diff options
| -rw-r--r-- | openpgp/src/packet/signature/mod.rs | 3 | ||||
| -rw-r--r-- | openpgp/src/tpk/mod.rs | 23 |
2 files changed, 15 insertions, 11 deletions
diff --git a/openpgp/src/packet/signature/mod.rs b/openpgp/src/packet/signature/mod.rs index f53f3705..eed113f4 100644 --- a/openpgp/src/packet/signature/mod.rs +++ b/openpgp/src/packet/signature/mod.rs @@ -1394,7 +1394,8 @@ mod test { .unwrap(); let test2 = TPK::from_bytes( crate::tests::key("test2-signed-by-test1.pgp")).unwrap(); - let uid_binding = &test2.primary_key_signature_full(None).unwrap().0.unwrap(); + let uid_binding = &test2.primary_key_signature_full(None) + .unwrap().1.unwrap().0; let cert = &uid_binding.certifications()[0]; assert_eq!(cert.verify_userid_binding(cert_key1, diff --git a/openpgp/src/tpk/mod.rs b/openpgp/src/tpk/mod.rs index 16e0ca51..f0fca783 100644 --- a/openpgp/src/tpk/mod.rs +++ b/openpgp/src/tpk/mod.rs @@ -1103,8 +1103,11 @@ impl TPK { .map(|b| b.0) } - /// Returns the primary key's current self-signature as of `t` and - /// the corresponding User ID binding, if any. + /// Returns the primary key's current self-signature as of `t`. + /// + /// If the current self-signature is from a User ID binding (and + /// not a direct signature), this also returns the User ID binding + /// and its revocation status as of `t`. /// /// The primary key's current self-signature as of `t` is, in /// order of preference: @@ -1120,7 +1123,7 @@ impl TPK { /// /// If there are no applicable signatures, `None` is returned. pub fn primary_key_signature_full<T>(&self, t: T) - -> Option<(Option<&UserIDBinding>, &Signature)> + -> Option<(&Signature, Option<(&UserIDBinding, RevocationStatus)>)> where T: Into<Option<time::Tm>> { let t = t.into().unwrap_or_else(time::now_utc); @@ -1129,19 +1132,19 @@ impl TPK { let primary_userid = self.primary_userid_full(t); if let Some((ref u, ref s, ref r)) = primary_userid { if !destructures_to!(RevocationStatus::Revoked(_) = r) { - return Some((Some(u), s)); + return Some((s, Some((u, r.clone())))); } } // 2. Direct signature. if let Some(s) = self.primary.binding_signature(t) { - return Some((None, s)); + return Some((s, None)); } // 3. All User IDs are revoked. if let Some((u, s, r)) = primary_userid { - assert!(destructures_to!(RevocationStatus::Revoked(_) = r)); - return Some((Some(u), s)); + assert!(destructures_to!(RevocationStatus::Revoked(_) = &r)); + return Some((s, Some((u, r)))); } // 4. No user ids and no direct signatures. @@ -1156,7 +1159,7 @@ impl TPK { pub fn primary_key_signature<T>(&self, t: T) -> Option<&Signature> where T: Into<Option<time::Tm>> { - if let Some((_, sig)) = self.primary_key_signature_full(t) { + if let Some((sig, _)) = self.primary_key_signature_full(t) { Some(sig) } else { None @@ -1333,7 +1336,7 @@ impl TPK { where R: key::KeyRole { let sig = { - let (userid, template) = self + let (template, userid) = self .primary_key_signature_full(Some(now)) .ok_or(Error::MalformedTPK("No self-signature".into()))?; @@ -1342,7 +1345,7 @@ impl TPK { let mut hash = hash_algo.context()?; self.primary().key().hash(&mut hash); - if let Some(userid) = userid { + if let Some((userid, _)) = userid { userid.userid().hash(&mut hash); } else { assert_eq!(template.typ(), SignatureType::DirectKey); |