From dd5f8f67a81fc6d81a52c33037c893b828acbabd Mon Sep 17 00:00:00 2001 From: Dmitriy Matrenichev Date: Tue, 16 May 2023 09:25:30 -0400 Subject: [PATCH 1/2] Truncate config.Now to second precision Because pgp uses seconds and not ns. --- openpgp/packet/config.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/openpgp/packet/config.go b/openpgp/packet/config.go index 00f4706bf..04994bec9 100644 --- a/openpgp/packet/config.go +++ b/openpgp/packet/config.go @@ -39,7 +39,7 @@ type Config struct { // and password-encrypted data. // If nil, the default configuration is used S2KConfig *s2k.Config - // Iteration count for Iterated S2K (String to Key). + // Iteration count for Iterated S2K (String to Key). // Only used if sk2.Mode is nil. // This value is duplicated here from s2k.Config for backwards compatibility. // It determines the strength of the passphrase stretching when @@ -135,9 +135,9 @@ func (c *Config) Cipher() CipherFunction { func (c *Config) Now() time.Time { if c == nil || c.Time == nil { - return time.Now() + return time.Now().Truncate(time.Second) } - return c.Time() + return c.Time().Truncate(time.Second) } // KeyLifetime returns the validity period of the key. @@ -198,7 +198,7 @@ func (c *Config) S2K() *s2k.Config { } // for backwards compatibility if c != nil && c.S2KCount > 0 && c.S2KConfig == nil { - return &s2k.Config { + return &s2k.Config{ S2KCount: c.S2KCount, } } From eb0fc8b3efa51f6082180e0e7eeedd2905c50ec2 Mon Sep 17 00:00:00 2001 From: Daniel Huigens Date: Thu, 18 May 2023 20:08:50 +0200 Subject: [PATCH 2/2] Fix and rename TestReturnFirstUnexpiredSigningSubkey Fix the test to create subkeys with different creation times, so that the SigningKey function selects the later subkey, and rename the test to TestReturnNewestUnexpiredSigningSubkey. --- openpgp/keys_test.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/openpgp/keys_test.go b/openpgp/keys_test.go index f566f0f7d..35bb495b9 100644 --- a/openpgp/keys_test.go +++ b/openpgp/keys_test.go @@ -123,7 +123,7 @@ func TestExpiringPrimaryUIDKey(t *testing.T) { } } -func TestReturnFirstUnexpiredSigningSubkey(t *testing.T) { +func TestReturnNewestUnexpiredSigningSubkey(t *testing.T) { // Make a master key. entity, err := NewEntity("Golang Gopher", "Test Key", "no-reply@golang.com", nil) if err != nil { @@ -140,6 +140,9 @@ func TestReturnFirstUnexpiredSigningSubkey(t *testing.T) { // Second signing subkey expires in a day. err = entity.AddSigningSubkey(&packet.Config{ + Time: func() time.Time { + return time.Now().Add(1 * time.Second) + }, KeyLifetimeSecs: 24 * 60 * 60, }) if err != nil { @@ -149,7 +152,7 @@ func TestReturnFirstUnexpiredSigningSubkey(t *testing.T) { subkey2 := entity.Subkeys[2] // Before second signing subkey has expired, it should be returned. - time1 := time.Now() + time1 := time.Now().Add(2 * time.Second) expected := subkey2.PublicKey.KeyIdShortString() subkey, found := entity.SigningKey(time1) if !found {