Allow for setting of expiration date during key generation

2025-12-10 06:11:08 +01:00 · 2021-02-13 12:22:28 +01:00 · 2021-02-13 12:22:28 +01:00 · f2f7305fec
commit f2f7305fec
parent 83117c99cb
3 changed files with 30 additions and 0 deletions
--- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java
@ -66,6 +66,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
    private String userId;
    private final Set<String> additionalUserIds = new LinkedHashSet<>();
    private Passphrase passphrase;
+    private Date expirationDate = null;

    /**
     * Creates a simple, unencrypted RSA KeyPair of length {@code length} with user-id {@code userId}.
@ -288,6 +289,16 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {

    class WithAdditionalUserIdOrPassphraseImpl implements WithAdditionalUserIdOrPassphrase {

+        @Override
+        public WithAdditionalUserIdOrPassphrase setExpirationDate(@Nonnull Date expirationDate) {
+            Date now = new Date();
+            if (now.after(expirationDate)) {
+                throw new IllegalArgumentException("Expiration date must be in the future.");
+            }
+            KeyRingBuilder.this.expirationDate = expirationDate;
+            return this;
+        }
+
        @Override
        public WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull String userId) {
            String trimmed = userId.trim();
@ -341,6 +352,10 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
                signatureGenerator = new PGPSignatureGenerator(signer);
                PGPSignatureSubpacketGenerator hashedSubPacketGenerator = certKeySpec.getSubpacketGenerator();
                hashedSubPacketGenerator.setPrimaryUserID(false, true);
+                if (expirationDate != null) {
+                    SignatureSubpacketGeneratorUtil.setExpirationDateInSubpacketGenerator(
+                            expirationDate, new Date(), hashedSubPacketGenerator);
+                }
                PGPSignatureSubpacketVector hashedSubPackets = hashedSubPacketGenerator.generate();

                // Generator which the user can get the key pair from
--- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilderInterface.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilderInterface.java
@ -17,6 +17,7 @@ package org.pgpainless.key.generation;

 import java.security.InvalidAlgorithmParameterException;
 import java.security.NoSuchAlgorithmException;
+import java.util.Date;
 import javax.annotation.Nonnull;

 import org.bouncycastle.openpgp.PGPException;
@ -60,6 +61,14 @@ public interface KeyRingBuilderInterface {
            return withAdditionalUserId(userId.toString());
        }

+        /**
+         * Set an expiration date for the key.
+         *
+         * @param expirationDate date on which the key will expire.
+         * @return builder
+         */
+        WithAdditionalUserIdOrPassphrase setExpirationDate(@Nonnull Date expirationDate);
+
        WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull String userId);

        WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull byte[] userId);