openpgp: SignatureBuilder should return an OpenPGP timestamp.

  - `SignatureBuilder::effective_signature_creation_time` is supposed
    to return the effective signature creation time.  That is, it
    should return the signature creation time that would be used if the
    signature were created now.

  - The function returns a `SystemTime`, which has a different
    resolution and range from an OpenPGP timestamp.

  - When using the current time, roundtrip it via `types::Timestamp`
    to return the timestamp that will actually be set.

1 files changed, 8 insertions, 3 deletions

diff --git a/openpgp/src/packet/signature.rs b/openpgp/src/packet/signature.rs
index 3176916d..c3da751a 100644
--- a/openpgp/src/packet/signature.rs
+++ b/openpgp/src/packet/signature.rs
@@ -1627,12 +1627,17 @@ impl SignatureBuilder {
     {
         use std::time;
 
-        let now = || self.reference_time.unwrap_or_else(crate::now);
+        let now = || -> Result<SystemTime> {
+            let rt = self.reference_time.unwrap_or_else(crate::now);
+            // Roundtrip via Timestamp to ensure that the time has the
+            // right resolution and is representable.
+            Ok(SystemTime::from(Timestamp::try_from(rt)?))
+        };
 
         if ! self.overrode_creation_time {
             // See if we want to backdate the signature.
             if let Some(orig) = self.original_creation_time {
-                let now = now();
+                let now = now()?;
                 let t =
                     (orig + time::Duration::new(1, 0)).max(
                         now - time::Duration::new(SIG_BACKDATE_BY, 0));
@@ -1645,7 +1650,7 @@ impl SignatureBuilder {
 
                 Ok(Some(t))
             } else {
-                Ok(Some(now()))
+                Ok(Some(now()?))
             }
         } else {
             Ok(self.signature_creation_time())