openpgp: A direct key signature can be made by a third party.

  - To support third-party direct key signatures (e.g., revocations),
    change `SignatureBuilder::sign_direct_key` to take the key that is
    being signed, and not assume that it is `signer::public`.

4 files changed, 13 insertions, 12 deletions

diff --git a/openpgp/src/cert/builder.rs b/openpgp/src/cert/builder.rs
index c4487ac9..fd82bf21 100644
--- a/openpgp/src/cert/builder.rs
+++ b/openpgp/src/cert/builder.rs
@@ -1062,7 +1062,7 @@ impl CertBuilder {
 
         let mut signer = key.clone().into_keypair()
             .expect("key generated above has a secret");
-        let sig = sig.sign_direct_key(&mut signer)?;
+        let sig = sig.sign_direct_key(&mut signer, &key)?;
 
         Ok((key, sig.into()))
     }
diff --git a/openpgp/src/cert/mod.rs b/openpgp/src/cert/mod.rs
index f82e3348..d7cad557 100644
--- a/openpgp/src/cert/mod.rs
+++ b/openpgp/src/cert/mod.rs
@@ -4073,13 +4073,13 @@ mod test {
                 .set_signature_creation_time(t1).unwrap()
                 .set_key_validity_period(Some(time::Duration::new(10 * 52 * 7 * 24 * 60 * 60, 0))).unwrap()
                 .set_preferred_hash_algorithms(vec![HashAlgorithm::SHA512]).unwrap()
-                .sign_direct_key(&mut pair).unwrap();
+                .sign_direct_key(&mut pair, &key).unwrap();
 
             let rev1 = signature::SignatureBuilder::new(SignatureType::KeyRevocation)
                 .set_signature_creation_time(t2).unwrap()
                 .set_reason_for_revocation(ReasonForRevocation::KeySuperseded,
                                            &b""[..]).unwrap()
-                .sign_direct_key(&mut pair).unwrap();
+                .sign_direct_key(&mut pair, &key).unwrap();
 
             let bind2 = signature::SignatureBuilder::new(SignatureType::DirectKey)
                 .set_features(&Features::sequoia()).unwrap()
@@ -4087,13 +4087,13 @@ mod test {
                 .set_signature_creation_time(t3).unwrap()
                 .set_key_validity_period(Some(time::Duration::new(10 * 52 * 7 * 24 * 60 * 60, 0))).unwrap()
                 .set_preferred_hash_algorithms(vec![HashAlgorithm::SHA512]).unwrap()
-                .sign_direct_key(&mut pair).unwrap();
+                .sign_direct_key(&mut pair, &key).unwrap();
 
             let rev2 = signature::SignatureBuilder::new(SignatureType::KeyRevocation)
                 .set_signature_creation_time(t4).unwrap()
                 .set_reason_for_revocation(ReasonForRevocation::KeyCompromised,
                                            &b""[..]).unwrap()
-                .sign_direct_key(&mut pair).unwrap();
+                .sign_direct_key(&mut pair, &key).unwrap();
 
             (bind1, rev1, bind2, rev2)
         };
@@ -4755,7 +4755,7 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g=
                     .unwrap()
                     .set_preferred_hash_algorithms(vec![HashAlgorithm::SHA512]).unwrap()
                     .set_signature_creation_time(*t).unwrap()
-                    .sign_direct_key(&mut pair).unwrap();
+                    .sign_direct_key(&mut pair, &key).unwrap();
 
                 let binding : Packet = binding.into();
 
diff --git a/openpgp/src/packet/signature/mod.rs b/openpgp/src/packet/signature/mod.rs
index 9d7f6196..7c95e9f8 100644
--- a/openpgp/src/packet/signature/mod.rs
+++ b/openpgp/src/packet/signature/mod.rs
@@ -284,8 +284,10 @@ impl SignatureBuilder {
     /// algorithm used by `signer`.
     /// If not set before, Issuer and Issuer Fingerprint subpackets are added
     /// pointing to `signer`.
-    pub fn sign_direct_key(mut self, signer: &mut dyn Signer)
+    pub fn sign_direct_key<P>(mut self, signer: &mut dyn Signer,
+                              pk: &Key<P, key::PrimaryRole>)
         -> Result<Signature>
+        where P: key::KeyParts,
     {
         match self.typ {
             SignatureType::DirectKey => (),
@@ -296,8 +298,7 @@ impl SignatureBuilder {
 
         self = self.pre_sign(signer)?;
 
-        let digest = Signature::hash_direct_key(
-            &self, signer.public().role_as_primary())?;
+        let digest = Signature::hash_direct_key(&self, pk)?;
 
         self.sign(signer, digest)
     }
diff --git a/sqv/tests/revoked-key.rs b/sqv/tests/revoked-key.rs
index 838d5d18..65e03255 100644
--- a/sqv/tests/revoked-key.rs
+++ b/sqv/tests/revoked-key.rs
@@ -306,7 +306,7 @@ fn create_key() {
         .set_signature_creation_time(t1).unwrap()
         .set_preferred_hash_algorithms(vec![HashAlgorithm::SHA512])
         .unwrap();
-    let direct1 = b.sign_direct_key(&mut signer).unwrap();
+    let direct1 = b.sign_direct_key(&mut signer, &key).unwrap();
 
     // 1st subkey binding signature valid from t_sk_binding on
     b = signature::SignatureBuilder::new(SignatureType::SubkeyBinding)
@@ -327,7 +327,7 @@ fn create_key() {
         .set_signature_creation_time(t3).unwrap()
         .set_preferred_hash_algorithms(vec![HashAlgorithm::SHA512])
         .unwrap();
-    let direct2 = b.sign_direct_key(&mut signer).unwrap();
+    let direct2 = b.sign_direct_key(&mut signer, &key).unwrap();
 
     // 2nd subkey binding signature valid from t3 on
     let mut b = signature::SignatureBuilder::new(SignatureType::SubkeyBinding)
@@ -370,7 +370,7 @@ fn create_key() {
                 .unwrap();
         }
 
-        let rev = b.sign_direct_key(&mut signer).unwrap();
+        let rev = b.sign_direct_key(&mut signer, &key).unwrap();
         let cert = Cert::try_from(vec![
             key.clone().into(),
             direct1.clone().into(),