Better handle certificates where old self signatures are stripped

- If a certificate is not valid when a packet signature is made, but is valid now, detect this and return `NotTrusted`. This happens when old self signatures are stripped. - Fixes #46
rpm-software-management · May 4, 2023 · f95a585 · f95a585
1 parent e4994db
commit f95a585
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/src/lib.rs b/src/lib.rs
@@ -809,6 +809,28 @@ fn pgp_verify_signature(key: Option<&PgpDigParams>,
                     "Certificate {} invalid: policy violation",
                     cert.keyid());
                 cert.with_policy(NP, sig_time)
+            })
+            .or_else(|err| {
+                // Try again, but use the current time as a reference
+                // time.  This is necessary if older self-signatures
+                // are stripped.
+                legacy = true;
+                match cert.with_policy(p, None) {
+                    Ok(vc) => {
+                        add_lint!(
+                            None,
+                            "Certificate has no valid binding signature \
+                             as of the signature's creation time.");
+                        Ok(vc)
+                    }
+                    Err(err2) => {
+                        add_lint!(
+                            Some(err),
+                            "Certificate {} invalid: policy violation",
+                            cert.keyid());
+                        Err(err2)
+                    }
+                }
             })?;
 
         if let Err(err) = vc.alive() {