moparisthebest/open-keychain
1
0
Fork 0
mirror of https://github.com/moparisthebest/open-keychain synced 2024-11-27 11:12:15 -05:00
Code Issues Releases Wiki Activity

Allow for creation date to be in the future up to one day to account for diverging clocks on different systems for fresh keys

Browse Source
This commit is contained in:
Dominik Schürmann 2014-12-28 20:57:03 +01:00
parent 7dbf0abf7b
commit a86abe04cd
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
View File

@ -49,11 +49,13 @@ import java.io.InputStream;
import java.io.OutputStream; import java.io.OutputStream;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Calendar;
import java.util.Comparator; import java.util.Comparator;
import java.util.Date; import java.util.Date;
import java.util.HashSet; import java.util.HashSet;
import java.util.Iterator; import java.util.Iterator;
import java.util.Set; import java.util.Set;
import java.util.TimeZone;
import java.util.TreeSet; import java.util.TreeSet;
/** Wrapper around PGPKeyRing class, to be constructed from bytes. /** Wrapper around PGPKeyRing class, to be constructed from bytes.
@ -276,7 +278,10 @@ public class UncachedKeyRing {
return null; return null;
} }
final Date now = new Date(); Calendar nowCal = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
// allow for diverging clocks up to one day when checking creation time
nowCal.add(Calendar.DAY_OF_YEAR, 1);
final Date nowPlusOneDay = nowCal.getTime();
int redundantCerts = 0, badCerts = 0; int redundantCerts = 0, badCerts = 0;
@ -321,7 +326,7 @@ public class UncachedKeyRing {
continue; continue;
} }
if (cert.getCreationTime().after(now)) { if (cert.getCreationTime().after(nowPlusOneDay)) {
// Creation date in the future? No way! // Creation date in the future? No way!
log.add(LogType.MSG_KC_REVOKE_BAD_TIME, indent); log.add(LogType.MSG_KC_REVOKE_BAD_TIME, indent);
modified = PGPPublicKey.removeCertification(modified, zert); modified = PGPPublicKey.removeCertification(modified, zert);
@ -410,7 +415,7 @@ public class UncachedKeyRing {
continue; continue;
} }
if (cert.getCreationTime().after(now)) { if (cert.getCreationTime().after(nowPlusOneDay)) {
// Creation date in the future? No way! // Creation date in the future? No way!
log.add(LogType.MSG_KC_UID_BAD_TIME, indent); log.add(LogType.MSG_KC_UID_BAD_TIME, indent);
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert); modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
@ -592,7 +597,7 @@ public class UncachedKeyRing {
continue; continue;
} }
if (cert.getCreationTime().after(now)) { if (cert.getCreationTime().after(nowPlusOneDay)) {
// Creation date in the future? No way! // Creation date in the future? No way!
log.add(LogType.MSG_KC_SUB_BAD_TIME, indent); log.add(LogType.MSG_KC_SUB_BAD_TIME, indent);
badCerts += 1; badCerts += 1;