Add key generation offset (#104)

* Add key generation offset * Bump version to 2.1.2
ProtonMail · Dec 1, 2020 · 75f27fd · 75f27fd
1 parent 385e6d2
commit 75f27fd
Show file tree

Hide file tree

Showing 6 changed files with 29 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,7 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## Unreleased
+## [2.1.2] 2020-12-01
+### Added
+- `SetKeyGenerationOffset` to add an offset in key generation time and prevent not-yet-valid keys.
+
 ### Changed
 - Improved canonicalization performance
 

diff --git a/constants/armor.go b/constants/armor.go
@@ -3,7 +3,7 @@ package constants
 
 // Constants for armored data.
 const (
-	ArmorHeaderVersion = "GopenPGP 2.1.1"
+	ArmorHeaderVersion = "GopenPGP 2.1.2"
 	ArmorHeaderComment = "https://gopenpgp.org"
 	PGPMessageHeader   = "PGP MESSAGE"
 	PGPSignatureHeader = "PGP SIGNATURE"

diff --git a/constants/version.go b/constants/version.go
@@ -1,3 +1,3 @@
 package constants
 
-const Version = "ddacebe0"
+const Version = "2.1.2"
diff --git a/crypto/gopenpgp.go b/crypto/gopenpgp.go
@@ -8,6 +8,7 @@ import "time"
 type GopenPGP struct {
 	latestServerTime int64
 	latestClientTime time.Time
+	generationOffset int64
 }
 
 var pgp = GopenPGP{}

diff --git a/crypto/key.go b/crypto/key.go
@@ -435,7 +435,7 @@ func generateKey(
 	cfg := &packet.Config{
 		Algorithm:     packet.PubKeyAlgoRSA,
 		RSABits:       bits,
-		Time:          getTimeGenerator(),
+		Time:          getKeyGenerationTimeGenerator(),
 		DefaultHash:   crypto.SHA256,
 		DefaultCipher: packet.CipherAES256,
 	}

diff --git a/crypto/time.go b/crypto/time.go
@@ -13,6 +13,11 @@ func UpdateTime(newTime int64) {
 	}
 }
 
+// SetKeyGenerationOffset updates the offset when generating keys.
+func SetKeyGenerationOffset(offset int64) {
+	pgp.generationOffset = offset
+}
+
 // GetUnixTime gets latest cached time.
 func GetUnixTime() int64 {
 	return getNow().Unix()
@@ -49,3 +54,19 @@ func getDiff() (int64, error) {
 func getTimeGenerator() func() time.Time {
 	return getNow
 }
+
+// getNowKeyGenerationOffset returns the current time with the key generation offset.
+func getNowKeyGenerationOffset() time.Time {
+	extrapolate, err := getDiff()
+
+	if err != nil {
+		return time.Unix(time.Now().Unix()+pgp.generationOffset, 0)
+	}
+
+	return time.Unix(pgp.latestServerTime+extrapolate+pgp.generationOffset, 0)
+}
+
+// getKeyGenerationTimeGenerator Returns a time generator function with the key generation offset.
+func getKeyGenerationTimeGenerator() func() time.Time {
+	return getNowKeyGenerationOffset
+}