Address keybase/keybase-issues#59

CHANGELOG.md

@@ -1,3 +1,11 @@
+## 0.0.12 (2014-2-28)
+
+Bugfixes:
+
+  - Ignore signatures that are expired, don't fail to accept key, so long as
+    there is a good signature.  (closes keybase/keybase-issues#59)
+  - More test for good and expired signatures within keys
+
 ## 0.0.11 (2014-2-25)
 
 Bugfixes:

dev/gen_expired_key.iced

@@ -0,0 +1,20 @@
+{KeyManager} = require '../lib/keymanager'
+{make_esc} = require 'iced-error'
+argv = require('minimist')(process.argv[2...])
+
+#=======================================================
+
+run = (cb) ->
+  esc = make_esc cb, "run"
+  await KeyManager.generate { nsubs : 1, userid : argv._[0], nbits : 1024 }, esc defer km
+  # Hack the expiration timer
+  km.pgp.primary.lifespan.expire_in = v if (v = argv.p)?
+  km.pgp.subkeys[0].lifespan.expire_in = v if (v = argv.s)?
+  await km.sign {}, esc defer()
+  await km.export_pgp_public {}, esc defer msg
+  cb null, msg
+
+await run defer err, msg
+console.log (err or msg)
+process.exit 0
+

package.json

@@ -24,7 +24,7 @@
     "purepack": ">=1",
     "triplesec": ">=3.0.6",
     "bn": ">=0.0.2",
-    "pgp-utils": ">=0.0.15"
+    "pgp-utils": ">=0.0.15",
   },
   "devDependencies": {
     "browserify": "~3.1.0",
@@ -34,6 +34,7 @@
     "optimist": "*",
     "deep-equal": "*",
     "icsify": "*",
-    "iced-error": ">=0.0.6"
+    "iced-error": ">=0.0.6",
+    "minimist": "0.0.8"
   }
-}
+}

test/data/keys.iced

@@ -1735,5 +1735,84 @@ Bds+5ZPMUw8lg3Xd6uN9iL3ziNsAHFK0ekGfGxoX/6gztvKSh6r8JIdpLfs1Rk8AG+LDSyJP
 JPnusr+J6QoFUInKaB02X/w0xEbgGOL0hvjrhq2eFCEQeqi2hY2MuVg=
 =Gn5B
 -----END PGP PUBLIC KEY BLOCK-----
+""",
+  expired_uid : """
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: Keybase OpenPGP JS 0.0.1
+Comment: https://keybase.io/crypto
+
+xo0EUxDNHQEEAMvGzxHOWBQCG7126/PITuVvAKzSZ9mL24zoTvjQGJsBk40ZogMM
+pheNvsu5tKRzN8qg5SNTqs9QexH4mmRGQwJfOpZIMubltZJcLNWMIZbnhFV6v9o6
+lgIIkcWkVWGs2DRc0xOC1lwrw2kRTRYNw8pbsVA73289ixbi0LigYBVJABEBAAHN
+KEV4cGlyZWQgVWlkICgxKSA8ZXhwaXJlZC11aWRAZXhjaXRlLmNvbT7CswQQAQoA
+HQUCUxDNHQIbLwUJAAAACgMLCQcDFQoIAh4BAheAAAoJEGfVUKsTI96+xVkD+gJF
+eRHyJ2FpTERJFQFxpQVc2a6FsoKF4zAmTrcd2RBRzRroOsgS0UqO5W7iCP7YfoMR
+yzRkQ0RWKCAGIzMAhWKyHHk7NlJ1DJzgTGvs1jivfWdKfBqWxJ+u70sxZuFgUOp3
+sPe7+qjwHN9mEMcaw4JJQWG5uvKh/p3iL8ivf4Aizo0EUxDNHQEEAME9gX8Ozi7S
+WyqAHc1QZhqf40+siyL0AaE3T30pjQ6p5K4m8JyVWSwhgLoqDxssKYfUMuiDfbWa
+2FSVRMiqSCGLms/i7RRsvcorxslbujYxEtzGzaXTBfaeErC/JGF5GXnKDg0Pas9F
+e5qc/1vyFS9hYJ4uWlx9LJISlo+AFq0zABEBAAHCwIMEGAEKAA8FAlMQzR0FCQHh
+M4ACGy4AqAkQZ9VQqxMj3r6dIAQZAQoABgUCUxDNHQAKCRBKKv36hwArX9y0BACj
+ItcyzNSo+KbpG6y9niWd1qfWT6GgBP0QrGrigZs6gp4s9WbTTB88VwRjWbzx0+tZ
+SHZOIUwSQKS2AgmBeJ6SkLsw73zgBITlIECWv4fVObRY9qqPytuFBKcUVgqAYxnM
+m+KiP3zNlN7fvMbYeZB9YleoQ0kGPLvM0+UEfVCA9LegBACnPZz3cji4ZDPRKyeh
+MC3Y77IBnVpZ4nxVu9gtYTX0RsxGWI9e/Bw5t/27oR2d9FKXoxjsBR3/NCGgCIkE
+gyCQQkwXL+hbqzrV+x5AezIqw3sM6PonD3Nb2i0UiFcUfm9jFnoI6CZD3/gQ/AT0
+KJUhzSCDj2zeBFvCyd2R5gIbDA==
+=MatD
+-----END PGP PUBLIC KEY BLOCK-----
+""",
+  expired_subkey : """
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: Keybase OpenPGP JS 0.0.1
+Comment: https://keybase.io/crypto
+
+xo0EUxDNMgEEAPCfagBsEhd8x7DB5Xt13xDwBBm7jVyxVM9w314BG8BnGG/19t0l
+yLifWLS+R2+a8HRckyHfcmOvS/pNw5eASP27sCKmGz216UFjxoqNVr6DBccyM9B+
+pGGGAU5+HRYyH0CF5CN0IkdQZi7OXlidCuMK9vlADaGXQpefwhWKHoLXABEBAAHN
+LkV4cGlyZWQgU3Via2V5ICgxKSA8ZXhwaXJlZC1zdWJrZXlAZXhjaXRlLmNvbT7C
+swQQAQoAHQUCUxDNMgIbLwUJEswDAAMLCQcDFQoIAh4BAheAAAoJELJD5dP3kUAz
+5dID/iOThQqsHwrpbbsR01ZSZqEO5/arxBRESJVfenhqZvVsx8TWa/cCF6+96199
+TaC6jUGn4FOXfJ4ioC0AqrrWi2vhFwE9AzXZIOZDYke14XfIQxmx4rsTb1NWhyWw
+JWdGszWez1SCEOpkPGrnDTaZ3prTvt4jNARbxQ/FrrERBJDGzo0EUxDNMgEEALV8
+DAwb7+UGPnEEgdHCaTcXnLK12G2YT6dK91ootI6B4JANCNaBQ4YsFC3p9R8ZuEgI
+4DDmp6xG51awjvf33ctfMzB5fDTRVHnf8+UiZg6k0FaFXgLGKFWWD/lPq12AwZ9g
+7KZepLu14IB0PAlp/zH3Hpi6ETYHwWYNY38XEgB7ABEBAAHCwIMEGAEKAA8FAlMQ
+zTIFCQAAAAoCGy4AqAkQskPl0/eRQDOdIAQZAQoABgUCUxDNMgAKCRASxscWLxjz
+KeLVA/9kQ9SFdgd6nmnrNE1rI+3ypTHiFT6+/dNTwGHxDjHtU58BA2EA8rXVtA7q
+DUvMWhSR7EMT8OTek8pNdtUKejtipH9kDQ1Em23OXUWYQm2sglxsPfY6BaGbuzvU
+kPofsn8QEfqL4/9PR9ZF/Zs36g9EmNWsnJ0Z8ps4oMA6Q7htPtVnBADQGlxsgnLz
+KACdg+XgX82gMjlnOverERfB4IEF89G9nYnLQjahMqOt2k6I6dbegIPNu52JbcCr
+1A8I7xUOICT2+Eh7vH4R6HxZMNQSTrGBdS4/wSVgNmCghq680cqiIK8UuP+yct+Q
+4XB8mYxYwQJlLLElbkvQYDg/d7mqNeeAqA==
+=9kC1
+-----END PGP PUBLIC KEY BLOCK-----
+""",
+  expired_both : """
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: Keybase OpenPGP JS 0.0.1
+Comment: https://keybase.io/crypto
+
+xo0EUxDQogEEAOcdz2ilJx+kxBg/XTxUU4EpDMixuOC2NjAGpjufN/n2YGveFKBq
+X+c4YBiHcuN350XR377p/CcJfcImSFDnCCVLGxxrTPdmY4kjuxeiH98zsFcINT4s
+UK1PvtGIVHgVpd+SWb3a75ln+lHSB5BRo/5BhI6HVkrO64N9ghNch9s7ABEBAAHN
+KkV4cGlyZWQgQm90aCAoMSkgPGV4cGlyZWRfYm90aEBleGNpdGUuY29tPsKzBBAB
+CgAdBQJTENCiAhsvBQkAAAAKAwsJBwMVCggCHgECF4AACgkQR9BK0JFOmMoTlQQA
+veKwhVPWO4XgHL4+RMfj+XoMo+kBejSCRRyN5Xv/ll5z3IpFK4Vh59dbJIKUQjon
+BeqR7F9SjqNrhOgx7KTNDxM9bQsXXxb9oPXDSlq7h68oHydvFjOthvfdLKdy4bDg
+3r6CrQKw00lq+Qubw8JfZSzoFSifch13JxzU7UliRtDOjQRTENCiAQQAli5vc0oQ
+EQJVQuC9TFGuOU+cy9xdTuj3Ts/tZ/i2ZOtDWJHdbpfbr7eu7zvPCaRN/x+xlmVa
+jrLSL7VQWw0m+HhEhK7IwkfZluu0Uvc3v4wollbu5VDUpP+6cknEo9H3rADOL1cn
+ht3c8nVHt5GrH5J18ArM500CRMTdyj/pIR8AEQEAAcLAgwQYAQoADwUCUxDQogUJ
+AAAACgIbLgCoCRBH0ErQkU6Yyp0gBBkBCgAGBQJTENCiAAoJEGOvMANWzPjVIMkD
+/2Jg6H4JwUXm7evpxMul+blrYWj367NIbVuYWbzDbPDijjMje6YDa12uPurc9IZY
+Rda+S2vQ1pBaL8GofQqqXYoeEUWmenWVgpSjLCK3WuO4VR6W1sYGKsHNsRvTTxnJ
+zraPqw6TxzNlsXBg0FMeQtOHFKvZMHuHs8OhnJ27qM0GNSwD/R/oLrSv9eqUdzi6
+1CQOPctJK6hkfc4NfoB7krW945G2YcODH9SzbcXAJ+ZxuNQ45x3jkMoDFLrXz9Ta
+p80MPjsPwTIxJMxY9E7hKwkSMxA5VyCc9KEhfW8hxPqrvWqyzd2PkjJzz4KkYIxY
+BGYnPpGNPs3Y7pgsTG1SIebNOO/Z
+=bfGp
+-----END PGP PUBLIC KEY BLOCK-----
 """
+
 }

test/files/decode_pgp.iced

@@ -303,6 +303,31 @@ exports.public_key_with_pic = (T,cb) ->
 
 #============================================================================
 
+exports.public_key_expired_uid = (T,cb) ->
+  await KeyManager.import_from_armored_pgp { raw : keys.expired_uid } , defer err, km, warnings
+  T.assert (err?), "should get an error"
+  T.equal err.message, "no valid primary key self-signature", "the right error"
+  cb()
+
+#============================================================================
+
+exports.public_key_expired_subkey = (T,cb) ->
+  await KeyManager.import_from_armored_pgp { raw : keys.expired_subkey } , defer err, km, warnings
+  T.assert (err?), "should get an error if no subkeys"
+  T.equal err.message, "Could not import subkey 0", "the right error"
+  cb()
+
+#============================================================================
+
+exports.public_key_expired_both = (T,cb) ->
+  await KeyManager.import_from_armored_pgp { raw : keys.expired_both } , defer err, km, warnings
+  T.assert (err?), "should get an error"
+  T.equal err.message, "no valid primary key self-signature", "the right error"
+  T.equal warnings.warnings().length, 2, "failed two checks"
+  cb()
+
+#============================================================================
+
 exports.public_keys_advanced = (T,cb) ->
   names = [ "sneak", "elitehaxor", "finn" ]
   for n in names