diff --git a/src/key/key.js b/src/key/key.js index 4d391eac..86d55b15 100644 --- a/src/key/key.js +++ b/src/key/key.js @@ -664,12 +664,13 @@ Key.prototype.revoke = async function({ /** * Get revocation certificate from a revoked key. * (To get a revocation certificate for an unrevoked key, call revoke() first.) + * @param {Date} date Use the given date instead of the current time * @returns {Promise} armored revocation certificate * @async */ -Key.prototype.getRevocationCertificate = async function() { +Key.prototype.getRevocationCertificate = async function(date = new Date()) { const dataToVerify = { key: this.keyPacket }; - const revocationSignature = await helper.getLatestValidSignature(this.revocationSignatures, this.keyPacket, enums.signature.key_revocation, dataToVerify); + const revocationSignature = await helper.getLatestValidSignature(this.revocationSignatures, this.keyPacket, enums.signature.key_revocation, dataToVerify, date); const packetlist = new packet.List(); packetlist.push(revocationSignature); return armor.encode(enums.armor.public_key, packetlist.write(), null, null, 'This is a revocation certificate'); diff --git a/src/openpgp.js b/src/openpgp.js index 2b7afcd6..65aacb60 100644 --- a/src/openpgp.js +++ b/src/openpgp.js @@ -136,7 +136,7 @@ export function generateKey({ userIds = [], passphrase = "", numBits = 2048, rsa } return generate(options).then(async key => { - const revocationCertificate = await key.getRevocationCertificate(); + const revocationCertificate = await key.getRevocationCertificate(date); key.revocationSignatures = []; return convertStreams({ @@ -172,7 +172,7 @@ export function reformatKey({ privateKey, userIds = [], passphrase = "", keyExpi options.revoked = options.revocationCertificate; return reformat(options).then(async key => { - const revocationCertificate = await key.getRevocationCertificate(); + const revocationCertificate = await key.getRevocationCertificate(date); key.revocationSignatures = []; return convertStreams({ diff --git a/test/general/key.js b/test/general/key.js index a13aa0a0..a6ab8f06 100644 --- a/test/general/key.js +++ b/test/general/key.js @@ -1972,7 +1972,25 @@ function versionSpecificTests() { expect(+newKey.key.subKeys[0].getCreationTime()).to.equal(+past); expect(+newKey.key.subKeys[0].bindingSignatures[0].created).to.equal(+past); }); - }) + }); + + it('Generate key - setting date to the future', function() { + const future = new Date(Math.ceil(Date.now() / 1000) * 1000 + 1000); + const opt = { + numBits: 512, + userIds: { name: 'Test User', email: 'text@example.com' }, + passphrase: 'secret', + date: future + }; + if (openpgp.util.getWebCryptoAll()) { opt.numBits = 2048; } // webkit webcrypto accepts minimum 2048 bit keys + + return openpgp.generateKey(opt).then(function(newKey) { + expect(newKey.key).to.exist; + expect(+newKey.key.getCreationTime()).to.equal(+future); + expect(+newKey.key.subKeys[0].getCreationTime()).to.equal(+future); + expect(+newKey.key.subKeys[0].bindingSignatures[0].created).to.equal(+future); + }); + }); it('Generate key - multi userid', function() { const userId1 = 'test ';