1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-23 11:27:57 +01:00

Properly resolve earliest expiration date when primary user-id + direct-key sig have expiraiton

Rename getPossiblyExpiredPrimaryUserId() method
This commit is contained in:
Paul Schaub 2021-12-23 17:10:44 +01:00
parent ad5399e083
commit 31b7d18183
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 28 additions and 9 deletions

View file

@ -644,22 +644,41 @@ public class KeyRingInfo {
*/ */
public @Nullable Date getPrimaryKeyExpirationDate() { public @Nullable Date getPrimaryKeyExpirationDate() {
PGPSignature directKeySig = getLatestDirectKeySelfSignature(); PGPSignature directKeySig = getLatestDirectKeySelfSignature();
Date directKeyExpirationDate = null;
if (directKeySig != null) { if (directKeySig != null) {
Date directKeyExpirationDate = SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(directKeySig, getPublicKey()); directKeyExpirationDate = SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(directKeySig, getPublicKey());
if (directKeyExpirationDate != null) { }
PGPSignature primaryUserIdCertification = null;
Date userIdExpirationDate = null;
String possiblyExpiredPrimaryUserId = getPossiblyExpiredPrimaryUserId();
if (possiblyExpiredPrimaryUserId != null) {
primaryUserIdCertification = getLatestUserIdCertification(possiblyExpiredPrimaryUserId);
if (primaryUserIdCertification != null) {
userIdExpirationDate = SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(primaryUserIdCertification, getPublicKey());
}
}
if (directKeySig == null && primaryUserIdCertification == null) {
throw new NoSuchElementException("No direct-key signature and no user-id signature found.");
}
if (directKeyExpirationDate != null && userIdExpirationDate == null) {
return directKeyExpirationDate; return directKeyExpirationDate;
} }
if (directKeyExpirationDate == null) {
return userIdExpirationDate;
} }
PGPSignature primaryUserIdCertification = getLatestUserIdCertification(getPossiblyExpiredUserId()); if (directKeyExpirationDate.before(userIdExpirationDate)) {
if (primaryUserIdCertification != null) { return directKeyExpirationDate;
return SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(primaryUserIdCertification, getPublicKey());
} }
throw new NoSuchElementException("No suitable signatures found on the key."); return userIdExpirationDate;
} }
public String getPossiblyExpiredUserId() { public String getPossiblyExpiredPrimaryUserId() {
String validPrimaryUserId = getPrimaryUserId(); String validPrimaryUserId = getPrimaryUserId();
if (validPrimaryUserId != null) { if (validPrimaryUserId != null) {
return validPrimaryUserId; return validPrimaryUserId;

View file

@ -515,7 +515,7 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
} }
// reissue primary user-id sig // reissue primary user-id sig
String primaryUserId = PGPainless.inspectKeyRing(secretKeyRing).getPossiblyExpiredUserId(); String primaryUserId = PGPainless.inspectKeyRing(secretKeyRing).getPossiblyExpiredPrimaryUserId();
if (primaryUserId != null) { if (primaryUserId != null) {
PGPSignature prevUserIdSig = getPreviousUserIdSignatures(primaryUserId); PGPSignature prevUserIdSig = getPreviousUserIdSignatures(primaryUserId);
PGPSignature userIdSig = reissuePrimaryUserIdSig(expiration, secretKeyRingProtector, primaryUserId, prevUserIdSig); PGPSignature userIdSig = reissuePrimaryUserIdSig(expiration, secretKeyRingProtector, primaryUserId, prevUserIdSig);