binding signatures have the same creation time

author: Ashley Hughes <spirit.returned@gmail.com> 2014-01-30 09:50:56 +0000
committer: Ashley Hughes <spirit.returned@gmail.com> 2014-01-30 09:50:56 +0000
commit: 358ab7d7e44314acc4659809e6f7a3e8b78b532b (patch)
tree: 97e723f7940b46f9e49d298bef6695b4ba65096b /OpenPGP-Keychain
parent: 39d24d6d9dbab543cd5c4507dd33d3e3de182d69 (diff)
download: open-keychain-358ab7d7e44314acc4659809e6f7a3e8b78b532b.tar.gz
open-keychain-358ab7d7e44314acc4659809e6f7a3e8b78b532b.tar.bz2
open-keychain-358ab7d7e44314acc4659809e6f7a3e8b78b532b.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
index 8a7dc9fa4..eed0ed256 100644
--- a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
+++ b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
@@ -379,14 +379,19 @@ public class PgpKeyOperation {
             usageId = keysUsages.get(i);
             canSign = (usageId == Id.choice.usage.sign_only || usageId == Id.choice.usage.sign_and_encrypt);
             canEncrypt = (usageId == Id.choice.usage.encrypt_only || usageId == Id.choice.usage.sign_and_encrypt);
-            if (canSign) { // TODO: ensure signing times are the same, like gpg
+            if (canSign) {
+                Date todayDate = new Date(); //both sig times the same
                 keyFlags |= KeyFlags.SIGN_DATA;
                 // cross-certify signing keys
+                hashedPacketsGen.setSignatureCreationTime(false, todayDate); //set outer creation time
+                PGPSignatureSubpacketGenerator subHashedPacketsGen = new PGPSignatureSubpacketGenerator();
+                subHashedPacketsGen.setSignatureCreationTime(false, todayDate); //set inner creation time
                 PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
                         subPublicKey.getAlgorithm(), PGPUtil.SHA1)
                         .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
                 PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
                 sGen.init(PGPSignature.PRIMARYKEY_BINDING, subPrivateKey);
+                sGen.setHashedSubpackets(subHashedPacketsGen.generate());
                 PGPSignature certification = sGen.generateCertification(masterPublicKey,
                         subPublicKey);
                 unhashedPacketsGen.setEmbeddedSignature(false, certification);
author	Ashley Hughes <spirit.returned@gmail.com>	2014-01-30 09:50:56 +0000
committer	Ashley Hughes <spirit.returned@gmail.com>	2014-01-30 09:50:56 +0000
commit	358ab7d7e44314acc4659809e6f7a3e8b78b532b (patch)
tree	97e723f7940b46f9e49d298bef6695b4ba65096b /OpenPGP-Keychain
parent	39d24d6d9dbab543cd5c4507dd33d3e3de182d69 (diff)
download	open-keychain-358ab7d7e44314acc4659809e6f7a3e8b78b532b.tar.gz open-keychain-358ab7d7e44314acc4659809e6f7a3e8b78b532b.tar.bz2 open-keychain-358ab7d7e44314acc4659809e6f7a3e8b78b532b.zip