Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

expiration sig preferrence incompatibility #55

Closed
tomholub opened this issue Jan 20, 2021 · 5 comments
Closed

expiration sig preferrence incompatibility #55

tomholub opened this issue Jan 20, 2021 · 5 comments

Comments

@tomholub
Copy link
Contributor

tomholub commented Jan 20, 2021
edited

Example generated keypair:

-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: BCPG v1.68

lQOYBGAIUhoBCADEnk3EACyTc/GVkwMI5MHls6oIlJT42qB2Wh6PF7FXpnS70hBq
ZLSC0N+UxCROf/EUxYq7wUpwVp63Pd4hVyn1ppf1XOJztluGiXDPkVR6fQMMYXeI
XnnJMcIBZLYYKUe+wMGMIz8oYzbU8dJHE8TCbsRukHtk5aFMTu1I+MCgq2jU/WVU
YMJHILMF/e0hKix1lZBDyhg2g47xhdRvJgmHX81CKjOC4Jt/vz26jW276+koIqUK
318EPBgYObsjEr7UcAKbOuUDbExZKdcgBCPswwcLaM7+kLBpvREYugyXlj2WT7la
QB2iHc3aBpeYbPJ3Fn2UyXSICQaOAaM+b0+3ABEBAAEAB/44AlRqyhXopzWhgzBx
HyEw+v4r1Y+eWEEvlbpwzrIBIvTL8Com9KsLPM8EBN/G0OFvJlq/427+E17BGkml
u7vDM4LELYKArejiqVJOfrrO7b+pjjZLzYXpz1fRp8vLlC7Q4v3/mqbKLYEYJg7d
mn8JWB5y1IuiEVvibfVgPSQ6YDnuZAbqxjxjrDa5d8pwFAuh+zkDrU5CY9Eoyuzi
+Y2+K4XTchC/BZbEm+oClUiuKHxgyrby8BobLvhxr/duH6eUpDX8Czcw71ceWlBn
+2fkh4JgnozKL/qED+I6URRE+GAEbaMT3f14HxyJvDcfZjwKEHhvSOPuzGCBI9dP
tcepBADallzOOiQ+2+dy02Do766rr42KlRVa+WG2MTOqsCeA0wh/Hx8e7ufRVOfK
czBZzDO9P2C6mEXIr87GxNsSD4MhzP9k9JNAIQXMb/bYGzB2o+sGPM1GeDpQsjaM
2Cv1VrHt9XgP3uAUkllxpPgRP5Wjto7UXDu788V6Jf5yYgJ2dQQA5kVY14NeWo5/
cKKHPfrYTMnw/7SECHTYaIhtZpAM040snjf/YYSfdIeVhoY+0wdbjKlLX8p4K0kZ
cWdweLJ9EHic1I150D3Ql9RyNuS99Ti52bl2uSAukgOY6jdSgG2giy9Hl0BCYls4
J1/z+q0SjbrVDEUqKi2pgtBqTZ9ZH/sEAOFllvNtcEi47+hVd1ue8GfDuMHK7wj0
dP6yQcS7DjooNLojlAQkrDWiIhR4ccvnr89e3k90HIfBP4dIJmfeEy2GG9fCDts1
QHdKErceQjorx68DvoYIKCMZwCeBJdXLdi8FVwBlNpyEgKslFaynAXcbc+YJGHz0
peLvIUiN7UyUP9u0FnRlc3Qta2V5QGZsb3djcnlwdC5jb22JATMEEwEKAB0FAmAI
UhoCGwMFFgIDAQAECwkIBwUVCgkICwIeAQAKCRD0UdEAqs7UMsghB/wP+jIT1oZG
gs+zrzNIfkANigHEja9yIwHJnXgU7zflfw5TKJyfZj0k54n9h2JPgoxvL4pk6xeb
m6MInCKjvHkoFle1bmYIAyadzLKWDyb+RfTNWn2NvdgBx8qp7sD1Tu0oVlpFMx6J
WPWa85Ap6saQKKDoi4gT7Zh5fWtU1mRsZO/l4BbB8hM2DfauyuSSYiQBSvtA1Fch
aI2WXImC7GKUysvutgKyWuGLaSCkRKCaYRcE2J4IjspFm6c85A9AsGh3dj3Ka9G/
sK3UF6BOyDXIufexUsYbMTI0f1pRBrj2NBQiiWPQkcd48Whp7fQEqKtpBCb7fIC8
UzlXFMKXmX7NiQEiBBMBCgAMBQJgCFIaBYkAAAu3AAoJEPRR0QCqztQy99AH/j/U
fuudZ004eNEFIo+OI522cv7AT1gxggnqSwfnQJPr+4rXf7w0/ggKZ6XsC+4BUeya
AHFvpFf/CPFNmwCcMGpGnt+nk3fghhTz+EBwB5f4ulAbgtuV69VD1FejkHo/j9Rx
lz0Dd+KD+S8jUBN4wMJGCnAUGp+S2fu1M0QstFR6B82NWy9uAmCaRJlKwrp99T+D
HBvdtVn3hS386jMqA7cv49W7fAZhqfwRQUp72Scx6H0XUQtwH1p3MZVEHPZrYfw6
kIYqW7uBbkS0CzTNJdV3D4wnDmknTspR0FDFoV4UnRjN/6++C5H2F+tK6Lcbh7np
157dUEMbG4PniEPw0qW0GXRlc3Qtc2Vjb25kQGZsb3djcnlwdC5jb22JARwEEwEK
AAYFAmAIUhoACgkQ9FHRAKrO1DJzGwgAkoGRfisfqz3/2N/oNw7G4xlG2xPgx5x6
mEXuwh7ITP5G69sCMBvduBeh511OiXrroEfSETTQgAtrPIIgRKw07NmWolddSEIb
7CrCpMsFmmas8m6iHSEqPrs+t6dyM9sXVU4bWhtQcDhKSYQSP4hz5/Zxajx4VncX
dld6i736Sook38KB87bCZgtt0ni3ClXDNuuAPNfazQ7s1sU7SfwO+KZHvH0f/Ubk
bi1JZxI7DZZDZnhB+wlvH5xJCO67mkrSBMYg5ZgIDymAdjGEVi/7LLQBX8gyYAz6
HNB7zNrW8vOa9j5NKk382HvYpxZRexsOMkVM9AequiYXJER18eBJjIkBIgQTAQoA
DAUCYAhSGgWJAAALtwAKCRD0UdEAqs7UMjxkB/4pcqeul3RrjpxkDwCsFdT9fwwE
65PfzlImPDKI8T4DUeKOBthc/v6F+zAqpmginqSFZRD48dzFQHXA5NU+P9fVf0JQ
P/P5tiGZv9xsGVpteAH+t/7OYNboafbBh1HDx+A+M44J9O6xDdI+qiRKjgo4SmWB
MxKS64Bde35lkesulujefWKpOw5j2Xg3vrt8mE+TDJpWJQ1fgt16mqgIkeqAQW5A
6lMxr7KEesXmPou98ZLBEJjXuzS0Yodjk5BnanooOk6FytXh1XTHuXW4vzc2gveK
ODF2YjMi+KxGi6yk1tIyUjgkaoCVDnjvU2eChr3Ij3TinBhyDHHSRW1kMULjnQOY
BGAIUhoBCADN0iMq+ZYNVW4vRJSvYEs9bFBS1tcyZfBtkbQ08kMexpoxLwW1l1cy
il+cSewU0WpLXSFOcJYaNfKiA0u4lMh5e2+H7eNvX3qpmoifmWO2lhmBopo3I5F0
2Kb+MS1795LtN7GHZQ9F1BGzG13FIUTCZiQwmJBKay4qTd7/GIr7U6x7JUkAqbcP
vbmPhM5ePLP1sTPyGtY7wgixCKKeifFHvQ79zMcErgiWuuS1LyMwv7awLPjVQtkO
rBOKb3zoMtFJrXfnXYajXpNgYsQ+ZcDvjdi8h83RahbQmSUinCR7VVi57kvKmIaZ
SSnlOuqCaPjvXQRdUYAdgyIMNz4eA53lABEBAAEAB/4orHyZL0oVN/sGmcu1TbcI
vCkyebT8x3LoQElHxlF32UEa86Mx8+a+POSwntYp9gmGu7CLjwnGw77/f928rCBj
C37qspsFxS1ZK4oQ2i//ovGG8hJ+T4fc+ryjkqXdr/sH6H/rlQ/b2ZEm30NcY9rx
/Nvtg5TONBijMRDewiOjD1cERLLBke6ohKv4teKxUEdEWYQnY2fEdaYxC4NzVgjK
Y2/F0MJrunJwZanI1lIuJF9avXTJTSt2qBWtmoSxmy0cyWGzSq+qw9Aa4uG4CDFL
b3ZibmeB2lZVUzam+GRbBGAezeKpqt2w7OlMaIfNqIRpP9vjGhDXlbe+CBk3hfY5
BADcjj7GxHlEc+1QqOi/TSVPcqVzlyUKQZ5o4yC2WslQoQgBs0lG1m01QbJ7dQIY
3iZ32PF/vK8I1/zqPykCFdRiL+dNFq2a89BmqVbenZbuyOmQX8b2pYa+yOH+dT3F
SV88fFa8gOJhnvB+qZJlc0yAOOe0868HeKTosuOaO09KKQQA7uWyPaj5myzfmHTM
HOtJ5O6PT86gj5QYut2cfAJV81c1BEC5RUbmTojS5lo4l+zXCRBe9UxYt2KtrBW1
l0SkJVfNIBLaRWMFKAWBMFye0lEBiMxMp5arXdkgAew/7hfrYmIXM70Y9Gat4KaD
mMmB3LDmBoylmbSQ/XdvI+fH5V0EAO1EtvBWUx56Ax0oyVMuNZxUanwdMedjfPyK
kwLq9I2+/O0bx1V30EfmRvhy+EJTx+uCEgY9Pv81f28z676XOUdLoEyKAzAb9PWW
giCrVbmAsFdu5qE87d88c0p6/dmx/DKPTpFkkEZl2We7OVSQOaECrXHYqudsE5ZI
LdetYlBhTQ2JATMEGAEKAB0FAmAIUhoCGwwFFgIDAQAECwkIBwUVCgkICwIeAQAK
CRD0UdEAqs7UMsc1CACTECMZFaevbj/xdD2FMk/BG0Ypyx/Kj1TzREGf2FGuqkMO
QqLNg1mOzDaDHr/tfMjj7wzR2Z5WuSm7aMz3gwhAXoMvo2JD5APbY+07FjP9Qmm4
b9DK9zQxHK17CiEV5dn3xSUKS1v6ffZcFoIsHT4LrX7y2ImH8VIurFhrNbXSmLJG
t1rxWpd+XgZjrX9MIxa2HGjNHdEIEdrtfqMDm4k13UAfanyU32dTVOt9U4f8fpKR
AaCSGWDH2v+Sbq179+br+3Zd53hcIQcNm2TSlDPQG0bki/vMlGFgjC82kXHtiXlo
OAbxxvjZ7ht0jfVAHWfNYglhtzaLEfcTPSz7LbQpiQE5BBgBCgAjAhsMBRYCAwEA
BAsJCAcFFQoJCAsCHgEFAmAIUhoFiQAAC7cACgkQ9FHRAKrO1DJ5hQf/Vg/PnrMU
441Yfz/kc4XNFUBrdaOUx2wVcPDtoAPpgu/J6s9ui34RrnVVWR1qu7t5SBbjvzug
raeQRKlxVkU/opDR4M1wI0HNA8QAret8amlV3brwOBQ5ZiZ26zp5B+TCVKOKXAH0
kxCw0Fi7jCELA6IGAoYwNzxuGyxD9JM9jSbheWx8/zDaXsU2i6MTXwNPDI5CQhIT
gKykGY95FjoGw9ULzX5UeWAOyNqRJAgji6o5FgDoKMH2/oqVG+eXmdv+ITNUtZG6
0VzfNOhjdx7Pvwcbx6PibnwLknpTaJZ987l/hswEGnmYJHDfkV3BYhTgRDDVJpRk
Zc6ss+6ha0gr2A==
=ioDh
-----END PGP PRIVATE KEY BLOCK-----

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: BCPG v1.68

mQENBGAIUhoBCADEnk3EACyTc/GVkwMI5MHls6oIlJT42qB2Wh6PF7FXpnS70hBq
ZLSC0N+UxCROf/EUxYq7wUpwVp63Pd4hVyn1ppf1XOJztluGiXDPkVR6fQMMYXeI
XnnJMcIBZLYYKUe+wMGMIz8oYzbU8dJHE8TCbsRukHtk5aFMTu1I+MCgq2jU/WVU
YMJHILMF/e0hKix1lZBDyhg2g47xhdRvJgmHX81CKjOC4Jt/vz26jW276+koIqUK
318EPBgYObsjEr7UcAKbOuUDbExZKdcgBCPswwcLaM7+kLBpvREYugyXlj2WT7la
QB2iHc3aBpeYbPJ3Fn2UyXSICQaOAaM+b0+3ABEBAAG0FnRlc3Qta2V5QGZsb3dj
cnlwdC5jb22JATMEEwEKAB0FAmAIUhoCGwMFFgIDAQAECwkIBwUVCgkICwIeAQAK
CRD0UdEAqs7UMsghB/wP+jIT1oZGgs+zrzNIfkANigHEja9yIwHJnXgU7zflfw5T
KJyfZj0k54n9h2JPgoxvL4pk6xebm6MInCKjvHkoFle1bmYIAyadzLKWDyb+RfTN
Wn2NvdgBx8qp7sD1Tu0oVlpFMx6JWPWa85Ap6saQKKDoi4gT7Zh5fWtU1mRsZO/l
4BbB8hM2DfauyuSSYiQBSvtA1FchaI2WXImC7GKUysvutgKyWuGLaSCkRKCaYRcE
2J4IjspFm6c85A9AsGh3dj3Ka9G/sK3UF6BOyDXIufexUsYbMTI0f1pRBrj2NBQi
iWPQkcd48Whp7fQEqKtpBCb7fIC8UzlXFMKXmX7NiQEiBBMBCgAMBQJgCFIaBYkA
AAu3AAoJEPRR0QCqztQy99AH/j/UfuudZ004eNEFIo+OI522cv7AT1gxggnqSwfn
QJPr+4rXf7w0/ggKZ6XsC+4BUeyaAHFvpFf/CPFNmwCcMGpGnt+nk3fghhTz+EBw
B5f4ulAbgtuV69VD1FejkHo/j9Rxlz0Dd+KD+S8jUBN4wMJGCnAUGp+S2fu1M0Qs
tFR6B82NWy9uAmCaRJlKwrp99T+DHBvdtVn3hS386jMqA7cv49W7fAZhqfwRQUp7
2Scx6H0XUQtwH1p3MZVEHPZrYfw6kIYqW7uBbkS0CzTNJdV3D4wnDmknTspR0FDF
oV4UnRjN/6++C5H2F+tK6Lcbh7np157dUEMbG4PniEPw0qW0GXRlc3Qtc2Vjb25k
QGZsb3djcnlwdC5jb22JARwEEwEKAAYFAmAIUhoACgkQ9FHRAKrO1DJzGwgAkoGR
fisfqz3/2N/oNw7G4xlG2xPgx5x6mEXuwh7ITP5G69sCMBvduBeh511OiXrroEfS
ETTQgAtrPIIgRKw07NmWolddSEIb7CrCpMsFmmas8m6iHSEqPrs+t6dyM9sXVU4b
WhtQcDhKSYQSP4hz5/Zxajx4VncXdld6i736Sook38KB87bCZgtt0ni3ClXDNuuA
PNfazQ7s1sU7SfwO+KZHvH0f/Ubkbi1JZxI7DZZDZnhB+wlvH5xJCO67mkrSBMYg
5ZgIDymAdjGEVi/7LLQBX8gyYAz6HNB7zNrW8vOa9j5NKk382HvYpxZRexsOMkVM
9AequiYXJER18eBJjIkBIgQTAQoADAUCYAhSGgWJAAALtwAKCRD0UdEAqs7UMjxk
B/4pcqeul3RrjpxkDwCsFdT9fwwE65PfzlImPDKI8T4DUeKOBthc/v6F+zAqpmgi
nqSFZRD48dzFQHXA5NU+P9fVf0JQP/P5tiGZv9xsGVpteAH+t/7OYNboafbBh1HD
x+A+M44J9O6xDdI+qiRKjgo4SmWBMxKS64Bde35lkesulujefWKpOw5j2Xg3vrt8
mE+TDJpWJQ1fgt16mqgIkeqAQW5A6lMxr7KEesXmPou98ZLBEJjXuzS0Yodjk5Bn
anooOk6FytXh1XTHuXW4vzc2gveKODF2YjMi+KxGi6yk1tIyUjgkaoCVDnjvU2eC
hr3Ij3TinBhyDHHSRW1kMULjuQENBGAIUhoBCADN0iMq+ZYNVW4vRJSvYEs9bFBS
1tcyZfBtkbQ08kMexpoxLwW1l1cyil+cSewU0WpLXSFOcJYaNfKiA0u4lMh5e2+H
7eNvX3qpmoifmWO2lhmBopo3I5F02Kb+MS1795LtN7GHZQ9F1BGzG13FIUTCZiQw
mJBKay4qTd7/GIr7U6x7JUkAqbcPvbmPhM5ePLP1sTPyGtY7wgixCKKeifFHvQ79
zMcErgiWuuS1LyMwv7awLPjVQtkOrBOKb3zoMtFJrXfnXYajXpNgYsQ+ZcDvjdi8
h83RahbQmSUinCR7VVi57kvKmIaZSSnlOuqCaPjvXQRdUYAdgyIMNz4eA53lABEB
AAGJATMEGAEKAB0FAmAIUhoCGwwFFgIDAQAECwkIBwUVCgkICwIeAQAKCRD0UdEA
qs7UMsc1CACTECMZFaevbj/xdD2FMk/BG0Ypyx/Kj1TzREGf2FGuqkMOQqLNg1mO
zDaDHr/tfMjj7wzR2Z5WuSm7aMz3gwhAXoMvo2JD5APbY+07FjP9Qmm4b9DK9zQx
HK17CiEV5dn3xSUKS1v6ffZcFoIsHT4LrX7y2ImH8VIurFhrNbXSmLJGt1rxWpd+
XgZjrX9MIxa2HGjNHdEIEdrtfqMDm4k13UAfanyU32dTVOt9U4f8fpKRAaCSGWDH
2v+Sbq179+br+3Zd53hcIQcNm2TSlDPQG0bki/vMlGFgjC82kXHtiXloOAbxxvjZ
7ht0jfVAHWfNYglhtzaLEfcTPSz7LbQpiQE5BBgBCgAjAhsMBRYCAwEABAsJCAcF
FQoJCAsCHgEFAmAIUhoFiQAAC7cACgkQ9FHRAKrO1DJ5hQf/Vg/PnrMU441Yfz/k
c4XNFUBrdaOUx2wVcPDtoAPpgu/J6s9ui34RrnVVWR1qu7t5SBbjvzugraeQRKlx
VkU/opDR4M1wI0HNA8QAret8amlV3brwOBQ5ZiZ26zp5B+TCVKOKXAH0kxCw0Fi7
jCELA6IGAoYwNzxuGyxD9JM9jSbheWx8/zDaXsU2i6MTXwNPDI5CQhITgKykGY95
FjoGw9ULzX5UeWAOyNqRJAgji6o5FgDoKMH2/oqVG+eXmdv+ITNUtZG60VzfNOhj
dx7Pvwcbx6PibnwLknpTaJZ987l/hswEGnmYJHDfkV3BYhTgRDDVJpRkZc6ss+6h
a0gr2A==
=SR2I
-----END PGP PUBLIC KEY BLOCK-----

Contrast with OpenPGP.js generated expiring keypair:

-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: FlowCrypt Email Encryption 8.0.1
Comment: Seamlessly send and receive encrypted email

xVgEYAhU4BYJKwYBBAHaRw8BAQdA9u4qdk22Si9wGZs3feZAoqNwB7DsmJhF
xFsAvgbW5q8AAP9L+aRaBcYdXIGyNT7NAggTg6dhX0nCgKfsdf39UTOG9RCL
zRQ8b3BlbnBncGpzQHRlc3QuY29tPsKVBBAWCgAmBQJgCFTgBQkAAAu4BgsJ
BwgDAgQVCAoCBBYCAQACGQECGwMCHgEAIQkQy/trNjPFmdsWIQSKrMvH/+09
e2/sa4TL+2s2M8WZ2/0+AP9vfqeMmRW1ExkJ+rdLS34YA5RpAiz2JTNkKlMh
byj2KAEAzMBZL4UGlS0OVHb1dhinA+nNMwfExtGDYAh5rn2g5QLHXQRgCFTg
EgorBgEEAZdVAQUBAQdAXXMoMr7cdmIjTjwy1B9C6wBBQlxHjYDgafrecA3m
HXwDAQgHAAD/bw8ktaljY8LWSOPXS4PKgAnx+hyoVAlycPL1Sv/LqrASw8J+
BBgWCAAPBQJgCFTgBQkAAAu4AhsMACEJEMv7azYzxZnbFiEEiqzLx//tPXtv
7GuEy/trNjPFmducogEAtLj+pTVWVm/vzxxCQOLfgjRThhDBsw8st6up2R/+
WGYA/A6TmItwchDFvkMlry3yZCxKio5akd89TBo+nW10dVQO
=TtB8
-----END PGP PRIVATE KEY BLOCK-----

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: FlowCrypt Email Encryption 8.0.1
Comment: Seamlessly send and receive encrypted email

xjMEYAhU4BYJKwYBBAHaRw8BAQdA9u4qdk22Si9wGZs3feZAoqNwB7DsmJhF
xFsAvgbW5q/NFDxvcGVucGdwanNAdGVzdC5jb20+wpUEEBYKACYFAmAIVOAF
CQAAC7gGCwkHCAMCBBUICgIEFgIBAAIZAQIbAwIeAQAhCRDL+2s2M8WZ2xYh
BIqsy8f/7T17b+xrhMv7azYzxZnb/T4A/29+p4yZFbUTGQn6t0tLfhgDlGkC
LPYlM2QqUyFvKPYoAQDMwFkvhQaVLQ5UdvV2GKcD6c0zB8TG0YNgCHmufaDl
As44BGAIVOASCisGAQQBl1UBBQEBB0Bdcygyvtx2YiNOPDLUH0LrAEFCXEeN
gOBp+t5wDeYdfAMBCAfCfgQYFggADwUCYAhU4AUJAAALuAIbDAAhCRDL+2s2
M8WZ2xYhBIqsy8f/7T17b+xrhMv7azYzxZnbnKIBALS4/qU1VlZv788cQkDi
34I0U4YQwbMPLLerqdkf/lhmAPwOk5iLcHIQxb5DJa8t8mQsSoqOWpHfPUwa
Pp1tdHVUDg==
=Yo12
-----END PGP PUBLIC KEY BLOCK-----

The PGPainless key is showing "critical" next to the expiration at https://dump.sequoia-pgp.org/ this is fine

I'll post an issue at OpenPGP.js see below
@tomholub
Copy link
Contributor Author

tomholub commented Jan 20, 2021
edited

Actually, no - this is not a bug on OpenPGP.js.

When changing expiration, we are adding a signature. If we leave original signature in which never expires, then adding one more signature that does expire does not make the key expire. The existing indefinitely valid signature will continue making key key valid forever.

I tried to remove the original signatures signatures from the PGPainless key using OpenPGP.js and then check expiration again - it was as expected.

It appears there are two bugs in PGPainless to address:

  • PGPKeyRing.validSeconds should follow whichever key expires later. Right now it will return 2999 in this situation but it should return 0, following the key that doesn't expire
  • when changing expiration to expire sooner then original key, cannot leave the original sig behind

For reference this is the expiring key made by PGPainless that I modified to remove the originally generated sigs - showing expiration correctly in OpenPGP.js.

-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: FlowCrypt Email Encryption 8.0.1
Comment: Seamlessly send and receive encrypted email

xcLYBGAIUhoBCADEnk3EACyTc/GVkwMI5MHls6oIlJT42qB2Wh6PF7FXpnS7
0hBqZLSC0N+UxCROf/EUxYq7wUpwVp63Pd4hVyn1ppf1XOJztluGiXDPkVR6
fQMMYXeIXnnJMcIBZLYYKUe+wMGMIz8oYzbU8dJHE8TCbsRukHtk5aFMTu1I
+MCgq2jU/WVUYMJHILMF/e0hKix1lZBDyhg2g47xhdRvJgmHX81CKjOC4Jt/
vz26jW276+koIqUK318EPBgYObsjEr7UcAKbOuUDbExZKdcgBCPswwcLaM7+
kLBpvREYugyXlj2WT7laQB2iHc3aBpeYbPJ3Fn2UyXSICQaOAaM+b0+3ABEB
AAEAB/44AlRqyhXopzWhgzBxHyEw+v4r1Y+eWEEvlbpwzrIBIvTL8Com9KsL
PM8EBN/G0OFvJlq/427+E17BGkmlu7vDM4LELYKArejiqVJOfrrO7b+pjjZL
zYXpz1fRp8vLlC7Q4v3/mqbKLYEYJg7dmn8JWB5y1IuiEVvibfVgPSQ6YDnu
ZAbqxjxjrDa5d8pwFAuh+zkDrU5CY9Eoyuzi+Y2+K4XTchC/BZbEm+oClUiu
KHxgyrby8BobLvhxr/duH6eUpDX8Czcw71ceWlBn+2fkh4JgnozKL/qED+I6
URRE+GAEbaMT3f14HxyJvDcfZjwKEHhvSOPuzGCBI9dPtcepBADallzOOiQ+
2+dy02Do766rr42KlRVa+WG2MTOqsCeA0wh/Hx8e7ufRVOfKczBZzDO9P2C6
mEXIr87GxNsSD4MhzP9k9JNAIQXMb/bYGzB2o+sGPM1GeDpQsjaM2Cv1VrHt
9XgP3uAUkllxpPgRP5Wjto7UXDu788V6Jf5yYgJ2dQQA5kVY14NeWo5/cKKH
PfrYTMnw/7SECHTYaIhtZpAM040snjf/YYSfdIeVhoY+0wdbjKlLX8p4K0kZ
cWdweLJ9EHic1I150D3Ql9RyNuS99Ti52bl2uSAukgOY6jdSgG2giy9Hl0BC
Yls4J1/z+q0SjbrVDEUqKi2pgtBqTZ9ZH/sEAOFllvNtcEi47+hVd1ue8GfD
uMHK7wj0dP6yQcS7DjooNLojlAQkrDWiIhR4ccvnr89e3k90HIfBP4dIJmfe
Ey2GG9fCDts1QHdKErceQjorx68DvoYIKCMZwCeBJdXLdi8FVwBlNpyEgKsl
FaynAXcbc+YJGHz0peLvIUiN7UyUP9vNFnRlc3Qta2V5QGZsb3djcnlwdC5j
b23CwGIEEwEKAAwFAmAIUhoFiQAAC7cACgkQ9FHRAKrO1DL30Af+P9R+651n
TTh40QUij44jnbZy/sBPWDGCCepLB+dAk+v7itd/vDT+CApnpewL7gFR7JoA
cW+kV/8I8U2bAJwwakae36eTd+CGFPP4QHAHl/i6UBuC25Xr1UPUV6OQej+P
1HGXPQN34oP5LyNQE3jAwkYKcBQan5LZ+7UzRCy0VHoHzY1bL24CYJpEmUrC
un31P4McG921WfeFLfzqMyoDty/j1bt8BmGp/BFBSnvZJzHofRdRC3AfWncx
lUQc9mth/DqQhipbu4FuRLQLNM0l1XcPjCcOaSdOylHQUMWhXhSdGM3/r74L
kfYX60rotxuHuenXnt1QQxsbg+eIQ/DSpc0ZdGVzdC1zZWNvbmRAZmxvd2Ny
eXB0LmNvbcLAYgQTAQoADAUCYAhSGgWJAAALtwAKCRD0UdEAqs7UMjxkB/4p
cqeul3RrjpxkDwCsFdT9fwwE65PfzlImPDKI8T4DUeKOBthc/v6F+zAqpmgi
nqSFZRD48dzFQHXA5NU+P9fVf0JQP/P5tiGZv9xsGVpteAH+t/7OYNboafbB
h1HDx+A+M44J9O6xDdI+qiRKjgo4SmWBMxKS64Bde35lkesulujefWKpOw5j
2Xg3vrt8mE+TDJpWJQ1fgt16mqgIkeqAQW5A6lMxr7KEesXmPou98ZLBEJjX
uzS0Yodjk5BnanooOk6FytXh1XTHuXW4vzc2gveKODF2YjMi+KxGi6yk1tIy
UjgkaoCVDnjvU2eChr3Ij3TinBhyDHHSRW1kMULjx8LYBGAIUhoBCADN0iMq
+ZYNVW4vRJSvYEs9bFBS1tcyZfBtkbQ08kMexpoxLwW1l1cyil+cSewU0WpL
XSFOcJYaNfKiA0u4lMh5e2+H7eNvX3qpmoifmWO2lhmBopo3I5F02Kb+MS17
95LtN7GHZQ9F1BGzG13FIUTCZiQwmJBKay4qTd7/GIr7U6x7JUkAqbcPvbmP
hM5ePLP1sTPyGtY7wgixCKKeifFHvQ79zMcErgiWuuS1LyMwv7awLPjVQtkO
rBOKb3zoMtFJrXfnXYajXpNgYsQ+ZcDvjdi8h83RahbQmSUinCR7VVi57kvK
mIaZSSnlOuqCaPjvXQRdUYAdgyIMNz4eA53lABEBAAEAB/4orHyZL0oVN/sG
mcu1TbcIvCkyebT8x3LoQElHxlF32UEa86Mx8+a+POSwntYp9gmGu7CLjwnG
w77/f928rCBjC37qspsFxS1ZK4oQ2i//ovGG8hJ+T4fc+ryjkqXdr/sH6H/r
lQ/b2ZEm30NcY9rx/Nvtg5TONBijMRDewiOjD1cERLLBke6ohKv4teKxUEdE
WYQnY2fEdaYxC4NzVgjKY2/F0MJrunJwZanI1lIuJF9avXTJTSt2qBWtmoSx
my0cyWGzSq+qw9Aa4uG4CDFLb3ZibmeB2lZVUzam+GRbBGAezeKpqt2w7OlM
aIfNqIRpP9vjGhDXlbe+CBk3hfY5BADcjj7GxHlEc+1QqOi/TSVPcqVzlyUK
QZ5o4yC2WslQoQgBs0lG1m01QbJ7dQIY3iZ32PF/vK8I1/zqPykCFdRiL+dN
Fq2a89BmqVbenZbuyOmQX8b2pYa+yOH+dT3FSV88fFa8gOJhnvB+qZJlc0yA
OOe0868HeKTosuOaO09KKQQA7uWyPaj5myzfmHTMHOtJ5O6PT86gj5QYut2c
fAJV81c1BEC5RUbmTojS5lo4l+zXCRBe9UxYt2KtrBW1l0SkJVfNIBLaRWMF
KAWBMFye0lEBiMxMp5arXdkgAew/7hfrYmIXM70Y9Gat4KaDmMmB3LDmBoyl
mbSQ/XdvI+fH5V0EAO1EtvBWUx56Ax0oyVMuNZxUanwdMedjfPyKkwLq9I2+
/O0bx1V30EfmRvhy+EJTx+uCEgY9Pv81f28z676XOUdLoEyKAzAb9PWWgiCr
VbmAsFdu5qE87d88c0p6/dmx/DKPTpFkkEZl2We7OVSQOaECrXHYqudsE5ZI
LdetYlBhTQ3CwHkEGAEKACMCGwwFFgIDAQAECwkIBwUVCgkICwIeAQUCYAhS
GgWJAAALtwAKCRD0UdEAqs7UMnmFB/9WD8+esxTjjVh/P+Rzhc0VQGt1o5TH
bBVw8O2gA+mC78nqz26LfhGudVVZHWq7u3lIFuO/O6Ctp5BEqXFWRT+ikNHg
zXAjQc0DxACt63xqaVXduvA4FDlmJnbrOnkH5MJUo4pcAfSTELDQWLuMIQsD
ogYChjA3PG4bLEP0kz2NJuF5bHz/MNpexTaLoxNfA08MjkJCEhOArKQZj3kW
OgbD1QvNflR5YA7I2pEkCCOLqjkWAOgowfb+ipUb55eZ2/4hM1S1kbrRXN80
6GN3Hs+/BxvHo+JufAuSelNoln3zuX+GzAQaeZgkcN+RXcFiFOBEMNUmlGRl
zqyz7qFrSCvY
=3Zyp
-----END PGP PRIVATE KEY BLOCK-----

@tomholub tomholub changed the title key expiration not understood by OpenPGP.js fix expiration / multiple sigs behavior Jan 20, 2021
@tomholub
Copy link
Contributor Author

Another way to fix this (possibly easier / clearer)

  • add expiration directly into the generate method as per Set key expiration time during key creation #50
  • rename setExpirationDate to something like appendKeyExpirationSignature making it clearer what it does. This will work when extending expirations, anyway. It's uncommon to shorten it, that's what usually revocations are for.
  • fix PGPKeyRing.validSeconds handling

Thank you for your hard work on this and responsiveness. It's not urgent right now. Let me know your thoughts 👍

@vanitasvitae
Copy link
Member

vanitasvitae commented Jan 20, 2021
edited

Note, that the expiration time is regarding the key, not the signature.
If a key has two signatures, one without a key expiration time and one with a key expiration time, then the signature with the greatest signature creation time wins (the signature that was made later).

I would therefore argue that PGPainless is behaving correctly when expiring a key by adding a signature. If OpenPGP.js interprets the key that was expired using PGPainless as not expiring then I'd say this is a bug in OpenPGP.js. Note that the key is correctly being interpreted as expired by GnuPG.

@tomholub
Copy link
Contributor Author

Ah - that's a sublety I was not aware of. I'll check with OpenPGP.js then. Thanks for the clarification!

@tomholub tomholub changed the title fix expiration / multiple sigs behavior expiration sig preferrence incompatibility Jan 20, 2021
@tomholub tomholub mentioned this issue Jan 20, 2021
Open
@tomholub
Copy link
Contributor Author

Filed 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tomholub @vanitasvitae