summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2014-02-12 13:31:16 -0200
committerSilvio Rhatto <rhatto@riseup.net>2014-02-12 13:31:16 -0200
commit36b74ae7fad92c8f03a6f00ff2d0fe2f70ea7899 (patch)
tree222fc529a113c8f539607a818ae87612de759401
parent0471007d92b837d8d5df2c6d3a80fffd1048c3a4 (diff)
downloadkeyringer-36b74ae7fad92c8f03a6f00ff2d0fe2f70ea7899.tar.gz
keyringer-36b74ae7fad92c8f03a6f00ff2d0fe2f70ea7899.tar.bz2
Check key expirations (#37)
-rwxr-xr-xlib/keyringer/functions25
1 files changed, 25 insertions, 0 deletions
diff --git a/lib/keyringer/functions b/lib/keyringer/functions
index 9eb832f..810effe 100755
--- a/lib/keyringer/functions
+++ b/lib/keyringer/functions
@@ -541,6 +541,31 @@ EOF
echo "Please check for this key or fix the recipient file."
exit 1
fi
+
+ # Current date
+ seconds="`date +%s`"
+
+ # Check the main key
+ expiry="`gpg --with-colons --fixed-list-mode --list-keys "$recipient" | grep ^pub | cut -d : -f 7`"
+
+ # Check if key is expired
+ if [[ "$seconds" -gt "$expiry" ]]; then
+ echo "Fatal: primary key for $recipient expired on `date --date="@$expiry"`"
+ exit 1
+ else
+ # Check the subkeys
+ for expiry in `gpg --with-colons --fixed-list-mode --list-keys "$recipient" | grep ^sub | cut -d : -f 7`; do
+ if [[ "$seconds" -lt "$expiry" ]]; then
+ not_expired="1"
+ fi
+
+ if [ "$not_expired" != "1" ]; then
+ echo "Fatal: key $recipient has no keys suitable for encryption: all subkeys expired."
+ exit 1
+ fi
+ done
+ fi
+
fi
done
}