Hi Martijn,
thanks for the feedback. I wonder if it has something to do with the
program used for managing the keys. The affected user was using
Mailvelope for his key (the one that caused problems), but I was using
plain CLI GPG myself for the test keys (the one that worked, even with
the "é" and "()" chars).
Maybe Mailvelope and GPG generate/manage keys differently, and the
differences are the ones you mentioned?
Anyway, thanks for the very detailed information :-)
Have fun
Jorge
*Jorge Gonzalez Villalonga*
Systems Engineer
*The International Consortium of Investigative Journalists*
<https://www.icij.org>
1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United States
Phone: +34 672 173 200 (Madrid, Spain)
El 28/6/21 a las 13:33, Martijn Brinkers escribió:
Hi Jorge,
The issue was that the library I use for PGP (BC) did not take all
self-signature certification types into account. There can be different
types of certifications (0x10: Generic certification, 0x11: Persona
certification, 0x12: Casual certification, 0x13: Positive
certification).
The expiration check is able to check all certification types but if
one type returned an expiration value, it would not check the other
certification types for longer expiration values. The key you had
issues with used different self-signature certification types.
I changed the code to take all certification types into account.
There are some additional details, for example the faulty expiration
was only taken into account for the expiration value stored in the
database, so if you want more details, let me know.
The following commit should fix the issue:
https://gitlab.com/ciphermail/ciphermail-core/-/commit/c779db1a04a3bd1ebb47f764301e19cb65a09ab6
Thanks for reporting.
Kind regards,
Martijn Brinkers
