Add key generation offset (#104)

* Add key generation offset * Bump version to 2.1.2
2020-12-01 19:44:49 +01:00 · 2020-12-01 19:44:49 +01:00 · 75f27fd1df
commit 75f27fd1df
parent 385e6d21d2
6 changed files with 29 additions and 4 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,7 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

-## Unreleased
+## [2.1.2] 2020-12-01
+### Added
+- `SetKeyGenerationOffset` to add an offset in key generation time and prevent not-yet-valid keys.
+
 ### Changed
 - Improved canonicalization performance

--- a/constants/armor.go
+++ b/constants/armor.go
@ -3,7 +3,7 @@ package constants

 // Constants for armored data.
 const (
-	ArmorHeaderVersion = "GopenPGP 2.1.1"
+	ArmorHeaderVersion = "GopenPGP 2.1.2"
 	ArmorHeaderComment = "https://gopenpgp.org"
 	PGPMessageHeader   = "PGP MESSAGE"
 	PGPSignatureHeader = "PGP SIGNATURE"
--- a/constants/version.go
+++ b/constants/version.go
@ -1,3 +1,3 @@
 package constants

-const Version = "ddacebe0"
+const Version = "2.1.2"
--- a/crypto/gopenpgp.go
+++ b/crypto/gopenpgp.go
@ -8,6 +8,7 @@ import "time"
 type GopenPGP struct {
 	latestServerTime int64
 	latestClientTime time.Time
+	generationOffset int64
 }

 var pgp = GopenPGP{}
--- a/crypto/key.go
+++ b/crypto/key.go
@ -435,7 +435,7 @@ func generateKey(
 	cfg := &packet.Config{
 		Algorithm:     packet.PubKeyAlgoRSA,
 		RSABits:       bits,
-		Time:          getTimeGenerator(),
+		Time:          getKeyGenerationTimeGenerator(),
 		DefaultHash:   crypto.SHA256,
 		DefaultCipher: packet.CipherAES256,
 	}
--- a/crypto/time.go
+++ b/crypto/time.go
@ -13,6 +13,11 @@ func UpdateTime(newTime int64) {
 	}
 }

+// SetKeyGenerationOffset updates the offset when generating keys.
+func SetKeyGenerationOffset(offset int64) {
+	pgp.generationOffset = offset
+}
+
 // GetUnixTime gets latest cached time.
 func GetUnixTime() int64 {
 	return getNow().Unix()
@ -49,3 +54,19 @@ func getDiff() (int64, error) {
 func getTimeGenerator() func() time.Time {
 	return getNow
 }
+
+// getNowKeyGenerationOffset returns the current time with the key generation offset.
+func getNowKeyGenerationOffset() time.Time {
+	extrapolate, err := getDiff()
+
+	if err != nil {
+		return time.Unix(time.Now().Unix()+pgp.generationOffset, 0)
+	}
+
+	return time.Unix(pgp.latestServerTime+extrapolate+pgp.generationOffset, 0)
+}
+
+// getKeyGenerationTimeGenerator Returns a time generator function with the key generation offset.
+func getKeyGenerationTimeGenerator() func() time.Time {
+	return getNowKeyGenerationOffset
+}