openpgp: Guard signature verifications with a time.

  - In the streaming verifier and decryptor, check that
    signatures (and binding signatures) are valid at the given time.

  - Fixes #247.

2 files changed, 3 insertions, 4 deletions

diff --git a/tool/src/commands/decrypt.rs b/tool/src/commands/decrypt.rs
index 50dae859..8bdb6c95 100644
--- a/tool/src/commands/decrypt.rs
+++ b/tool/src/commands/decrypt.rs
@@ -207,7 +207,7 @@ pub fn decrypt(ctx: &Context, store: &mut store::Store,
                -> Result<()> {
     let helper = Helper::new(ctx, store, signatures, tpks, secrets,
                              dump_session_key, dump, hex);
-    let mut decryptor = Decryptor::from_reader(input, helper)
+    let mut decryptor = Decryptor::from_reader(input, helper, None)
         .context("Decryption failed")?;
 
     io::copy(&mut decryptor, output)
diff --git a/tool/src/commands/mod.rs b/tool/src/commands/mod.rs
index aa60b5d2..172e9042 100644
--- a/tool/src/commands/mod.rs
+++ b/tool/src/commands/mod.rs
@@ -280,7 +280,6 @@ impl<'a> VerificationHelper for VHelper<'a> {
                         let issuer = issuer
                             .expect("missing key checksum has an issuer");
                         eprintln!("No key to check {} from {}", what, issuer);
-                        assert!(! trusted);
                         self.unknown_checksums += 1;
                     },
                     BadChecksum(_) => {
@@ -321,9 +320,9 @@ pub fn verify(ctx: &Context, store: &mut store::Store,
               -> Result<()> {
     let helper = VHelper::new(ctx, store, signatures, tpks);
     let mut verifier = if let Some(dsig) = detached {
-        DetachedVerifier::from_reader(dsig, input, helper)?
+        DetachedVerifier::from_reader(dsig, input, helper, None)?
     } else {
-        Verifier::from_reader(input, helper)?
+        Verifier::from_reader(input, helper, None)?
     };
 
     io::copy(&mut verifier, output)