diff options
author | Dominik Schürmann <dominik@dominikschuermann.de> | 2015-03-15 19:35:12 +0100 |
---|---|---|
committer | Dominik Schürmann <dominik@dominikschuermann.de> | 2015-03-15 19:35:12 +0100 |
commit | d824ec3bc9e75ed89b0af14568c6422913be8a69 (patch) | |
tree | d8523fe0eea1c89d8d503db2622a28cc50a92c54 /OpenKeychain/src/main/java/org/sufficientlysecure | |
parent | 75368034bd620d3d958ba6962f19e82edcb3a562 (diff) | |
parent | db39b779c984a758e13adc16837893509f3b364f (diff) | |
download | open-keychain-d824ec3bc9e75ed89b0af14568c6422913be8a69.tar.gz open-keychain-d824ec3bc9e75ed89b0af14568c6422913be8a69.tar.bz2 open-keychain-d824ec3bc9e75ed89b0af14568c6422913be8a69.zip |
Merge branch 'development' of github.com:open-keychain/open-keychain into development
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure')
-rw-r--r-- | OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java | 31 |
1 files changed, 16 insertions, 15 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java index 303070333..8104c5249 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java @@ -126,26 +126,27 @@ public class CanonicalizedPublicKey extends UncachedPublicKey { // the getValidSeconds method is unreliable for master keys. we need to iterate all // user ids, then use the most recent certification from a non-revoked user id if (isMasterKey()) { - Date latestCreation = null; seconds = 0; + long masterKeyId = getKeyId(); + + Date latestCreation = null; for (byte[] rawUserId : getUnorderedRawUserIds()) { Iterator<WrappedSignature> sigs = getSignaturesForRawId(rawUserId); + while (sigs.hasNext()) { + WrappedSignature sig = sigs.next(); + if (sig.getKeyId() != masterKeyId) { + continue; + } + if (sig.isRevocation()) { + continue; + } + + if (latestCreation == null || latestCreation.before(sig.getCreationTime())) { + latestCreation = sig.getCreationTime(); + seconds = sig.getKeyExpirySeconds(); + } - // there is always a certification, so this call is safe - WrappedSignature sig = sigs.next(); - - // we know a user id has at most two sigs: one certification, one revocation. - // if the sig is a revocation, or there is another sig (which is a revocation), - // the data in this uid is not relevant - if (sig.isRevocation() || sigs.hasNext()) { - continue; - } - - // this is our revocation, UNLESS there is a newer certificate! - if (latestCreation == null || latestCreation.before(sig.getCreationTime())) { - latestCreation = sig.getCreationTime(); - seconds = sig.getKeyExpirySeconds(); } } } else { |