diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2014-02-12 13:31:16 -0200 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2014-02-12 13:31:16 -0200 |
commit | 36b74ae7fad92c8f03a6f00ff2d0fe2f70ea7899 (patch) | |
tree | 222fc529a113c8f539607a818ae87612de759401 | |
parent | 0471007d92b837d8d5df2c6d3a80fffd1048c3a4 (diff) | |
download | keyringer-36b74ae7fad92c8f03a6f00ff2d0fe2f70ea7899.tar.gz keyringer-36b74ae7fad92c8f03a6f00ff2d0fe2f70ea7899.tar.bz2 |
Check key expirations (#37)
-rwxr-xr-x | lib/keyringer/functions | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/lib/keyringer/functions b/lib/keyringer/functions index 9eb832f..810effe 100755 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -541,6 +541,31 @@ EOF echo "Please check for this key or fix the recipient file." exit 1 fi + + # Current date + seconds="`date +%s`" + + # Check the main key + expiry="`gpg --with-colons --fixed-list-mode --list-keys "$recipient" | grep ^pub | cut -d : -f 7`" + + # Check if key is expired + if [[ "$seconds" -gt "$expiry" ]]; then + echo "Fatal: primary key for $recipient expired on `date --date="@$expiry"`" + exit 1 + else + # Check the subkeys + for expiry in `gpg --with-colons --fixed-list-mode --list-keys "$recipient" | grep ^sub | cut -d : -f 7`; do + if [[ "$seconds" -lt "$expiry" ]]; then + not_expired="1" + fi + + if [ "$not_expired" != "1" ]; then + echo "Fatal: key $recipient has no keys suitable for encryption: all subkeys expired." + exit 1 + fi + done + fi + fi done } |