From 0d6d4653b43fcf1389b470afd7364854505d96c2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= <dominik@dominikschuermann.de>
Date: Wed, 8 Oct 2014 18:31:31 +0200
Subject: Big error screen if signature is invalid or key is revoked/expired,
 also fixes signature status for expired and revoked keys

---
 .../sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java | 11 +++++++++++
 .../keychain/pgp/OpenPgpSignatureResultBuilder.java           | 11 ++++++++---
 2 files changed, 19 insertions(+), 3 deletions(-)

(limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
index 905cae17e..b1e7eaeb5 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
@@ -25,6 +25,7 @@ import org.sufficientlysecure.keychain.util.IterableIterator;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.util.ArrayList;
+import java.util.Date;
 
 /** A generic wrapped PGPKeyRing object.
  *
@@ -76,6 +77,16 @@ public abstract class CanonicalizedKeyRing extends KeyRing {
         return getRing().getPublicKey().isRevoked();
     }
 
+    public boolean isExpired() throws PgpGeneralException {
+        // Is the master key expired?
+        Date creationDate = getRing().getPublicKey().getCreationTime();
+        Date expiryDate = getRing().getPublicKey().getValidSeconds() > 0
+                ? new Date(creationDate.getTime() + getRing().getPublicKey().getValidSeconds() * 1000) : null;
+
+        Date now = new Date();
+        return creationDate.after(now) || (expiryDate != null && expiryDate.before(now));
+    }
+
     public boolean canCertify() throws PgpGeneralException {
         return getRing().getPublicKey().isEncryptionKey();
     }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
index 3d41c928b..c7241c723 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
@@ -103,9 +103,14 @@ public class OpenPgpSignatureResultBuilder {
         Log.d(Constants.TAG, "signingRing.getUnorderedUserIds(): " + signingRing.getUnorderedUserIds());
         setUserIds(signingRing.getUnorderedUserIds());
 
-        // from KEY
-        setKeyExpired(signingKey.isExpired());
-        setKeyRevoked(signingKey.isRevoked());
+        // either master key is expired/revoked or this specific subkey is expired/revoked
+        try {
+            setKeyExpired(signingRing.isExpired() || signingKey.isExpired());
+            setKeyRevoked(signingRing.isRevoked() || signingKey.isRevoked());
+        } catch (PgpGeneralException e) {
+            Log.e(Constants.TAG, "shouldn't happen!");
+            setKeyRevoked(true);
+        }
     }
 
     public OpenPgpSignatureResult build() {
-- 
cgit v1.2.3