diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2020-09-16 13:49:49 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2020-09-16 14:39:48 +0200 |
commit | 7d7e3457add3d3fe30f28471a2de9b0adf1de6b9 (patch) | |
tree | 1ccac579eb6dff7e936d76f0a6c0f3ea34ef7fc6 /openpgp-ffi | |
parent | 012ddfb07db57badf307c83956d74d6964e3f83b (diff) |
openpgp: Update backsig when changing expiration time.
- When updating the expiration time of signing-capable subkeys, also
create a new primary key binding signature.
- Fixes #534.
Diffstat (limited to 'openpgp-ffi')
-rw-r--r-- | openpgp-ffi/include/sequoia/openpgp.h | 5 | ||||
-rw-r--r-- | openpgp-ffi/src/key_amalgamation.rs | 10 |
2 files changed, 14 insertions, 1 deletions
diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h index 99510a81..074170d5 100644 --- a/openpgp-ffi/include/sequoia/openpgp.h +++ b/openpgp-ffi/include/sequoia/openpgp.h @@ -1187,12 +1187,17 @@ pgp_signature_t pgp_valid_key_amalgamation_binding_signature (pgp_valid_key_amal /// Creates one or more self-signatures that when merged with the /// certificate cause the key to expire at the specified time. /// +/// `subkey_signer` must be `NULL` when updating the expiration of the +/// primary key, or updating the expiration of a non-signing capable +/// subkey. Otherwise, a signer for the subkey must be given. +/// /// The returned buffer must be freed using libc's allocator. /*/ pgp_status_t pgp_valid_key_amalgamation_set_expiration_time (pgp_error_t *errp, pgp_valid_key_amalgamation_t ka, pgp_signer_t signer, + pgp_signer_t subkey_signer, time_t time, pgp_signature_t **sigs, size_t *sig_count); diff --git a/openpgp-ffi/src/key_amalgamation.rs b/openpgp-ffi/src/key_amalgamation.rs index d25fb2bc..f44ad04f 100644 --- a/openpgp-ffi/src/key_amalgamation.rs +++ b/openpgp-ffi/src/key_amalgamation.rs @@ -99,12 +99,17 @@ pub extern "C" fn pgp_valid_key_amalgamation_binding_signature<'a>(ka: *const Va /// Creates one or more self-signatures that when merged with the /// certificate cause the key to expire at the specified time. /// +/// `subkey_signer` must be `NULL` when updating the expiration of the +/// primary key, or updating the expiration of a non-signing capable +/// subkey. Otherwise, a signer for the subkey must be given. +/// /// The returned buffer must be freed using libc's allocator. #[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" fn pgp_valid_key_amalgamation_set_expiration_time( errp: Option<&mut *mut crate::error::Error>, ka: *const ValidKeyAmalgamation, primary_signer: *mut Box<dyn crypto::Signer>, + subkey_signer: Option<&'static mut Box<dyn crypto::Signer + 'static>>, expiry: time_t, sigs: *mut *mut *mut Signature, sig_count: *mut size_t) -> Status @@ -117,7 +122,10 @@ fn pgp_valid_key_amalgamation_set_expiration_time( let sigs = ffi_param_ref_mut!(sigs); let sig_count = ffi_param_ref_mut!(sig_count); - match ka.set_expiration_time(signer.as_mut(), expiry) { + match ka.set_expiration_time(signer.as_mut(), + subkey_signer.map(|s| s.as_mut()), + expiry) + { Ok(new_sigs) => { let buffer = unsafe { libc::calloc(new_sigs.len(), std::mem::size_of::<*mut Signature>()) |