4 files changed, 28 insertions, 40 deletions
diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h
index bd495156..c84fb582 100644
--- a/openpgp-ffi/include/sequoia/openpgp.h
+++ b/openpgp-ffi/include/sequoia/openpgp.h
@@ -395,14 +395,11 @@ bool pgp_signature_alive(pgp_signature_t signature);
 bool pgp_signature_alive_at(pgp_signature_t signature, time_t when);
 
 /*/
-/// Returns whether the signature is expired.
-/*/
-bool pgp_signature_expired(pgp_signature_t signature);
-
-/*/
 /// Returns whether the signature is expired at the specified time.
+///
+/// If `when` is 0, then the current time is used.
 /*/
-bool pgp_signature_expired_at(pgp_signature_t signature, time_t when);
+bool pgp_signature_expired(pgp_signature_t signature, time_t when);
 
 /*/
 /// Returns whether the signature is alive at the specified time.
diff --git a/openpgp-ffi/src/packet/signature.rs b/openpgp-ffi/src/packet/signature.rs
index 4d3f4ae3..ed0691f9 100644
--- a/openpgp-ffi/src/packet/signature.rs
+++ b/openpgp-ffi/src/packet/signature.rs
@@ -135,17 +135,17 @@ fn pgp_signature_alive_at(sig: *const Signature, when: time_t) -> bool {
         .signature_alive_at(time::at(time::Timespec::new(when as i64, 0)))
 }
 
-/// Returns whether the signature is expired.
-#[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C"
-fn pgp_signature_expired(sig: *const Signature) -> bool {
-    sig.ref_raw().signature_expired()
-}
-
 /// Returns whether the signature is expired at the specified time.
+///
+/// If `when` is 0, then the current time is used.
 #[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C"
-fn pgp_signature_expired_at(sig: *const Signature, when: time_t) -> bool {
-    sig.ref_raw()
-        .signature_expired_at(time::at(time::Timespec::new(when as i64, 0)))
+fn pgp_signature_expired(sig: *const Signature, when: time_t) -> bool {
+    let t = if when == 0 {
+        None
+    } else {
+        Some(time::at(time::Timespec::new(when as i64, 0)))
+    };
+    sig.ref_raw().signature_expired(t)
 }
 
 /// Returns whether the signature is alive at the specified time.
diff --git a/openpgp/src/packet/signature/subpacket.rs b/openpgp/src/packet/signature/subpacket.rs
index c1d7dddd..dda69e2a 100644
--- a/openpgp/src/packet/signature/subpacket.rs
+++ b/openpgp/src/packet/signature/subpacket.rs
@@ -1321,22 +1321,10 @@ impl Signature4 {
         }
     }
 
-    /// Returns whether or not the signature is expired.
-    ///
-    /// Note that [Section 5.2.3.4 of RFC 4880] states that "[[A
-    /// Signature Creation Time subpacket]] MUST be present in the
-    /// hashed area."  Consequently, if such a packet does not exist,
-    /// but a "Signature Expiration Time" subpacket exists, we
-    /// conservatively treat the signature as expired, because there
-    /// is no way to evaluate the expiration time.
-    ///
-    ///  [Section 5.2.3.4 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-5.2.3.4
-    pub fn signature_expired(&self) -> bool {
-        self.signature_expired_at(time::now_utc())
-    }
-
     /// Returns whether or not the signature is expired at the given time.
     ///
+    /// If `t` is None, uses the current time.
+    ///
     /// Note that [Section 5.2.3.4 of RFC 4880] states that "[[A
     /// Signature Creation Time subpacket]] MUST be present in the
     /// hashed area."  Consequently, if such a packet does not exist,
@@ -1345,13 +1333,16 @@ impl Signature4 {
     /// is no way to evaluate the expiration time.
     ///
     ///  [Section 5.2.3.4 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-5.2.3.4
-    pub fn signature_expired_at(&self, tm: time::Tm) -> bool {
+    pub fn signature_expired<T>(&self, t: T) -> bool
+        where T: Into<Option<time::Tm>>
+    {
+        let t = t.into().unwrap_or_else(time::now_utc);
         match (self.signature_creation_time(), self.signature_expiration_time())
         {
             (Some(_), Some(e)) if e.num_seconds() == 0 =>
                 false, // Zero expiration time, does not expire.
             (Some(c), Some(e)) =>
-                (c + e) <= tm,
+                (c + e) <= t,
             (None, Some(_)) =>
                 true, // No creation time, treat as always expired.
             (_, None) =>
@@ -1388,7 +1379,7 @@ impl Signature4 {
     ///  [Section 5.2.3.4 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-5.2.3.4
     pub fn signature_alive_at(&self, tm: time::Tm) -> bool {
         if let Some(creation_time) = self.signature_creation_time() {
-            creation_time <= tm && ! self.signature_expired_at(tm)
+            creation_time <= tm && ! self.signature_expired(tm)
         } else {
             false
         }
@@ -2434,9 +2425,9 @@ fn accessors() {
         sig.clone().sign_hash(&mut keypair, hash_algo, hash.clone()).unwrap();
     assert_eq!(sig_.signature_expiration_time(), Some(five_minutes));
 
-    assert!(!sig_.signature_expired());
-    assert!(!sig_.signature_expired_at(now));
-    assert!(sig_.signature_expired_at(now + ten_minutes));
+    assert!(!sig_.signature_expired(None));
+    assert!(!sig_.signature_expired(now));
+    assert!(sig_.signature_expired(now + ten_minutes));
 
     assert!(sig_.signature_alive());
     assert!(sig_.signature_alive_at(now));
@@ -2447,9 +2438,9 @@ fn accessors() {
     let sig_ =
         sig.clone().sign_hash(&mut keypair, hash_algo, hash.clone()).unwrap();
     assert_eq!(sig_.signature_expiration_time(), None);
-    assert!(!sig_.signature_expired());
-    assert!(!sig_.signature_expired_at(now));
-    assert!(!sig_.signature_expired_at(now + ten_minutes));
+    assert!(!sig_.signature_expired(None));
+    assert!(!sig_.signature_expired(now));
+    assert!(!sig_.signature_expired(now + ten_minutes));
 
     assert!(sig_.signature_alive());
     assert!(sig_.signature_alive_at(now));
@@ -2780,7 +2771,7 @@ fn subpacket_test_2() {
                    }));
 
         // The signature does not expire.
-        assert!(! sig.signature_expired());
+        assert!(! sig.signature_expired(None));
 
         assert_eq!(sig.key_expiration_time(),
                    Some(time::Duration::from_pgp(63072000)));
diff --git a/tool/src/commands/inspect.rs b/tool/src/commands/inspect.rs
index 438a2f77..526490e0 100644
--- a/tool/src/commands/inspect.rs
+++ b/tool/src/commands/inspect.rs
@@ -149,7 +149,7 @@ fn inspect_tpk(output: &mut io::Write, tpk: &openpgp::TPK,
         writeln!(output, "         UserID: {}", uidb.userid())?;
         inspect_revocation(output, "", uidb.revoked(None))?;
         if let Some(sig) = uidb.binding_signature(None) {
-            if sig.signature_expired() {
+            if sig.signature_expired(None) {
                 writeln!(output, "                 Expired")?;
             } else if ! sig.signature_alive() {
                 writeln!(output, "                 Not yet valid")?;