mirror of
https://github.com/pgpainless/pgpainless.git
synced 2025-01-10 20:27:58 +01:00
Properly resolve earliest expiration date when primary user-id + direct-key sig have expiraiton
Rename getPossiblyExpiredPrimaryUserId() method
This commit is contained in:
parent
ad5399e083
commit
31b7d18183
2 changed files with 28 additions and 9 deletions
|
@ -644,22 +644,41 @@ public class KeyRingInfo {
|
||||||
*/
|
*/
|
||||||
public @Nullable Date getPrimaryKeyExpirationDate() {
|
public @Nullable Date getPrimaryKeyExpirationDate() {
|
||||||
PGPSignature directKeySig = getLatestDirectKeySelfSignature();
|
PGPSignature directKeySig = getLatestDirectKeySelfSignature();
|
||||||
|
Date directKeyExpirationDate = null;
|
||||||
if (directKeySig != null) {
|
if (directKeySig != null) {
|
||||||
Date directKeyExpirationDate = SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(directKeySig, getPublicKey());
|
directKeyExpirationDate = SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(directKeySig, getPublicKey());
|
||||||
if (directKeyExpirationDate != null) {
|
}
|
||||||
return directKeyExpirationDate;
|
|
||||||
|
PGPSignature primaryUserIdCertification = null;
|
||||||
|
Date userIdExpirationDate = null;
|
||||||
|
String possiblyExpiredPrimaryUserId = getPossiblyExpiredPrimaryUserId();
|
||||||
|
if (possiblyExpiredPrimaryUserId != null) {
|
||||||
|
primaryUserIdCertification = getLatestUserIdCertification(possiblyExpiredPrimaryUserId);
|
||||||
|
if (primaryUserIdCertification != null) {
|
||||||
|
userIdExpirationDate = SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(primaryUserIdCertification, getPublicKey());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
PGPSignature primaryUserIdCertification = getLatestUserIdCertification(getPossiblyExpiredUserId());
|
if (directKeySig == null && primaryUserIdCertification == null) {
|
||||||
if (primaryUserIdCertification != null) {
|
throw new NoSuchElementException("No direct-key signature and no user-id signature found.");
|
||||||
return SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(primaryUserIdCertification, getPublicKey());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
throw new NoSuchElementException("No suitable signatures found on the key.");
|
if (directKeyExpirationDate != null && userIdExpirationDate == null) {
|
||||||
|
return directKeyExpirationDate;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (directKeyExpirationDate == null) {
|
||||||
|
return userIdExpirationDate;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (directKeyExpirationDate.before(userIdExpirationDate)) {
|
||||||
|
return directKeyExpirationDate;
|
||||||
|
}
|
||||||
|
|
||||||
|
return userIdExpirationDate;
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getPossiblyExpiredUserId() {
|
public String getPossiblyExpiredPrimaryUserId() {
|
||||||
String validPrimaryUserId = getPrimaryUserId();
|
String validPrimaryUserId = getPrimaryUserId();
|
||||||
if (validPrimaryUserId != null) {
|
if (validPrimaryUserId != null) {
|
||||||
return validPrimaryUserId;
|
return validPrimaryUserId;
|
||||||
|
|
|
@ -515,7 +515,7 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||||
}
|
}
|
||||||
|
|
||||||
// reissue primary user-id sig
|
// reissue primary user-id sig
|
||||||
String primaryUserId = PGPainless.inspectKeyRing(secretKeyRing).getPossiblyExpiredUserId();
|
String primaryUserId = PGPainless.inspectKeyRing(secretKeyRing).getPossiblyExpiredPrimaryUserId();
|
||||||
if (primaryUserId != null) {
|
if (primaryUserId != null) {
|
||||||
PGPSignature prevUserIdSig = getPreviousUserIdSignatures(primaryUserId);
|
PGPSignature prevUserIdSig = getPreviousUserIdSignatures(primaryUserId);
|
||||||
PGPSignature userIdSig = reissuePrimaryUserIdSig(expiration, secretKeyRingProtector, primaryUserId, prevUserIdSig);
|
PGPSignature userIdSig = reissuePrimaryUserIdSig(expiration, secretKeyRingProtector, primaryUserId, prevUserIdSig);
|
||||||
|
|
Loading…
Reference in a new issue