diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2018-06-01 12:20:30 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2018-06-01 12:23:02 +0200 |
commit | 0b5dfcd342eb532c34ee517619ba840208009071 (patch) | |
tree | 7c9d8ba0339080e1793b3069ea91c53d28875268 /openpgp/src/serialize/stream.rs | |
parent | 301cd06e41aab0bd646f4664b0b182c97cd8a1dd (diff) |
openpgp: Honor key expiration when encrypting.
Diffstat (limited to 'openpgp/src/serialize/stream.rs')
-rw-r--r-- | openpgp/src/serialize/stream.rs | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/openpgp/src/serialize/stream.rs b/openpgp/src/serialize/stream.rs index 0dd29dfa..1dc564a7 100644 --- a/openpgp/src/serialize/stream.rs +++ b/openpgp/src/serialize/stream.rs @@ -707,7 +707,9 @@ impl<'a> Encryptor<'a> { // Write the PKESK packet(s). for tpk in tpks { + // XXX: Handle encryption-capable primary keys. let subkeys = tpk.subkeys().filter(|skb| { + let key = skb.subkey(); // The first signature is the most recent binding // signature. skb.selfsigs().next() @@ -716,7 +718,10 @@ impl<'a> Encryptor<'a> { sig.key_flags().can_encrypt_at_rest(), EncryptionMode::ForTransport => sig.key_flags().can_encrypt_for_transport(), - }) + } + // Check expiry. + && ! sig.signature_is_expired() + && ! sig.key_is_expired(key)) .unwrap_or(false) }); |