1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-01-09 03:37:57 +01:00

Prevent subkey binding signature from predating subkey

Fixes #419
This commit is contained in:
Paul Schaub 2023-11-30 17:58:10 +01:00
parent 49de608785
commit f39d2c5566
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 10 additions and 6 deletions

View file

@ -246,7 +246,11 @@ class KeyRingBuilder : KeyRingBuilderInterface<KeyRingBuilder> {
const val MILLIS_IN_YEAR = 1000L * 60 * 60 * 24 * 365 const val MILLIS_IN_YEAR = 1000L * 60 * 60 * 24 * 365
@JvmStatic @JvmStatic
fun generateKeyPair(spec: KeySpec): PGPKeyPair { @JvmOverloads
fun generateKeyPair(
spec: KeySpec,
creationTime: Date = spec.keyCreationDate ?: Date()
): PGPKeyPair {
spec.keyType.let { type -> spec.keyType.let { type ->
// Create raw Key Pair // Create raw Key Pair
val keyPair = val keyPair =
@ -254,10 +258,9 @@ class KeyRingBuilder : KeyRingBuilderInterface<KeyRingBuilder> {
.also { it.initialize(type.algorithmSpec) } .also { it.initialize(type.algorithmSpec) }
.generateKeyPair() .generateKeyPair()
val keyCreationDate = spec.keyCreationDate ?: Date()
// Form PGP Key Pair // Form PGP Key Pair
return ImplementationFactory.getInstance() return ImplementationFactory.getInstance()
.getPGPKeyPair(type.algorithm, keyPair, keyCreationDate) .getPGPKeyPair(type.algorithm, keyPair, creationTime)
} }
} }
} }

View file

@ -15,7 +15,7 @@ data class KeySpec(
val keyType: KeyType, val keyType: KeyType,
val subpacketGenerator: SignatureSubpackets, val subpacketGenerator: SignatureSubpackets,
val isInheritedSubPackets: Boolean, val isInheritedSubPackets: Boolean,
val keyCreationDate: Date val keyCreationDate: Date?
) { ) {
val subpackets: PGPSignatureSubpacketVector val subpackets: PGPSignatureSubpacketVector

View file

@ -25,7 +25,7 @@ constructor(
private var preferredHashAlgorithms: Set<HashAlgorithm> = algorithmSuite.hashAlgorithms private var preferredHashAlgorithms: Set<HashAlgorithm> = algorithmSuite.hashAlgorithms
private var preferredSymmetricAlgorithms: Set<SymmetricKeyAlgorithm> = private var preferredSymmetricAlgorithms: Set<SymmetricKeyAlgorithm> =
algorithmSuite.symmetricKeyAlgorithms algorithmSuite.symmetricKeyAlgorithms
private var keyCreationDate = Date() private var keyCreationDate: Date? = null
constructor(type: KeyType, vararg keyFlags: KeyFlag) : this(type, listOf(*keyFlags)) constructor(type: KeyType, vararg keyFlags: KeyFlag) : this(type, listOf(*keyFlags))

View file

@ -231,6 +231,7 @@ class SecretKeyRingEditor(
override fun modifyHashedSubpackets(hashedSubpackets: SelfSignatureSubpackets) { override fun modifyHashedSubpackets(hashedSubpackets: SelfSignatureSubpackets) {
SignatureSubpacketsHelper.applyFrom( SignatureSubpacketsHelper.applyFrom(
keySpec.subpackets, hashedSubpackets as SignatureSubpackets) keySpec.subpackets, hashedSubpackets as SignatureSubpackets)
hashedSubpackets.setSignatureCreationTime(referenceTime)
} }
} }
return addSubKey(keySpec, subkeyPassphrase, callback, protector) return addSubKey(keySpec, subkeyPassphrase, callback, protector)
@ -242,7 +243,7 @@ class SecretKeyRingEditor(
callback: SelfSignatureSubpackets.Callback?, callback: SelfSignatureSubpackets.Callback?,
protector: SecretKeyRingProtector protector: SecretKeyRingProtector
): SecretKeyRingEditorInterface { ): SecretKeyRingEditorInterface {
val keyPair = KeyRingBuilder.generateKeyPair(keySpec) val keyPair = KeyRingBuilder.generateKeyPair(keySpec, referenceTime)
val subkeyProtector = val subkeyProtector =
PasswordBasedSecretKeyRingProtector.forKeyId(keyPair.keyID, subkeyPassphrase) PasswordBasedSecretKeyRingProtector.forKeyId(keyPair.keyID, subkeyPassphrase)
val keyFlags = KeyFlag.fromBitmask(keySpec.subpackets.keyFlags).toMutableList() val keyFlags = KeyFlag.fromBitmask(keySpec.subpackets.keyFlags).toMutableList()