1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-23 03:17:58 +01:00

Properly resolve earliest expiration date when primary user-id + direct-key sig have expiraiton

Rename getPossiblyExpiredPrimaryUserId() method
This commit is contained in:
Paul Schaub 2021-12-23 17:10:44 +01:00
parent ad5399e083
commit 31b7d18183
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 28 additions and 9 deletions

View file

@ -644,22 +644,41 @@ public class KeyRingInfo {
*/
public @Nullable Date getPrimaryKeyExpirationDate() {
PGPSignature directKeySig = getLatestDirectKeySelfSignature();
Date directKeyExpirationDate = null;
if (directKeySig != null) {
Date directKeyExpirationDate = SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(directKeySig, getPublicKey());
if (directKeyExpirationDate != null) {
directKeyExpirationDate = SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(directKeySig, getPublicKey());
}
PGPSignature primaryUserIdCertification = null;
Date userIdExpirationDate = null;
String possiblyExpiredPrimaryUserId = getPossiblyExpiredPrimaryUserId();
if (possiblyExpiredPrimaryUserId != null) {
primaryUserIdCertification = getLatestUserIdCertification(possiblyExpiredPrimaryUserId);
if (primaryUserIdCertification != null) {
userIdExpirationDate = SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(primaryUserIdCertification, getPublicKey());
}
}
if (directKeySig == null && primaryUserIdCertification == null) {
throw new NoSuchElementException("No direct-key signature and no user-id signature found.");
}
if (directKeyExpirationDate != null && userIdExpirationDate == null) {
return directKeyExpirationDate;
}
if (directKeyExpirationDate == null) {
return userIdExpirationDate;
}
PGPSignature primaryUserIdCertification = getLatestUserIdCertification(getPossiblyExpiredUserId());
if (primaryUserIdCertification != null) {
return SignatureSubpacketsUtil.getKeyExpirationTimeAsDate(primaryUserIdCertification, getPublicKey());
if (directKeyExpirationDate.before(userIdExpirationDate)) {
return directKeyExpirationDate;
}
throw new NoSuchElementException("No suitable signatures found on the key.");
return userIdExpirationDate;
}
public String getPossiblyExpiredUserId() {
public String getPossiblyExpiredPrimaryUserId() {
String validPrimaryUserId = getPrimaryUserId();
if (validPrimaryUserId != null) {
return validPrimaryUserId;

View file

@ -515,7 +515,7 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
}
// reissue primary user-id sig
String primaryUserId = PGPainless.inspectKeyRing(secretKeyRing).getPossiblyExpiredUserId();
String primaryUserId = PGPainless.inspectKeyRing(secretKeyRing).getPossiblyExpiredPrimaryUserId();
if (primaryUserId != null) {
PGPSignature prevUserIdSig = getPreviousUserIdSignatures(primaryUserId);
PGPSignature userIdSig = reissuePrimaryUserIdSig(expiration, secretKeyRingProtector, primaryUserId, prevUserIdSig);