Release 2.3.0: Update go-crypto, add Key.IsRevoked and fix key.IsExpired

2021-11-02 09:57:22 +01:00 · 2021-11-02 09:57:22 +01:00 · 130472d5a5
commit 130472d5a5
parent 420bb96585
9 changed files with 85 additions and 43 deletions
--- a/crypto/key.go
+++ b/crypto/key.go
@ -276,8 +276,14 @@ func (key *Key) CanEncrypt() bool {

 // IsExpired checks whether the key is expired.
 func (key *Key) IsExpired() bool {
-	_, ok := key.entity.EncryptionKey(getNow())
-	return !ok
+	i := key.entity.PrimaryIdentity()
+	return key.entity.PrimaryKey.KeyExpired(i.SelfSignature, getNow()) || // primary key has expired
+		i.SelfSignature.SigExpired(getNow()) // user ID self-signature has expired
+}
+
+// IsRevoked checks whether the key or the primary identity has a valid revocation signature.
+func (key *Key) IsRevoked() bool {
+	return key.entity.Revoked(getNow()) || key.entity.PrimaryIdentity().Revoked(getNow())
 }

 // IsPrivate returns true if the key is private.
--- a/crypto/key_test.go
+++ b/crypto/key_test.go
@ -417,6 +417,23 @@ func TestKeyCapabilities(t *testing.T) {
 	assert.True(t, publicKey.CanEncrypt())
 }

+func TestRevokedKeyCapabilities(t *testing.T) {
+	pgp.latestServerTime = 1632219895
+	defer func() {
+		pgp.latestServerTime = testTime
+	}()
+
+	revokedKey, err := NewKeyFromArmored(readTestFile("key_revoked", false))
+	if err != nil {
+		t.Fatal("Cannot unarmor key:", err)
+	}
+
+	assert.False(t, revokedKey.CanVerify())
+	assert.False(t, revokedKey.CanEncrypt())
+	assert.False(t, revokedKey.IsExpired())
+	assert.True(t, revokedKey.IsRevoked())
+}
+
 func TestUnlockMismatchingKey(t *testing.T) {
 	privateKey, err := NewKeyFromArmored(readTestFile("key_mismatching_eddsa_key", false))
 	if err != nil {
--- a/crypto/message_test.go
+++ b/crypto/message_test.go
@ -173,6 +173,11 @@ func TestBinaryMessageEncryption(t *testing.T) {
 }

 func TestIssue11(t *testing.T) {
+	pgp.latestServerTime = 1559655272
+	defer func() {
+		pgp.latestServerTime = testTime
+	}()
+
 	var issue11Password = []byte("1234")

 	issue11Key, err := NewKeyFromArmored(readTestFile("issue11_privatekey", false))
--- a/crypto/testdata/key_revoked
+++ b/crypto/testdata/key_revoked
@ -0,0 +1,43 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: OpenPGP.js v4.10.10
+Comment: https://openpgpjs.org
+
+xsBNBGCxHHcBCAC1G33VF6Qo/bg8o0A3AfbVG7o9o2ScqXD2BReBnZW7uyaJ
+RL8KFMoE4Bp9zQCuZnN+F98yCY2FrxtTjuOjz4TTjZP3wWi4+U3Eylad8wsT
+FjBfbUxMwVgV+YWBU4bVJQThqB8pnVjcdo5ks/3wfTc9BYtAZJVz1eIsj2JL
+v0fv2DpfXWP5VqLNi3dyDtx8Z1kVuRBxZaAKHJmGT8Q70nLm0n6CzHExJw4I
+ThhYhh+Xbuak3CuhPGHFEuX+r018SoRFkoM79XjP+fR4EDgZs9f345DZ/LoN
+oWTAzvKmlHidYSLFLy7niz1A1/eLdOm6k9gfeibucKgO1GtFZvugbpkdABEB
+AAHCwJwEIAEIAC8WIQQ4i7tJNgES6Bgnd6J2NFd6ObOixwUCYLEcwBEdAFJl
+dm9rZWQgZm9yIGZ1bgAhCRB2NFd6ObOixxYhBDiLu0k2ARLoGCd3onY0V3o5
+s6LHaE0H/3IW0B8ABFnZlXJXbWz00c3i23bxc/Vpy1TPYLJ3xFpcwncQMVDI
+w/njlQLoGhDCGeT/OLEYnyCsxP/JzL+SPv7smgejex/4scMNq0bVfDNmCji2
+7EldJ1zbAsfjSgyPN94GATxj/42FMCIzpvFEW2RS5n7D+G0w+NpzfJ7duOC5
+IZttJINSW9hGbWXfrp6ktvXIy4ynXi1Ew4dHPFvjgJ0bKHFwV8Uw+szkR8Yq
+dapaO8C6kNMRBdjplaOtV7Gg5nPi5CZ9jZ5Scbkfjda5nxc2edCQUVgNKwII
+LICRfT9E+zxBadgHIh0GtvwdWmz4XmxARseQvvdd8yqjJgNCR67NOnNlbmRp
+bmctcHJlZjExIChSZXZva2VkIGtleSkgPHNlbmRpbmctcHJlZjExQHByb3Rv
+bi5ibGFjaz7CwKUEEwEIADgWIQQ4i7tJNgES6Bgnd6J2NFd6ObOixwUCYLEc
+dwIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAhCRB2NFd6ObOixxYhBDiL
+u0k2ARLoGCd3onY0V3o5s6LHnAEIAKvJYi5PTDdBa1rWuGRc5MEPh60aKw2B
+iBF6Z+gPBxzlAFBuPVN4JTpCXYL5XHqpGpWYj0VzyJWzTNi8LbIRQFUxxNzd
+xBiziciFGDA/2ERmoJ3vFhNUcX+VYs44lEl9slx7h4d15BlmwiwxNE+76cPw
+l99pLojcCThkGWuzo8/LPpmiWXgOXf43sjbw1qesOncseP14l7ptn4fBRqKD
+SS5WaK1AYpvQpv2Auv838L7B121nixfPXpSKLh9cWmxhyHjTNc/hm8njq96r
+qRIbU/LhHGbgd3CkmN1l1qbYgoOV4uEbyADv6KawLikibAq07FyXOiRyGzmi
+0kvvHguM9LzOwE0EYLEcdwEIAL5Gq+i9sc+VeACSDiZo20tIZQ9Q982xyJH0
+PMgLD/xny5xK8q8JFXnNdZf7bXfUwuBcM2XEMtZ5iu8QwZy/bvHzZ+CmmYyw
+Z9jqIISjY/cZVx/eQSiZT70Qf8XQL1dPGpBCzDCRdmpBpFi+ulh87Ve/Hh/8
+UU8bv2f6h4GT15oxIh09xR+PDtnlWwBxf4t4feNeCNzqyqUKt7eIBoh6u6pn
+O2wkOe08x0Gx4lpn23cIKak7XvEEn4FLpRt//4mNmXsu/6iz8fW6hJNTABvN
+2mO/eOWRItJmGcdiDoM3nMLDJHfU9xSW0i6EXLlnKGrcnSmBAlJ/cSVKmyfz
+ATiN7/8AEQEAAcLAjQQYAQgAIBYhBDiLu0k2ARLoGCd3onY0V3o5s6LHBQJg
+sRx3AhsMACEJEHY0V3o5s6LHFiEEOIu7STYBEugYJ3eidjRXejmzoscBiwgA
+pYU7fmknt+4pL0X5INiPFlD6K3aJRCNzYOl3s7aFkMQdIYGDmzAicba+CMgr
+/RuyqoPKeFxzTyTYWQ7Av2T/gkih7QqjOk+50W+r6seQ0YKxqqALlX8Iz8zf
+Wi7QZLBI+pcWwogHGVFs1HMYU5V5WLetRRbbNpbi8CRwZS5MeDZKhK2T/AYx
+hQpoYkzrBGhtK0qCQ8Gy5lIRb3WzeNuyiII34nun40vIezCuS2/en46DpVdB
+i2rFpiDUwxkxNETIS+cHqALrkYNVLhGTfTPAC5mRZtfk4vGL9Bk7OQdNaeN0
+oKqUWLar3SVblm9Z0rZ4QpPYD02YuQh/fvP0ArK8YA==
+=iGbb
+-----END PGP PUBLIC KEY BLOCK-----