diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2019-04-09 13:08:20 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2019-04-09 13:08:20 +0200 |
commit | 7c92d7381408b375d158dd3aedfa61d340ed3750 (patch) | |
tree | 1fe1a0ff202930700e9817ebb1d67b281217ece1 /tool | |
parent | b372fdb81fbff4bfca997b4d271aedc6026c158c (diff) |
openpgp: Guard signature verifications with a time.
- In the streaming verifier and decryptor, check that
signatures (and binding signatures) are valid at the given time.
- Fixes #247.
Diffstat (limited to 'tool')
-rw-r--r-- | tool/src/commands/decrypt.rs | 2 | ||||
-rw-r--r-- | tool/src/commands/mod.rs | 5 |
2 files changed, 3 insertions, 4 deletions
diff --git a/tool/src/commands/decrypt.rs b/tool/src/commands/decrypt.rs index 50dae859..8bdb6c95 100644 --- a/tool/src/commands/decrypt.rs +++ b/tool/src/commands/decrypt.rs @@ -207,7 +207,7 @@ pub fn decrypt(ctx: &Context, store: &mut store::Store, -> Result<()> { let helper = Helper::new(ctx, store, signatures, tpks, secrets, dump_session_key, dump, hex); - let mut decryptor = Decryptor::from_reader(input, helper) + let mut decryptor = Decryptor::from_reader(input, helper, None) .context("Decryption failed")?; io::copy(&mut decryptor, output) diff --git a/tool/src/commands/mod.rs b/tool/src/commands/mod.rs index aa60b5d2..172e9042 100644 --- a/tool/src/commands/mod.rs +++ b/tool/src/commands/mod.rs @@ -280,7 +280,6 @@ impl<'a> VerificationHelper for VHelper<'a> { let issuer = issuer .expect("missing key checksum has an issuer"); eprintln!("No key to check {} from {}", what, issuer); - assert!(! trusted); self.unknown_checksums += 1; }, BadChecksum(_) => { @@ -321,9 +320,9 @@ pub fn verify(ctx: &Context, store: &mut store::Store, -> Result<()> { let helper = VHelper::new(ctx, store, signatures, tpks); let mut verifier = if let Some(dsig) = detached { - DetachedVerifier::from_reader(dsig, input, helper)? + DetachedVerifier::from_reader(dsig, input, helper, None)? } else { - Verifier::from_reader(input, helper)? + Verifier::from_reader(input, helper, None)? }; io::copy(&mut verifier, output) |