X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/3384672ab8c0ebc1aec36175d255d2674b172b2d..9cea6911b24ae552b8804048d093490405ed0b69:/catsign.c

diff --git a/catsign.c b/catsign.c
index dc96e55..3cea053 100644
--- a/catsign.c
+++ b/catsign.c
@@ -50,6 +50,7 @@
 #include "noise.h"
 #include "mprand.h"
 #include "key.h"
+#include "getdate.h"
 #include "cc.h"
 
 #include "ectab.h"
@@ -599,6 +600,7 @@ static int verify(int argc, char *argv[])
   int i;
   char bb[MSGBUFSZ];
   size_t n;
+  time_t t_fresh = 0;
   dstr d = DSTR_INIT, dd = DSTR_INIT;
   const encops *eo;
   msgcanon mc_in = MC_INIT;
@@ -614,11 +616,12 @@ static int verify(int argc, char *argv[])
       { "output",	OPTF_ARGREQ,	0,	'o' },
       { "quiet",	0,		0,	'q' },
       { "utc",		0,		0,	'u' },
+      { "fresh-time",	0,		0,	't' },
       { "gmt",		0,		0,	'u' },
       { "verbose",	0,		0,	'v' },
       { 0,		0,		0,	0 }
     };
-    i = mdwopt(argc, argv, "k:f:o:abquv", opt, 0, 0, 0);
+    i = mdwopt(argc, argv, "k:f:o:abqt:uv", opt, 0, 0, 0);
     if (i < 0) break;
     switch (i) {
       case 'a': ef = "pem"; break;
@@ -627,6 +630,11 @@ static int verify(int argc, char *argv[])
       case 'f': ef = optarg; break;
       case 'o': of = optarg; break;
       case 'u': v.f |= F_UTC; break;
+      case 't':
+	if (strcmp(optarg, "always") == 0) t_fresh = 0;
+        else if ((t_fresh = get_date(optarg, 0)) < 0)
+	  die(EXIT_FAILURE, "bad freshness time");
+	break;
       case 'q': if (v.verb > 0) v.verb--; break;
       case 'v': if (v.verb < 10) v.verb++; break;
       default: v.f |= F_BOGUS; break;
@@ -739,6 +747,14 @@ static int verify(int argc, char *argv[])
     if (v.verb) printf("FAIL signature verification failed\n");
     exit(EXIT_FAILURE);
   }
+  if (t_fresh && s.t < t_fresh) {
+    if (v.verb) printf("FAIL signature is stale\n");
+    exit(EXIT_FAILURE);
+  }
+  if (s.t > time(0)) {
+    if (v.verb) printf("FAIL signature timestamp in the future\n");
+    exit(EXIT_FAILURE);
+  }
   if (v.verb) {
     tm = (v.f & F_UTC) ? gmtime(&s.t) : localtime(&s.t);
     strftime(bb, sizeof(bb), "%Y-%m-%d %H:%M:%S %Z", tm);
@@ -1078,6 +1094,7 @@ Options:\n\
 -k, --key=TAG		Require that the message be signed by key TAG.\n\
 -o, --output=FILE	Write message to FILE.\n\
 -q, --quiet		Produce fewer messages.\n\
+-t, --freshtime=TIME	Only accept signatures made after this time.\n\
 -u, --utc		Show dates in UTC rather than local time.\n\
 -v, --verbose		Produce more verbose messages.\n\
 " },