projects / epoint / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
signature subpacket patch: mark expiration time as critical
[epoint] / patches / sig.diff
1 diff -r 221f3eb76b52 src/pkg/crypto/openpgp/packet/signature.go
2 --- a/src/pkg/crypto/openpgp/packet/signature.go        Thu Nov 24 08:51:47 2011 -0800
3 +++ b/src/pkg/crypto/openpgp/packet/signature.go        Wed Nov 30 23:44:34 2011 +0100
4 @@ -163,7 +163,7 @@
5  const (
6         creationTimeSubpacket        signatureSubpacketType = 2
7         signatureExpirationSubpacket signatureSubpacketType = 3
8 -       keyExpirySubpacket           signatureSubpacketType = 9
9 +       keyExpirationSubpacket       signatureSubpacketType = 9
10         prefSymmetricAlgosSubpacket  signatureSubpacketType = 11
11         issuerSubpacket              signatureSubpacketType = 16
12         prefHashAlgosSubpacket       signatureSubpacketType = 21
13 @@ -235,7 +235,7 @@
14                 }
15                 sig.SigLifetimeSecs = new(uint32)
16                 *sig.SigLifetimeSecs = binary.BigEndian.Uint32(subpacket)
17 -       case keyExpirySubpacket:
18 +       case keyExpirationSubpacket:
19                 // Key expiration time, section 5.2.3.6
20                 if !isHashed {
21                         return
22 @@ -541,10 +541,7 @@
23  
24  func (sig *Signature) buildSubpackets() (subpackets []outputSubpacket) {
25         creationTime := make([]byte, 4)
26 -       creationTime[0] = byte(sig.CreationTime >> 24)
27 -       creationTime[1] = byte(sig.CreationTime >> 16)
28 -       creationTime[2] = byte(sig.CreationTime >> 8)
29 -       creationTime[3] = byte(sig.CreationTime)
30 +       binary.BigEndian.PutUint32(creationTime, sig.CreationTime)
31         subpackets = append(subpackets, outputSubpacket{true, creationTimeSubpacket, false, creationTime})
32  
33         if sig.IssuerKeyId != nil {
34 @@ -553,5 +550,59 @@
35                 subpackets = append(subpackets, outputSubpacket{true, issuerSubpacket, false, keyId})
36         }
37  
38 +       if sig.SigLifetimeSecs != nil && *sig.SigLifetimeSecs != 0 {
39 +               sigLifetime := make([]byte, 4)
40 +               binary.BigEndian.PutUint32(sigLifetime, *sig.SigLifetimeSecs)
41 +               // signature expiration is marked as critical
42 +               subpackets = append(subpackets, outputSubpacket{true, signatureExpirationSubpacket, true, sigLifetime})
43 +       }
44 +
45 +       // The following subpackets may only appear in self-signatures
46 +
47 +       if sig.KeyLifetimeSecs != nil && *sig.KeyLifetimeSecs != 0 {
48 +               keyLifetime := make([]byte, 4)
49 +               binary.BigEndian.PutUint32(keyLifetime, *sig.KeyLifetimeSecs)
50 +               // TODO:
51 +               // key expiration is marked as critical
52 +               subpackets = append(subpackets, outputSubpacket{true, keyExpirationSubpacket, true, keyLifetime})
53 +       }
54 +
55 +       if sig.IsPrimaryId != nil && *sig.IsPrimaryId {
56 +               subpackets = append(subpackets, outputSubpacket{true, primaryUserIdSubpacket, false, []byte{1}})
57 +       }
58 +
59 +       // []byte slices of preferred algorithms are not copied
60 +
61 +       if len(sig.PreferredSymmetric) > 0 {
62 +               subpackets = append(subpackets, outputSubpacket{true, prefSymmetricAlgosSubpacket, false, sig.PreferredSymmetric})
63 +       }
64 +
65 +       if len(sig.PreferredHash) > 0 {
66 +               subpackets = append(subpackets, outputSubpacket{true, prefHashAlgosSubpacket, false, sig.PreferredHash})
67 +       }
68 +
69 +       if len(sig.PreferredCompression) > 0 {
70 +               subpackets = append(subpackets, outputSubpacket{true, prefCompressionSubpacket, false, sig.PreferredCompression})
71 +       }
72 +
73 +       // The Key Flags subpacket may only appear in self-signatures or certification signatures
74 +
75 +       if sig.FlagsValid {
76 +               flags := byte(0)
77 +               if sig.FlagCertify {
78 +                       flags |= 1
79 +               }
80 +               if sig.FlagSign {
81 +                       flags |= 2
82 +               }
83 +               if sig.FlagEncryptCommunications {
84 +                       flags |= 4
85 +               }
86 +               if sig.FlagEncryptStorage {
87 +                       flags |= 8
88 +               }
89 +               subpackets = append(subpackets, outputSubpacket{true, keyFlagsSubpacket, false, []byte{flags}})
90 +       }
91 +
92         return
93  }
epoint