Allow to keep original timestamp on keysig updates
Open, LowPublic

Description

Description:
Please consider to allow to keep the original creation date when updating key
signatures. This will also make ‘--faked-system-time’ option more meaningful.

For example, freezing system time to creation date and changing user ID
preferences via ‘setpref’ or set expiration time for a subkey using ‘expire’
will always add one second to the updated key signature creation time (if it not
fails).

Comment in update_keysig_packet (g10/sign.c:1585) says:

“[…] we won't make a timestamp earlier than the existing one”

but ‘original timestamp’ <= ‘frozen original timestamp’ != “earlier”.

Suggestion patch:

diff --git a/g10/sign.c b/g10/sign.c
index ff099b31c..1aea6c11c 100644

  • a/g10/sign.c

+++ b/g10/sign.c
@@ -1583,7 +1583,7 @@ update_keysig_packet( PKT_signature **ret_sig,

   one. */
{
  int tmout = 0;
  • while(sig->timestamp<=orig_sig->timestamp)

+ while(sig->timestamp<orig_sig->timestamp)

{
  if (++tmout > 5 && !opt.ignore_time_conflict)
    {

Details

Version
2.1.18