-
-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validate key expiration time #7
Comments
Should it really fail or should it just log a warning? Possibly a philosopic question. |
I am neither a GPG nor Bouncy Castle expert, so I checked the API and it seems only public keys have an expiration date ( |
IMHO for expired key we should break and report cause with reason
|
Agreed. Do you know how to ask Bouncy Castle for the expiration date? I just cannot find that in the API docs. :-( |
It is not easy - I know my recipe - add test and in debug mode look at loaded pgp object, and look to bouncycastle source useful will be look at pgp packets, by:
I will try to do it today evening |
add expired key for testing #7
Key expiration time should be checked and when key expire signing should fail.
The text was updated successfully, but these errors were encountered: