Add key generation offset (#104)
* Add key generation offset * Bump version to 2.1.2
This commit is contained in:
wussler
GitHub
parent
385e6d21d2
commit
75f27fd1df
6 changed files with 29 additions and 4 deletions
|
|
@ -4,7 +4,10 @@ All notable changes to this project will be documented in this file.
|
||||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
||||||
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||||
|
|
||||||
## Unreleased
|
## [2.1.2] 2020-12-01
|
||||||
|
### Added
|
||||||
|
- `SetKeyGenerationOffset` to add an offset in key generation time and prevent not-yet-valid keys.
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
- Improved canonicalization performance
|
- Improved canonicalization performance
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ package constants
|
||||||
|
|
||||||
// Constants for armored data.
|
// Constants for armored data.
|
||||||
const (
|
const (
|
||||||
ArmorHeaderVersion = "GopenPGP 2.1.1"
|
ArmorHeaderVersion = "GopenPGP 2.1.2"
|
||||||
ArmorHeaderComment = "https://gopenpgp.org"
|
ArmorHeaderComment = "https://gopenpgp.org"
|
||||||
PGPMessageHeader = "PGP MESSAGE"
|
PGPMessageHeader = "PGP MESSAGE"
|
||||||
PGPSignatureHeader = "PGP SIGNATURE"
|
PGPSignatureHeader = "PGP SIGNATURE"
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
package constants
|
package constants
|
||||||
|
|
||||||
const Version = "ddacebe0"
|
const Version = "2.1.2"
|
||||||
|
|
|
||||||
|
|
@ -8,6 +8,7 @@ import "time"
|
||||||
type GopenPGP struct {
|
type GopenPGP struct {
|
||||||
latestServerTime int64
|
latestServerTime int64
|
||||||
latestClientTime time.Time
|
latestClientTime time.Time
|
||||||
|
generationOffset int64
|
||||||
}
|
}
|
||||||
|
|
||||||
var pgp = GopenPGP{}
|
var pgp = GopenPGP{}
|
||||||
|
|
|
||||||
|
|
@ -435,7 +435,7 @@ func generateKey(
|
||||||
cfg := &packet.Config{
|
cfg := &packet.Config{
|
||||||
Algorithm: packet.PubKeyAlgoRSA,
|
Algorithm: packet.PubKeyAlgoRSA,
|
||||||
RSABits: bits,
|
RSABits: bits,
|
||||||
Time: getTimeGenerator(),
|
Time: getKeyGenerationTimeGenerator(),
|
||||||
DefaultHash: crypto.SHA256,
|
DefaultHash: crypto.SHA256,
|
||||||
DefaultCipher: packet.CipherAES256,
|
DefaultCipher: packet.CipherAES256,
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,11 @@ func UpdateTime(newTime int64) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// SetKeyGenerationOffset updates the offset when generating keys.
|
||||||
|
func SetKeyGenerationOffset(offset int64) {
|
||||||
|
pgp.generationOffset = offset
|
||||||
|
}
|
||||||
|
|
||||||
// GetUnixTime gets latest cached time.
|
// GetUnixTime gets latest cached time.
|
||||||
func GetUnixTime() int64 {
|
func GetUnixTime() int64 {
|
||||||
return getNow().Unix()
|
return getNow().Unix()
|
||||||
|
|
@ -49,3 +54,19 @@ func getDiff() (int64, error) {
|
||||||
func getTimeGenerator() func() time.Time {
|
func getTimeGenerator() func() time.Time {
|
||||||
return getNow
|
return getNow
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// getNowKeyGenerationOffset returns the current time with the key generation offset.
|
||||||
|
func getNowKeyGenerationOffset() time.Time {
|
||||||
|
extrapolate, err := getDiff()
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return time.Unix(time.Now().Unix()+pgp.generationOffset, 0)
|
||||||
|
}
|
||||||
|
|
||||||
|
return time.Unix(pgp.latestServerTime+extrapolate+pgp.generationOffset, 0)
|
||||||
|
}
|
||||||
|
|
||||||
|
// getKeyGenerationTimeGenerator Returns a time generator function with the key generation offset.
|
||||||
|
func getKeyGenerationTimeGenerator() func() time.Time {
|
||||||
|
return getNowKeyGenerationOffset
|
||||||
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue