aboutsummaryrefslogtreecommitdiffstats
path: root/OpenKeychain
diff options
context:
space:
mode:
authorVincent Breitmoser <valodim@mugenguild.com>2015-05-28 11:40:35 +0200
committerVincent Breitmoser <valodim@mugenguild.com>2015-05-28 16:33:45 +0200
commiteb830c6786c500d69ce2a06203b7cf336ae8a9bf (patch)
tree6c5a2d844802caf5edc4d890e1e752f285f3e546 /OpenKeychain
parent5c8af1c5a5ad4be2bf3f2f657fe3fbd2f1fe8a24 (diff)
downloadopen-keychain-eb830c6786c500d69ce2a06203b7cf336ae8a9bf.tar.gz
open-keychain-eb830c6786c500d69ce2a06203b7cf336ae8a9bf.tar.bz2
open-keychain-eb830c6786c500d69ce2a06203b7cf336ae8a9bf.zip
warn on signature earlier than key creation, err on significantly earlier
Diffstat (limited to 'OpenKeychain')
-rw-r--r--OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java1
-rw-r--r--OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java21
-rw-r--r--OpenKeychain/src/main/res/values/strings.xml1
3 files changed, 23 insertions, 0 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
index 119678f16..1cbff8a0d 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
@@ -401,6 +401,7 @@ public abstract class OperationResult implements Parcelable {
MSG_KC_SUB_BAD_LOCAL(LogLevel.WARN, R.string.msg_kc_sub_bad_local),
MSG_KC_SUB_BAD_KEYID(LogLevel.WARN, R.string.msg_kc_sub_bad_keyid),
MSG_KC_SUB_BAD_TIME(LogLevel.WARN, R.string.msg_kc_sub_bad_time),
+ MSG_KC_SUB_BAD_TIME_EARLY(LogLevel.WARN, R.string.msg_kc_sub_bad_time_early),
MSG_KC_SUB_BAD_TYPE(LogLevel.WARN, R.string.msg_kc_sub_bad_type),
MSG_KC_SUB_DUP (LogLevel.DEBUG, R.string.msg_kc_sub_dup),
MSG_KC_SUB_PRIMARY_BAD(LogLevel.WARN, R.string.msg_kc_sub_primary_bad),
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
index 2bb4f7dc4..ecf68890e 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
@@ -820,6 +820,15 @@ public class UncachedKeyRing {
continue;
}
+ Date keyCreationTime = key.getCreationTime(), keyCreationTimeLenient;
+ {
+ Calendar keyCreationCal = Calendar.getInstance();
+ keyCreationCal.setTime(keyCreationTime);
+ // allow for diverging clocks up to one day when checking creation time
+ keyCreationCal.add(Calendar.MINUTE, -5);
+ keyCreationTimeLenient = keyCreationCal.getTime();
+ }
+
// A subkey needs exactly one subkey binding certificate, and optionally one revocation
// certificate.
PGPPublicKey modified = key;
@@ -851,6 +860,18 @@ public class UncachedKeyRing {
continue;
}
+ if (cert.getCreationTime().before(keyCreationTime)) {
+ // Signature is earlier than key creation time
+ log.add(LogType.MSG_KC_SUB_BAD_TIME_EARLY, indent);
+ // due to an earlier accident, we generated keys which had creation timestamps
+ // a few seconds after their signature timestamp. for compatibility, we only
+ // error out with some margin of error
+ if (cert.getCreationTime().before(keyCreationTimeLenient)) {
+ badCerts += 1;
+ continue;
+ }
+ }
+
if (cert.isLocal()) {
// Creation date in the future? No way!
log.add(LogType.MSG_KC_SUB_BAD_LOCAL, indent);
diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml
index 3ae4afa35..d2563a38b 100644
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@@ -829,6 +829,7 @@
<string name="msg_kc_sub_bad_local">"Removing subkey binding certificate with 'local' flag"</string>
<string name="msg_kc_sub_bad_keyid">"Subkey binding issuer id mismatch"</string>
<string name="msg_kc_sub_bad_time">"Removing subkey binding certificate with future timestamp"</string>
+ <string name="msg_kc_sub_bad_time_early">"Subkey binding certificate has earlier timestamp than its key!"</string>
<string name="msg_kc_sub_bad_type">"Unknown subkey certificate type: %s"</string>
<string name="msg_kc_sub_dup">"Removing redundant subkey binding certificate"</string>
<string name="msg_kc_sub_primary_bad">"Removing subkey binding certificate due to invalid primary binding certificate"</string>