test.js
+++ b/tests/stalled-mysql-test.js
@@ -328,7 +328,7 @@ suite.addBatch({
var expiration = new Date();
expiration.setTime(new Date().valueOf() + 60 * 60 * 1000);
- jwcrypto.cert.sign(g_keypair.publicKey, {email: TEST_EMAIL},
+ jwcrypto.cert.sign({publicKey: g_keypair.publicKey, principal: {email: TEST_EMAIL}},
{expiresAt: expiration, issuedAt: new Date(), issuer: TEST_DOMAIN},
null, g_privKey, this.callback);
},
diff --git a/tests/verifier-test.js b/tests/verifier-test.js
index f6225c04884d2901f92168bc454c64379ea62178..cc93e95779e11fb42f254c2aebf45d78a7ae66ea 100755
--- a/tests/verifier-test.js
+++ b/tests/verifier-test.js
@@ -536,7 +536,7 @@ suite.addBatch({
"certify the user key": {
topic: function() {
var expiration = new Date(new Date().getTime() + (1000 * 60 * 60 * 6));
- jwcrypto.cert.sign(newClientKeypair.publicKey, {email: TEST_EMAIL},
+ jwcrypto.cert.sign({publicKey: newClientKeypair.publicKey, principal: {email: TEST_EMAIL}},
{issuedAt: new Date(), issuer: "127.0.0.1",
expiresAt: expiration},
{}, fakeDomainKeypair.secretKey, this.callback);
@@ -786,7 +786,7 @@ suite.addBatch({
"certify the user key for other issuer": {
topic: function() {
var expiration = new Date(new Date().getTime() + (1000 * 60 * 60 * 6));
- jwcrypto.cert.sign(newClientKeypair.publicKey, {email: TEST_EMAIL},
+ jwcrypto.cert.sign({publicKey: newClientKeypair.publicKey, principal: {email: TEST_EMAIL}},
{issuedAt: new Date(), issuer: "no.such.domain",
expiresAt: expiration},
{}, fakeDomainKeypair.secretKey, this.callback);
@@ -856,7 +856,7 @@ suite.addBatch({
path.join(__dirname, '..', 'example', 'primary', 'sample.privatekey')));
var expiration = new Date(new Date().getTime() + (1000 * 60 * 60 * 6));
- jwcrypto.cert.sign(newClientKeypair.publicKey, {email: TEST_EMAIL},
+ jwcrypto.cert.sign({publicKey: newClientKeypair.publicKey, principal: {email: TEST_EMAIL}},
{issuedAt: new Date(), issuer: "example.domain",
expiresAt: expiration},
{}, secretKey, this.callback);
@@ -914,7 +914,7 @@ suite.addBatch({
path.join(__dirname, '..', 'example', 'primary', 'sample.privatekey')));
var expiration = new Date(new Date().getTime() + (1000 * 60 * 60 * 6));
- jwcrypto.cert.sign(newClientKeypair.publicKey, {email: "foo@example.domain"},
+ jwcrypto.cert.sign({publicKey: newClientKeypair.publicKey, principal: {email: "foo@example.domain"}},
{issuedAt: new Date(), issuer: "example.domain",
expiresAt: expiration},
{}, secretKey, this.callback);
@@ -983,7 +983,7 @@ suite.addBatch({
// sign this innerkeypair with the key from g_cert (g_keypair)
jwcrypto.cert.sign(
- innerKeypair.publicKey, {email: OTHER_EMAIL},
+ {publicKey: innerKeypair.publicKey, principal: {email: OTHER_EMAIL}},
{issuedAt: new Date(), expiresAt: expirationDate},
{}, g_keypair.secretKey,
function(err, innerCert) {