From ec03e1614a48fbe30f1200cb18bb00c7135f5242 Mon Sep 17 00:00:00 2001
From: "Neal H. Walfield" <neal@pep.foundation>
Date: Mon, 11 Nov 2019 19:51:04 +0100
Subject: openpgp: Be tolerant when deciding wheter a signature is alive.

  - Consider the following scenario: computer A's clock says 9:00.00
    and signs and sends a message to computer B.  Computer B's clock
    says 8:59.59, it receives the message and tries to verify it.
    From Computer B's perspective, the signature is not valid, because
    it was generated in the future.

  - This situation occured, because the two clocks were not completely
    synchronized.  Unfortunately, a few seconds of clock skew are not
    unusual, particularly when dealing with VMs.

  - Since it is almost always better to consider such messages as
    valid, be tolerant when deciding whether a signature is alive.
---
 openpgp/src/parse/stream.rs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'openpgp/src/parse')

diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs
index ff381ea7..3f33e833 100644
--- a/openpgp/src/parse/stream.rs
+++ b/openpgp/src/parse/stream.rs
@@ -486,7 +486,7 @@ impl<'a, H: VerificationHelper> Verifier<'a, H> {
             if let Some(sig) = sig {
                 sig.key_flags().can_sign()
                 // Check expiry.
-                    && sig.signature_alive(t)
+                    && sig.signature_alive(t, None)
                     && sig.key_alive(key, t)
             } else {
                 false
@@ -612,7 +612,7 @@ impl<'a, H: VerificationHelper> Verifier<'a, H> {
                                 let (binding, revocation, key)
                                     = tpk.keys_all().nth(*j).unwrap();
                                 if sig.verify(key).unwrap_or(false) {
-                                    if sig.signature_alive(self.time) {
+                                    if sig.signature_alive(self.time, None) {
                                         VerificationResult::GoodChecksum
                                             (sig, tpk, key, binding,
                                              revocation)
@@ -1316,7 +1316,7 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> {
                             if let Some(sig) = sig {
                                 sig.key_flags().can_sign()
                                 // Check expiry.
-                                    && sig.signature_alive(t)
+                                    && sig.signature_alive(t, None)
                                     && sig.key_alive(key, t)
                             } else {
                                 false
@@ -1463,7 +1463,7 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> {
                                     let (binding, revocation, key)
                                         = tpk.keys_all().nth(*j).unwrap();
                                     if sig.verify(key).unwrap_or(false) &&
-                                        sig.signature_alive(self.time)
+                                        sig.signature_alive(self.time, None)
                                     {
                                         // Check intended recipients.
                                         if let Some(identity) =
-- 
cgit v1.2.3