diff options
author | Neal H. Walfield <neal@pep.foundation> | 2019-09-18 10:54:38 +0200 |
---|---|---|
committer | Neal H. Walfield <neal@pep.foundation> | 2019-09-18 11:37:55 +0200 |
commit | ef437f8efb1ddef3bd09427274b160e17a5cbf93 (patch) | |
tree | 2e3b93f6a37b85ba15977f8896dc99a4bd2854f1 | |
parent | d82b21d5ab152ab67ead5c720979320ea20bdb58 (diff) |
openpgp: Combine Signature4::key_expired and its _at variant.
- Combine Signature4::key_expired and Signature4::key_expired_at.
- Use an Into<Option<time::Tm>> to distinguish the two previous
cases: the current time (None), and a specific time (a time::Tm).
-rw-r--r-- | openpgp-ffi/include/sequoia/openpgp.h | 11 | ||||
-rw-r--r-- | openpgp-ffi/src/packet/signature.rs | 24 | ||||
-rw-r--r-- | openpgp/src/packet/signature/subpacket.rs | 40 | ||||
-rw-r--r-- | openpgp/src/tpk/mod.rs | 8 | ||||
-rw-r--r-- | tool/src/commands/inspect.rs | 2 |
5 files changed, 36 insertions, 49 deletions
diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h index b7a4f6be..ff40edbb 100644 --- a/openpgp-ffi/include/sequoia/openpgp.h +++ b/openpgp-ffi/include/sequoia/openpgp.h @@ -422,15 +422,12 @@ bool pgp_signature_key_alive_at(pgp_signature_t signature, pgp_key_t key, time_t when); /*/ -/// Returns whether the signature is expired. -/*/ -bool pgp_signature_key_expired(pgp_signature_t signature, pgp_key_t key); - -/*/ /// Returns whether the signature is expired at the specified time. +/// +/// If `when` is 0, then the current time is used. /*/ -bool pgp_signature_key_expired_at(pgp_signature_t signature, pgp_key_t key, - time_t when); +bool pgp_signature_key_expired(pgp_signature_t signature, pgp_key_t key, + time_t when); /*/ /// Returns the PKESK's recipient. diff --git a/openpgp-ffi/src/packet/signature.rs b/openpgp-ffi/src/packet/signature.rs index 43653bc2..654e9105 100644 --- a/openpgp-ffi/src/packet/signature.rs +++ b/openpgp-ffi/src/packet/signature.rs @@ -170,18 +170,16 @@ fn pgp_signature_key_alive_at(sig: *const Signature, key: *const Key, time::at(time::Timespec::new(when as i64, 0))) } -/// Returns whether the signature is expired. -#[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" -fn pgp_signature_key_expired(sig: *const Signature, key: *const Key) - -> bool { - sig.ref_raw().key_expired(key.ref_raw()) -} - /// Returns whether the signature is expired at the specified time. -#[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" -fn pgp_signature_key_expired_at(sig: *const Signature, key: *const Key, - when: time_t) -> bool { - sig.ref_raw() - .key_expired_at(key.ref_raw(), - time::at(time::Timespec::new(when as i64, 0))) +/// +/// If `when` is 0, then the current time is used. +#[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" +fn pgp_signature_key_expired(sig: *const Signature, key: *const Key, + when: time_t) -> bool { + let t = if when == 0 { + None + } else { + Some(time::at(time::Timespec::new(when as i64, 0))) + }; + sig.ref_raw().key_expired(key.ref_raw(), t) } diff --git a/openpgp/src/packet/signature/subpacket.rs b/openpgp/src/packet/signature/subpacket.rs index f1be36e3..eda0010a 100644 --- a/openpgp/src/packet/signature/subpacket.rs +++ b/openpgp/src/packet/signature/subpacket.rs @@ -1529,32 +1529,24 @@ impl Signature4 { } } - /// Returns whether or not the key is expired. - /// - /// See [Section 5.2.3.6 of RFC 4880]. - /// - /// [Section 5.2.3.6 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-5.2.3.6 - pub fn key_expired<P, R>(&self, key: &Key<P, R>) -> bool - where P: key::KeyParts, - R: key::KeyRole - { - self.key_expired_at(key, time::now_utc()) - } - /// Returns whether or not the key is expired at the given time. /// + /// If `t` is None, uses the current time. + /// /// See [Section 5.2.3.6 of RFC 4880]. /// /// [Section 5.2.3.6 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-5.2.3.6 - pub fn key_expired_at<P, R>(&self, key: &Key<P, R>, tm: time::Tm) -> bool + pub fn key_expired<P, R, T>(&self, key: &Key<P, R>, t: T) -> bool where P: key::KeyParts, - R: key::KeyRole + R: key::KeyRole, + T: Into<Option<time::Tm>> { + let t = t.into().unwrap_or_else(time::now_utc); match self.key_expiration_time() { Some(e) if e.num_seconds() == 0 => false, // Zero expiration time, does not expire. Some(e) => - *key.creation_time() + e <= tm, + *key.creation_time() + e <= t, None => false, // No expiration time, does not expire. } @@ -1588,7 +1580,7 @@ impl Signature4 { where P: key::KeyParts, R: key::KeyRole { - *key.creation_time() <= tm && ! self.key_expired_at(key, tm) + *key.creation_time() <= tm && ! self.key_expired(key, tm) } /// Returns the value of the Preferred Symmetric Algorithms @@ -2510,9 +2502,9 @@ fn accessors() { sig.clone().sign_hash(&mut keypair, hash_algo, hash.clone()).unwrap(); assert_eq!(sig_.key_expiration_time(), Some(five_minutes)); - assert!(!sig_.key_expired(&key)); - assert!(!sig_.key_expired_at(&key, now)); - assert!(sig_.key_expired_at(&key, now + ten_minutes)); + assert!(!sig_.key_expired(&key, None)); + assert!(!sig_.key_expired(&key, now)); + assert!(sig_.key_expired(&key, now + ten_minutes)); assert!(sig_.key_alive(&key)); assert!(sig_.key_alive_at(&key, now)); @@ -2523,9 +2515,9 @@ fn accessors() { let sig_ = sig.clone().sign_hash(&mut keypair, hash_algo, hash.clone()).unwrap(); assert_eq!(sig_.key_expiration_time(), None); - assert!(!sig_.key_expired(&key)); - assert!(!sig_.key_expired_at(&key, now)); - assert!(!sig_.key_expired_at(&key, now + ten_minutes)); + assert!(!sig_.key_expired(&key, None)); + assert!(!sig_.key_expired(&key, now)); + assert!(!sig_.key_expired(&key, now + ten_minutes)); assert!(sig_.key_alive(&key)); assert!(sig_.key_alive_at(&key, now)); @@ -2813,10 +2805,10 @@ fn subpacket_test_2() { })); // Check key expiration. - assert!(! sig.key_expired_at( + assert!(! sig.key_expired( key, *key.creation_time() + time::Duration::seconds(63072000 - 1))); - assert!(sig.key_expired_at( + assert!(sig.key_expired( key, *key.creation_time() + time::Duration::seconds(63072000))); diff --git a/openpgp/src/tpk/mod.rs b/openpgp/src/tpk/mod.rs index f0fca783..ecd8eda1 100644 --- a/openpgp/src/tpk/mod.rs +++ b/openpgp/src/tpk/mod.rs @@ -1289,7 +1289,7 @@ impl TPK { /// Returns whether or not the TPK has expired. pub fn expired(&self) -> bool { if let Some(Signature::V4(sig)) = self.primary_key_signature(None) { - sig.key_expired(self.primary().key()) + sig.key_expired(self.primary().key(), None) } else { false } @@ -1298,7 +1298,7 @@ impl TPK { /// Returns whether or not the key is expired at the given time. pub fn expired_at(&self, tm: time::Tm) -> bool { if let Some(Signature::V4(sig)) = self.primary_key_signature(tm) { - sig.key_expired_at(self.primary().key(), tm) + sig.key_expired(self.primary().key(), tm) } else { false } @@ -2288,14 +2288,14 @@ mod test { let tpk = TPK::from_bytes(crate::tests::key("about-to-expire.expired.pgp")) .unwrap(); assert!(tpk.primary_key_signature(None).unwrap() - .key_expired(tpk.primary().key())); + .key_expired(tpk.primary().key(), None)); let update = TPK::from_bytes(crate::tests::key("about-to-expire.update-no-uid.pgp")) .unwrap(); let tpk = tpk.merge(update).unwrap(); assert!(! tpk.primary_key_signature(None).unwrap() - .key_expired(tpk.primary().key())); + .key_expired(tpk.primary().key(), None)); } #[test] diff --git a/tool/src/commands/inspect.rs b/tool/src/commands/inspect.rs index ac167e12..e1e8a217 100644 --- a/tool/src/commands/inspect.rs +++ b/tool/src/commands/inspect.rs @@ -176,7 +176,7 @@ fn inspect_key<P, R>(output: &mut io::Write, R: openpgp::packet::key::KeyRole { if let Some(sig) = binding_signature { - if sig.key_expired(key) { + if sig.key_expired(key, None) { writeln!(output, "{} Expired", indent)?; } else if ! sig.key_alive(key) { writeln!(output, "{} Not yet valid", indent)?; |