openpgp: Return Result from Signature::key_alive.

- See #371.
author: Justus Winter <justus@sequoia-pgp.org> 2019-11-25 15:59:54 +0100
committer: Justus Winter <justus@sequoia-pgp.org> 2019-12-09 13:26:48 +0100
commit: fe8093bc1aef8c6a79fd1dc76f5cc857eae05d50 (patch)
tree: 1aa3021d49ec099e16083f12ca4aefcbf5fa1313
parent: 531e3252b86f6eacf02d7181c280e8c01c4a55f4 (diff)
8 files changed, 41 insertions, 32 deletions
diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h
index f35565d3..b93ebb05 100644
--- a/openpgp-ffi/include/sequoia/openpgp.h
+++ b/openpgp-ffi/include/sequoia/openpgp.h
@@ -501,8 +501,9 @@ bool pgp_signature_expired(pgp_signature_t signature, time_t when);
 ///
 /// If `when` is 0, then the current time is used.
 /*/
-bool pgp_signature_key_alive(pgp_signature_t signature, pgp_key_t key,
-                             time_t when);
+pgp_status_t pgp_signature_key_alive(pgp_error_t *errp,
+				     pgp_signature_t signature, pgp_key_t key,
+				     time_t when);
 
 /*/
 /// Returns whether the signature is expired at the specified time.
diff --git a/openpgp-ffi/src/packet/signature.rs b/openpgp-ffi/src/packet/signature.rs
index abc302b5..7e50f3a1 100644
--- a/openpgp-ffi/src/packet/signature.rs
+++ b/openpgp-ffi/src/packet/signature.rs
@@ -264,15 +264,18 @@ fn pgp_signature_expired(sig: *const Signature, when: time_t) -> bool {
 ///
 /// If `when` is 0, then the current time is used.
 #[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C"
-fn pgp_signature_key_alive(sig: *const Signature, key: *const Key,
+fn pgp_signature_key_alive(errp: Option<&mut *mut crate::error::Error>,
+                           sig: *const Signature, key: *const Key,
                            when: time_t)
-                           -> bool {
+                           -> Status
+{
+    ffi_make_fry_from_errp!(errp);
     let t = if when == 0 {
         None
     } else {
         Some(std::time::UNIX_EPOCH + std::time::Duration::new(when as u64, 0))
     };
-    sig.ref_raw().key_alive(key.ref_raw(), t)
+    ffi_try_status!(sig.ref_raw().key_alive(key.ref_raw(), t))
 }
 
 /// Returns whether the signature is expired at the specified time.
diff --git a/openpgp/src/cert/builder.rs b/openpgp/src/cert/builder.rs
index a13d2274..618494de 100644
--- a/openpgp/src/cert/builder.rs
+++ b/openpgp/src/cert/builder.rs
@@ -651,20 +651,20 @@ mod tests {
             + 5 * s; // The subkeys may be created a tad later.
         let key = cert.primary();
         let sig = cert.primary_key_signature(None).unwrap();
-        assert!(sig.key_alive(key, now));
-        assert!(sig.key_alive(key, now + 590 * s));
-        assert!(! sig.key_alive(key, now + 610 * s));
+        assert!(sig.key_alive(key, now).is_ok());
+        assert!(sig.key_alive(key, now + 590 * s).is_ok());
+        assert!(! sig.key_alive(key, now + 610 * s).is_ok());
 
         let (sig, key) = cert.keys_valid().for_signing()
             .nth(0).map(|(s, _, k)| (s.unwrap(), k)).unwrap();
-        assert!(sig.key_alive(key, now));
-        assert!(sig.key_alive(key, now + 290 * s));
-        assert!(! sig.key_alive(key, now + 310 * s));
+        assert!(sig.key_alive(key, now).is_ok());
+        assert!(sig.key_alive(key, now + 290 * s).is_ok());
+        assert!(! sig.key_alive(key, now + 310 * s).is_ok());
 
         let (sig, key) = cert.keys_valid().for_authentication()
             .nth(0).map(|(s, _, k)| (s.unwrap(), k)).unwrap();
-        assert!(sig.key_alive(key, now));
-        assert!(sig.key_alive(key, now + 590 * s));
-        assert!(! sig.key_alive(key, now + 610 * s));
+        assert!(sig.key_alive(key, now).is_ok());
+        assert!(sig.key_alive(key, now + 590 * s).is_ok());
+        assert!(! sig.key_alive(key, now + 610 * s).is_ok());
     }
 }
diff --git a/openpgp/src/cert/keyiter.rs b/openpgp/src/cert/keyiter.rs
index fb0e5caf..a5b7d7d2 100644
--- a/openpgp/src/cert/keyiter.rs
+++ b/openpgp/src/cert/keyiter.rs
@@ -158,7 +158,7 @@ impl <'a, P: 'a + key::KeyParts, R: 'a + key::KeyRole> KeyIter<'a, P, R> {
 
             if let Some(alive_at) = self.alive_at {
                 if let Some(sig) = sigo {
-                    if ! sig.key_alive(key, alive_at) {
+                    if ! sig.key_alive(key, alive_at).is_ok() {
                         t!("Key not alive... skipping.");
                         continue;
                     }
diff --git a/openpgp/src/cert/mod.rs b/openpgp/src/cert/mod.rs
index efe65cf4..ff209d0b 100644
--- a/openpgp/src/cert/mod.rs
+++ b/openpgp/src/cert/mod.rs
@@ -1127,7 +1127,7 @@ impl Cert {
     {
         let t = t.into();
         if let Some(sig) = self.primary_key_signature(t) {
-            sig.key_alive(self.primary(), t)
+            sig.key_alive(self.primary(), t).is_ok()
         } else {
             false
         }
diff --git a/openpgp/src/packet/signature/subpacket.rs b/openpgp/src/packet/signature/subpacket.rs
index e125348b..8a04906b 100644
--- a/openpgp/src/packet/signature/subpacket.rs
+++ b/openpgp/src/packet/signature/subpacket.rs
@@ -2230,14 +2230,21 @@ impl SubpacketAreas {
     /// See [Section 5.2.3.6 of RFC 4880].
     ///
     ///  [Section 5.2.3.6 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-5.2.3.6
-    pub fn key_alive<P, R, T>(&self, key: &Key<P, R>, t: T) -> bool
+    pub fn key_alive<P, R, T>(&self, key: &Key<P, R>, t: T) -> Result<()>
         where P: key::KeyParts,
               R: key::KeyRole,
               T: Into<Option<time::SystemTime>>
     {
         let t = t.into()
             .unwrap_or_else(|| time::SystemTime::now());
-        key.creation_time() <= t && ! self.key_expired(key, t)
+
+        match self.key_expiration_time() {
+            Some(e) if e.as_secs() > 0 && key.creation_time() + e < t =>
+                Err(Error::Expired(key.creation_time() + e).into()),
+            _ if key.creation_time() > t =>
+                Err(Error::NotYetLive(key.creation_time()).into()),
+            _ => Ok(()),
+        }
     }
 
     /// Returns the value of the Issuer subpacket, which contains the
@@ -2817,10 +2824,10 @@ fn accessors() {
     assert!(!sig_.key_expired(&key, now));
     assert!(sig_.key_expired(&key, now + ten_minutes));
 
-    assert!(sig_.key_alive(&key, None));
-    assert!(sig_.key_alive(&key, now));
-    assert!(!sig_.key_alive(&key, now - five_minutes));
-    assert!(!sig_.key_alive(&key, now + ten_minutes));
+    assert!(sig_.key_alive(&key, None).is_ok());
+    assert!(sig_.key_alive(&key, now).is_ok());
+    assert!(!sig_.key_alive(&key, now - five_minutes).is_ok());
+    assert!(!sig_.key_alive(&key, now + ten_minutes).is_ok());
 
     sig = sig.set_key_expiration_time(None).unwrap();
     let sig_ =
@@ -2830,10 +2837,10 @@ fn accessors() {
     assert!(!sig_.key_expired(&key, now));
     assert!(!sig_.key_expired(&key, now + ten_minutes));
 
-    assert!(sig_.key_alive(&key, None));
-    assert!(sig_.key_alive(&key, now));
-    assert!(!sig_.key_alive(&key, now - five_minutes));
-    assert!(sig_.key_alive(&key, now + ten_minutes));
+    assert!(sig_.key_alive(&key, None).is_ok());
+    assert!(sig_.key_alive(&key, now).is_ok());
+    assert!(!sig_.key_alive(&key, now - five_minutes).is_ok());
+    assert!(sig_.key_alive(&key, now + ten_minutes).is_ok());
 
     let pref = vec![SymmetricAlgorithm::AES256,
                     SymmetricAlgorithm::AES192,
diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs
index ed8444ef..c4b16049 100644
--- a/openpgp/src/parse/stream.rs
+++ b/openpgp/src/parse/stream.rs
@@ -569,7 +569,7 @@ impl<'a, H: VerificationHelper> Verifier<'a, H> {
                 sig.key_flags().for_signing()
                 // Check expiry.
                     && sig.signature_alive(time, tolerance).is_ok()
-                    && sig.key_alive(key, time)
+                    && sig.key_alive(key, time).is_ok()
             } else {
                 false
             }
@@ -1442,7 +1442,7 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> {
                                 // Check expiry.
                                     && sig.signature_alive(time, tolerance)
                                        .is_ok()
-                                    && sig.key_alive(key, time)
+                                    && sig.key_alive(key, time).is_ok()
                             } else {
                                 false
                             }
diff --git a/tool/src/commands/inspect.rs b/tool/src/commands/inspect.rs
index f2347610..b88b9649 100644
--- a/tool/src/commands/inspect.rs
+++ b/tool/src/commands/inspect.rs
@@ -178,10 +178,8 @@ fn inspect_key<P, R>(output: &mut dyn io::Write,
               R: openpgp::packet::key::KeyRole
 {
     if let Some(sig) = binding_signature {
-        if sig.key_expired(key, None) {
-            writeln!(output, "{}                 Expired", indent)?;
-        } else if ! sig.key_alive(key, None) {
-            writeln!(output, "{}                 Not yet valid", indent)?;
+        if let Err(e) = sig.key_alive(key, None) {
+            writeln!(output, "{}                 Invalid: {}", indent, e)?;
         }
     }
author	Justus Winter <justus@sequoia-pgp.org>	2019-11-25 15:59:54 +0100
committer	Justus Winter <justus@sequoia-pgp.org>	2019-12-09 13:26:48 +0100
commit	fe8093bc1aef8c6a79fd1dc76f5cc857eae05d50 (patch)
tree	1aa3021d49ec099e16083f12ca4aefcbf5fa1313
parent	531e3252b86f6eacf02d7181c280e8c01c4a55f4 (diff)