aboutsummaryrefslogtreecommitdiffstats
path: root/OpenKeychain/src/main/java
diff options
context:
space:
mode:
authorDominik Schürmann <dominik@dominikschuermann.de>2014-12-28 20:57:03 +0100
committerDominik Schürmann <dominik@dominikschuermann.de>2014-12-28 20:57:03 +0100
commita86abe04cdea48dd0c736e5b4d3e42463452c6a0 (patch)
treec11d404896eddfb08e48b57147bf71cb5d56cbb2 /OpenKeychain/src/main/java
parent7dbf0abf7bbf4a469b97d92f4890f815a5e0c593 (diff)
downloadopen-keychain-a86abe04cdea48dd0c736e5b4d3e42463452c6a0.tar.gz
open-keychain-a86abe04cdea48dd0c736e5b4d3e42463452c6a0.tar.bz2
open-keychain-a86abe04cdea48dd0c736e5b4d3e42463452c6a0.zip
Allow for creation date to be in the future up to one day to account for diverging clocks on different systems for fresh keys
Diffstat (limited to 'OpenKeychain/src/main/java')
-rw-r--r--OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java13
1 files changed, 9 insertions, 4 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
index d05ce3d5c..b343c779a 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
@@ -49,11 +49,13 @@ import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Calendar;
import java.util.Comparator;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
+import java.util.TimeZone;
import java.util.TreeSet;
/** Wrapper around PGPKeyRing class, to be constructed from bytes.
@@ -276,7 +278,10 @@ public class UncachedKeyRing {
return null;
}
- final Date now = new Date();
+ Calendar nowCal = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
+ // allow for diverging clocks up to one day when checking creation time
+ nowCal.add(Calendar.DAY_OF_YEAR, 1);
+ final Date nowPlusOneDay = nowCal.getTime();
int redundantCerts = 0, badCerts = 0;
@@ -321,7 +326,7 @@ public class UncachedKeyRing {
continue;
}
- if (cert.getCreationTime().after(now)) {
+ if (cert.getCreationTime().after(nowPlusOneDay)) {
// Creation date in the future? No way!
log.add(LogType.MSG_KC_REVOKE_BAD_TIME, indent);
modified = PGPPublicKey.removeCertification(modified, zert);
@@ -410,7 +415,7 @@ public class UncachedKeyRing {
continue;
}
- if (cert.getCreationTime().after(now)) {
+ if (cert.getCreationTime().after(nowPlusOneDay)) {
// Creation date in the future? No way!
log.add(LogType.MSG_KC_UID_BAD_TIME, indent);
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
@@ -592,7 +597,7 @@ public class UncachedKeyRing {
continue;
}
- if (cert.getCreationTime().after(now)) {
+ if (cert.getCreationTime().after(nowPlusOneDay)) {
// Creation date in the future? No way!
log.add(LogType.MSG_KC_SUB_BAD_TIME, indent);
badCerts += 1;