mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-10 14:35:59 +01:00
Backport f39d2c5566
Prevent subkey binding signature from predating subkey Fixes #419
This commit is contained in:
parent
b7e8b56e3d
commit
4f85a29e0c
2 changed files with 12 additions and 3 deletions
|
@ -304,6 +304,16 @@ public class KeyRingBuilder implements KeyRingBuilderInterface<KeyRingBuilder> {
|
|||
public static PGPKeyPair generateKeyPair(KeySpec spec)
|
||||
throws NoSuchAlgorithmException, PGPException,
|
||||
InvalidAlgorithmParameterException {
|
||||
Date keyCreationDate = spec.getKeyCreationDate();
|
||||
if (keyCreationDate == null) {
|
||||
keyCreationDate = new Date();
|
||||
}
|
||||
return generateKeyPair(spec, keyCreationDate);
|
||||
}
|
||||
|
||||
public static PGPKeyPair generateKeyPair(KeySpec spec, Date keyCreationDate)
|
||||
throws NoSuchAlgorithmException, PGPException,
|
||||
InvalidAlgorithmParameterException {
|
||||
KeyType type = spec.getKeyType();
|
||||
KeyPairGenerator certKeyGenerator = KeyPairGenerator.getInstance(type.getName(),
|
||||
ProviderFactory.getProvider());
|
||||
|
@ -312,8 +322,6 @@ public class KeyRingBuilder implements KeyRingBuilderInterface<KeyRingBuilder> {
|
|||
// Create raw Key Pair
|
||||
KeyPair keyPair = certKeyGenerator.generateKeyPair();
|
||||
|
||||
Date keyCreationDate = spec.getKeyCreationDate() != null ? spec.getKeyCreationDate() : new Date();
|
||||
|
||||
// Form PGP key pair
|
||||
PGPKeyPair pgpKeyPair = ImplementationFactory.getInstance()
|
||||
.getPGPKeyPair(type.getAlgorithm(), keyPair, keyCreationDate);
|
||||
|
|
|
@ -290,6 +290,7 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
|||
@Override
|
||||
public void modifyHashedSubpackets(SelfSignatureSubpackets hashedSubpackets) {
|
||||
SignatureSubpacketsHelper.applyFrom(keySpec.getSubpackets(), (SignatureSubpackets) hashedSubpackets);
|
||||
hashedSubpackets.setSignatureCreationTime(referenceTime);
|
||||
}
|
||||
};
|
||||
|
||||
|
@ -307,7 +308,7 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
|||
@Nullable SelfSignatureSubpackets.Callback subpacketsCallback,
|
||||
@Nonnull SecretKeyRingProtector secretKeyRingProtector)
|
||||
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException {
|
||||
PGPKeyPair keyPair = KeyRingBuilder.generateKeyPair(keySpec);
|
||||
PGPKeyPair keyPair = KeyRingBuilder.generateKeyPair(keySpec, referenceTime);
|
||||
|
||||
SecretKeyRingProtector subKeyProtector = PasswordBasedSecretKeyRingProtector
|
||||
.forKeyId(keyPair.getKeyID(), subkeyPassphrase);
|
||||
|
|
Loading…
Reference in a new issue