mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-11-27 11:12:15 -05:00
parent
809cd6e495
commit
db39b779c9
@ -536,6 +536,12 @@ public class PgpKeyOperationTest {
|
|||||||
expiry, modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting().getTime() / 1000);
|
expiry, modified.getPublicKey(keyId).getUnsafeExpiryTimeForTesting().getTime() / 1000);
|
||||||
Assert.assertEquals("modified key must have same flags as before",
|
Assert.assertEquals("modified key must have same flags as before",
|
||||||
ring.getPublicKey(keyId).getKeyUsage(), modified.getPublicKey(keyId).getKeyUsage());
|
ring.getPublicKey(keyId).getKeyUsage(), modified.getPublicKey(keyId).getKeyUsage());
|
||||||
|
|
||||||
|
Date date = modified.canonicalize(new OperationLog(), 0).getPublicKey().getExpiryTime();
|
||||||
|
Assert.assertNotNull("modified key must have an expiry date", date);
|
||||||
|
Assert.assertEquals("modified key must have expected expiry date",
|
||||||
|
expiry, date.getTime() / 1000);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
|
@ -126,26 +126,27 @@ public class CanonicalizedPublicKey extends UncachedPublicKey {
|
|||||||
// the getValidSeconds method is unreliable for master keys. we need to iterate all
|
// the getValidSeconds method is unreliable for master keys. we need to iterate all
|
||||||
// user ids, then use the most recent certification from a non-revoked user id
|
// user ids, then use the most recent certification from a non-revoked user id
|
||||||
if (isMasterKey()) {
|
if (isMasterKey()) {
|
||||||
Date latestCreation = null;
|
|
||||||
seconds = 0;
|
seconds = 0;
|
||||||
|
|
||||||
|
long masterKeyId = getKeyId();
|
||||||
|
|
||||||
|
Date latestCreation = null;
|
||||||
for (byte[] rawUserId : getUnorderedRawUserIds()) {
|
for (byte[] rawUserId : getUnorderedRawUserIds()) {
|
||||||
Iterator<WrappedSignature> sigs = getSignaturesForRawId(rawUserId);
|
Iterator<WrappedSignature> sigs = getSignaturesForRawId(rawUserId);
|
||||||
|
while (sigs.hasNext()) {
|
||||||
|
WrappedSignature sig = sigs.next();
|
||||||
|
if (sig.getKeyId() != masterKeyId) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (sig.isRevocation()) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
// there is always a certification, so this call is safe
|
if (latestCreation == null || latestCreation.before(sig.getCreationTime())) {
|
||||||
WrappedSignature sig = sigs.next();
|
latestCreation = sig.getCreationTime();
|
||||||
|
seconds = sig.getKeyExpirySeconds();
|
||||||
|
}
|
||||||
|
|
||||||
// we know a user id has at most two sigs: one certification, one revocation.
|
|
||||||
// if the sig is a revocation, or there is another sig (which is a revocation),
|
|
||||||
// the data in this uid is not relevant
|
|
||||||
if (sig.isRevocation() || sigs.hasNext()) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
// this is our revocation, UNLESS there is a newer certificate!
|
|
||||||
if (latestCreation == null || latestCreation.before(sig.getCreationTime())) {
|
|
||||||
latestCreation = sig.getCreationTime();
|
|
||||||
seconds = sig.getKeyExpirySeconds();
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
Loading…
Reference in New Issue
Block a user