GpgME BUG: list expired secret keys?

Albrecht Dreß albrecht.dress at arcor.de
Sun Feb 25 14:50:01 CET 2007 

Hi all,

I noticed a confusing behaviour of gpgme 1.1.2 when I try to list keys and  
check their expiry status.  Running the trivial attached code (which takes  
the second and third parameter of gpgme_op_keylist_start() as arguments),  
I try to list an expired secret key:

<snip>
[albrecht at antares ~]$ ./gpgme-key-expire [key_id_removed] 1
now is 1172581963
key: can_sign=1 can_encrypt=0 expired=0
   subkey id=9FFF6E9CD027FFD1 can_sign=1 can_encrypt=0 expired=0  
expires=1172493215 [1]
   subkey id=9AA774B7653B2476 can_sign=0 can_encrypt=1 expired=0 expires=0  
[0]
<snip>

Although the current date is behind the expiry date of the secret sub-key  
(can_sign=1), gpgme returns expired=0!  Running the app on the same public  
key, the returned data looks fine, though:

<snip>
[albrecht at antares ~]$ ./gpgme-key-expire [key_id_removed] 0
now is 1172581965
key: can_sign=1 can_encrypt=0 expired=1
   subkey id=9FFF6E9CD027FFD1 can_sign=1 can_encrypt=0 expired=1  
expires=1172493215 [1]
   subkey id=9AA774B7653B2476 can_sign=0 can_encrypt=1 expired=1 expires=0  
[0]
</snip>

Did I completely misunderstand the concept of listing keys or miss some  
"vital" initialisation here?

When I now use the "non expired" (as reported by the key list operation)  
secret key in gpgme_op_sign() with mode GPGME_SIG_MODE_CLEAR, this  
function returns GPG_ERR_NO_ERROR, as does gpgme_signers_add().   
gpgme_op_sign_result() returns a valid structure, but both the  
"signatures" and "invalid_signers" elements are NULL, so there is no way  
to catch the real reason why the operation failed which is obviously a bad  
situation.  Always "manually" checking the expiry date seems to be the  
obvious workaround here, but this should be done in the library IMHO...

Any ideas?

Cheers, Albrecht.


-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Albrecht Dreß  -  Johanna-Kirchner-Straße 13  -  D-53123 Bonn (Germany)
        Phone (+49) 228 6199571  -  mailto:albrecht.dress at arcor.de
   GnuPG public key:  http://www.mynetcologne.de/~nc-dreszal/pubkey.asc
_________________________________________________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gpgme-key-expire.c
Type: text/x-csrc
Size: 1135 bytes
Desc: not available
Url : /pipermail/attachments/20070225/8a2a2487/attachment.c 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20070225/8a2a2487/attachment.pgp

More information about the Gnupg-devel mailing list