From 75f27fd1df8d322b4a082be738a2674329a2cdd7 Mon Sep 17 00:00:00 2001
From: wussler <aron@wussler.it>
Date: Tue, 1 Dec 2020 19:44:49 +0100
Subject: [PATCH] Add key generation offset (#104)

* Add key generation offset

* Bump version to 2.1.2
---
 CHANGELOG.md         |  5 ++++-
 constants/armor.go   |  2 +-
 constants/version.go |  2 +-
 crypto/gopenpgp.go   |  1 +
 crypto/key.go        |  2 +-
 crypto/time.go       | 21 +++++++++++++++++++++
 6 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index dda7148d..b0fa9fa1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,7 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## Unreleased
+## [2.1.2] 2020-12-01
+### Added
+- `SetKeyGenerationOffset` to add an offset in key generation time and prevent not-yet-valid keys.
+
 ### Changed
 - Improved canonicalization performance
 
diff --git a/constants/armor.go b/constants/armor.go
index 484c86f0..168748a9 100644
--- a/constants/armor.go
+++ b/constants/armor.go
@@ -3,7 +3,7 @@ package constants
 
 // Constants for armored data.
 const (
-	ArmorHeaderVersion = "GopenPGP 2.1.1"
+	ArmorHeaderVersion = "GopenPGP 2.1.2"
 	ArmorHeaderComment = "https://gopenpgp.org"
 	PGPMessageHeader   = "PGP MESSAGE"
 	PGPSignatureHeader = "PGP SIGNATURE"
diff --git a/constants/version.go b/constants/version.go
index e6b57ce6..e8435b85 100644
--- a/constants/version.go
+++ b/constants/version.go
@@ -1,3 +1,3 @@
 package constants
 
-const Version = "ddacebe0"
+const Version = "2.1.2"
diff --git a/crypto/gopenpgp.go b/crypto/gopenpgp.go
index 72ea8006..3a2759e5 100644
--- a/crypto/gopenpgp.go
+++ b/crypto/gopenpgp.go
@@ -8,6 +8,7 @@ import "time"
 type GopenPGP struct {
 	latestServerTime int64
 	latestClientTime time.Time
+	generationOffset int64
 }
 
 var pgp = GopenPGP{}
diff --git a/crypto/key.go b/crypto/key.go
index 40adbb3f..08df9733 100644
--- a/crypto/key.go
+++ b/crypto/key.go
@@ -435,7 +435,7 @@ func generateKey(
 	cfg := &packet.Config{
 		Algorithm:     packet.PubKeyAlgoRSA,
 		RSABits:       bits,
-		Time:          getTimeGenerator(),
+		Time:          getKeyGenerationTimeGenerator(),
 		DefaultHash:   crypto.SHA256,
 		DefaultCipher: packet.CipherAES256,
 	}
diff --git a/crypto/time.go b/crypto/time.go
index 85b0fff4..1aca0853 100644
--- a/crypto/time.go
+++ b/crypto/time.go
@@ -13,6 +13,11 @@ func UpdateTime(newTime int64) {
 	}
 }
 
+// SetKeyGenerationOffset updates the offset when generating keys.
+func SetKeyGenerationOffset(offset int64) {
+	pgp.generationOffset = offset
+}
+
 // GetUnixTime gets latest cached time.
 func GetUnixTime() int64 {
 	return getNow().Unix()
@@ -49,3 +54,19 @@ func getDiff() (int64, error) {
 func getTimeGenerator() func() time.Time {
 	return getNow
 }
+
+// getNowKeyGenerationOffset returns the current time with the key generation offset.
+func getNowKeyGenerationOffset() time.Time {
+	extrapolate, err := getDiff()
+
+	if err != nil {
+		return time.Unix(time.Now().Unix()+pgp.generationOffset, 0)
+	}
+
+	return time.Unix(pgp.latestServerTime+extrapolate+pgp.generationOffset, 0)
+}
+
+// getKeyGenerationTimeGenerator Returns a time generator function with the key generation offset.
+func getKeyGenerationTimeGenerator() func() time.Time {
+	return getNowKeyGenerationOffset
+}