openpgp: Honor key expiration when encrypting.

author: Justus Winter <justus@sequoia-pgp.org> 2018-06-01 12:20:30 +0200
committer: Justus Winter <justus@sequoia-pgp.org> 2018-06-01 12:23:02 +0200
commit: 0b5dfcd342eb532c34ee517619ba840208009071 (patch)
tree: 7c9d8ba0339080e1793b3069ea91c53d28875268 /openpgp/src/serialize/stream.rs
parent: 301cd06e41aab0bd646f4664b0b182c97cd8a1dd (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/openpgp/src/serialize/stream.rs b/openpgp/src/serialize/stream.rs
index 0dd29dfa..1dc564a7 100644
--- a/openpgp/src/serialize/stream.rs
+++ b/openpgp/src/serialize/stream.rs
@@ -707,7 +707,9 @@ impl<'a> Encryptor<'a> {
 
         // Write the PKESK packet(s).
         for tpk in tpks {
+            // XXX: Handle encryption-capable primary keys.
             let subkeys = tpk.subkeys().filter(|skb| {
+                let key = skb.subkey();
                 // The first signature is the most recent binding
                 // signature.
                 skb.selfsigs().next()
@@ -716,7 +718,10 @@ impl<'a> Encryptor<'a> {
                             sig.key_flags().can_encrypt_at_rest(),
                         EncryptionMode::ForTransport =>
                             sig.key_flags().can_encrypt_for_transport(),
-                    })
+                    }
+                         // Check expiry.
+                         && ! sig.signature_is_expired()
+                         && ! sig.key_is_expired(key))
                     .unwrap_or(false)
             });
author	Justus Winter <justus@sequoia-pgp.org>	2018-06-01 12:20:30 +0200
committer	Justus Winter <justus@sequoia-pgp.org>	2018-06-01 12:23:02 +0200
commit	0b5dfcd342eb532c34ee517619ba840208009071 (patch)
tree	7c9d8ba0339080e1793b3069ea91c53d28875268 /openpgp/src/serialize/stream.rs
parent	301cd06e41aab0bd646f4664b0b182c97cd8a1dd (diff)