if primary key is invalid, so are subkeys

src/key.js

@@ -269,10 +269,10 @@ function isValidSigningKeyPacket(keyPacket, signature, date=new Date()) {
  */
 Key.prototype.getSigningKeyPacket = async function (keyId=null, date=new Date()) {
   const primaryKey = this.primaryKey;
+  if (await this.verifyPrimaryKey(date) === enums.keyStatus.valid) {
     const primaryUser = await this.getPrimaryUser(date);
     if (primaryUser && (!keyId || primaryKey.getKeyId().equals(keyId)) &&
-      isValidSigningKeyPacket(primaryKey, primaryUser.selfCertification, date) &&
+        isValidSigningKeyPacket(primaryKey, primaryUser.selfCertification, date)) {
-      await this.verifyPrimaryKey(date)) {
       return primaryKey;
     }
     for (let i = 0; i < this.subKeys.length; i++) {
@@ -286,6 +286,7 @@ Key.prototype.getSigningKeyPacket = async function (keyId=null, date=new Date())
         }
       }
     }
+  }
   return null;
 };
 
@@ -314,6 +315,7 @@ function isValidEncryptionKeyPacket(keyPacket, signature, date=new Date()) {
  */
 Key.prototype.getEncryptionKeyPacket = async function(keyId, date=new Date()) {
   const primaryKey = this.primaryKey;
+  if (await this.verifyPrimaryKey(date) === enums.keyStatus.valid) {
     // V4: by convention subkeys are preferred for encryption service
     // V3: keys MUST NOT have subkeys
     for (let i = 0; i < this.subKeys.length; i++) {
@@ -330,10 +332,10 @@ Key.prototype.getEncryptionKeyPacket = async function(keyId, date=new Date()) {
     // if no valid subkey for encryption, evaluate primary key
     const primaryUser = await this.getPrimaryUser(date);
     if (primaryUser && (!keyId || primaryKey.getKeyId().equals(keyId)) &&
-      isValidEncryptionKeyPacket(primaryKey, primaryUser.selfCertification, date) &&
+        isValidEncryptionKeyPacket(primaryKey, primaryUser.selfCertification, date)) {
-      await this.verifyPrimaryKey(date)) {
       return primaryKey;
     }
+  }
   return null;
 };
 
@@ -392,33 +394,6 @@ Key.prototype.isRevoked = async function(signature, key, date=new Date()) {
   );
 };
 
-/**
- * Returns a packetlist containing all verified public or private key packets matching keyId.
- * If keyId is not present, returns all verified key packets starting with the primary key.
- * Verification is in the context of given date.
- * @param  {type/keyid} keyId
- * @param  {Date}       date  Use the given date instead of the current time
- * @returns {Promise<module:packet/packetlist>}
- * @async
- */
-Key.prototype.verifyKeyPackets = async function(keyId=null, date=new Date()) {
-  const packets = new packet.List();
-  const { primaryKey } = this;
-  if (await this.verifyPrimaryKey(date)) {
-    if (!keyId || primaryKey.getKeyId().equals(keyId)) {
-      packets.push(primaryKey);
-    }
-  }
-  await Promise.all(this.subKeys.map(async subKey => {
-    if (!keyId || subKey.subKey.getKeyId().equals(keyId)) {
-      if (await subKey.verify(primaryKey, date)) {
-        packets.push(subKey.subKey);
-      }
-    }
-  }));
-  return packets;
-};
-
 /**
  * Verify primary key. Checks for revocation signatures, expiration time
  * and valid self signature

test/general/key.js

@@ -773,7 +773,7 @@ describe('Key', function() {
     const pubKey = pubKeys.keys[0];
     expect(pubKey).to.exist;
 
-    const packetlist = new openpgp.packet.Packetlist();
+    const packetlist = new openpgp.packet.List();
 
     packetlist.read(openpgp.armor.decode(pub_sig_test).data);