Big error screen if signature is invalid or key is revoked/expired, also fixes signature status for expired and revoked keys

author: Dominik Schürmann <dominik@dominikschuermann.de> 2014-10-08 18:31:31 +0200
committer: Dominik Schürmann <dominik@dominikschuermann.de> 2014-10-08 18:31:31 +0200
commit: 0d6d4653b43fcf1389b470afd7364854505d96c2 (patch)
tree: ba42b4d9c4f960036a4ff80b800bd66743e893f8 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp
parent: 2eb776594f378ac7a14ea716f0a7470d34230ec2 (diff)
download: open-keychain-0d6d4653b43fcf1389b470afd7364854505d96c2.tar.gz
open-keychain-0d6d4653b43fcf1389b470afd7364854505d96c2.tar.bz2
open-keychain-0d6d4653b43fcf1389b470afd7364854505d96c2.zip
2 files changed, 19 insertions, 3 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
index 905cae17e..b1e7eaeb5 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
@@ -25,6 +25,7 @@ import org.sufficientlysecure.keychain.util.IterableIterator;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.util.ArrayList;
+import java.util.Date;
 
 /** A generic wrapped PGPKeyRing object.
  *
@@ -76,6 +77,16 @@ public abstract class CanonicalizedKeyRing extends KeyRing {
         return getRing().getPublicKey().isRevoked();
     }
 
+    public boolean isExpired() throws PgpGeneralException {
+        // Is the master key expired?
+        Date creationDate = getRing().getPublicKey().getCreationTime();
+        Date expiryDate = getRing().getPublicKey().getValidSeconds() > 0
+                ? new Date(creationDate.getTime() + getRing().getPublicKey().getValidSeconds() * 1000) : null;
+
+        Date now = new Date();
+        return creationDate.after(now) || (expiryDate != null && expiryDate.before(now));
+    }
+
     public boolean canCertify() throws PgpGeneralException {
         return getRing().getPublicKey().isEncryptionKey();
     }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
index 3d41c928b..c7241c723 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
@@ -103,9 +103,14 @@ public class OpenPgpSignatureResultBuilder {
         Log.d(Constants.TAG, "signingRing.getUnorderedUserIds(): " + signingRing.getUnorderedUserIds());
         setUserIds(signingRing.getUnorderedUserIds());
 
-        // from KEY
-        setKeyExpired(signingKey.isExpired());
-        setKeyRevoked(signingKey.isRevoked());
+        // either master key is expired/revoked or this specific subkey is expired/revoked
+        try {
+            setKeyExpired(signingRing.isExpired() || signingKey.isExpired());
+            setKeyRevoked(signingRing.isRevoked() || signingKey.isRevoked());
+        } catch (PgpGeneralException e) {
+            Log.e(Constants.TAG, "shouldn't happen!");
+            setKeyRevoked(true);
+        }
     }
 
     public OpenPgpSignatureResult build() {
author	Dominik Schürmann <dominik@dominikschuermann.de>	2014-10-08 18:31:31 +0200
committer	Dominik Schürmann <dominik@dominikschuermann.de>	2014-10-08 18:31:31 +0200
commit	0d6d4653b43fcf1389b470afd7364854505d96c2 (patch)
tree	ba42b4d9c4f960036a4ff80b800bd66743e893f8 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp
parent	2eb776594f378ac7a14ea716f0a7470d34230ec2 (diff)
download	open-keychain-0d6d4653b43fcf1389b470afd7364854505d96c2.tar.gz open-keychain-0d6d4653b43fcf1389b470afd7364854505d96c2.tar.bz2 open-keychain-0d6d4653b43fcf1389b470afd7364854505d96c2.zip