Sig expiration code

Offer to expire a key signature when the key the user is signing expires Expired sigs cause an error return If --expert is set, prompt for sig duration
2025-02-02 16:43:03 +01:00 · 2001-12-07 01:14:15 +00:00 · 2001-12-07 01:14:15 +00:00 · 1ccd578910
commit 1ccd578910
parent 98facb5800
12 changed files with 244 additions and 44 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,36 @@
 2001-12-05  David Shaw  <dshaw@jabberwocky.com>
 	* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Prompt
 	for sig expiration if --expert is set and --force-v3-sigs is not
 	set (v3 sigs cannot expire).
 	* mainproc.c (check_sig_and_print): After checking a sig, print
 	expiration status.  This causes a error return if the sig is
 	expired.
 	* build-packet.c (build_sig_subpkt_from_sig): Include a critical
 	sig expiration subpacket if the sig is to expire.
 	* keyedit.c (sign_uids): Do not sign an expired key unless
 	--expert is set, in which case prompt.  Also, offer to expire a
 	signature when the key the user is signing expires.
 	* keygen.c (ask_expire_interval): Add a value to determine whether
 	to prompt for a key or sig expiration and change all callers.
 	* keyid.c: New functions: expirestr_from_sig and
 	colon_expirestr_from_sig.
 	* keylist.c (list_keyblock_colon): Show sig expiration date in the
 	--with-colons listing.
 	* sign.c (make_keysig_packet, write_signature_packets): Pass in an
 	optional timestamp for the signature packet, and change all
 	callers.
 	* keyedit.c (sign_mk_attrib): Include a critical expiration
 	subpacket in the signature if an expiration date is given.
 2001-12-04  David Shaw  <dshaw@jabberwocky.com>
 	* keyedit.c (sign_uids): If the user tries to sign a
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@ -777,6 +777,7 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type,
          case SIGSUBPKT_PREF_HASH:
          case SIGSUBPKT_PREF_COMPR:
          case SIGSUBPKT_FEATURES:
          case SIGSUBPKT_SIG_EXPIRE:
            delete_sig_subpkt (sig->hashed, type);
            break;
          default:
@ -891,6 +892,17 @@ build_sig_subpkt_from_sig( PKT_signature *sig )
    buf[2] = (u >>  8) & 0xff;
    buf[3] = u & 0xff;
    build_sig_subpkt( sig, SIGSUBPKT_SIG_CREATED, buf, 4 );
    if(sig->expiredate)
      {
 	u = sig->expiredate-sig->timestamp;
 	buf[0] = (u >> 24) & 0xff;
 	buf[1] = (u >> 16) & 0xff;
 	buf[2] = (u >>  8) & 0xff;
 	buf[3] = u & 0xff;
 	build_sig_subpkt( sig, SIGSUBPKT_SIG_EXPIRE | SIGSUBPKT_FLAG_CRITICAL,
 			  buf, 4 );
      }
 }
--- a/g10/keydb.h
+++ b/g10/keydb.h
@ -224,11 +224,13 @@ const char *datestr_from_sk( PKT_secret_key *sk );
 const char *datestr_from_sig( PKT_signature *sig );
 const char *expirestr_from_pk( PKT_public_key *pk );
 const char *expirestr_from_sk( PKT_secret_key *sk );
 const char *expirestr_from_sig( PKT_signature *sig );
 const char *colon_strtime (u32 t);
 const char *colon_datestr_from_pk (PKT_public_key *pk);
 const char *colon_datestr_from_sk (PKT_secret_key *sk);
 const char *colon_datestr_from_sig (PKT_signature *sig);
 const char *colon_expirestr_from_sig (PKT_signature *sig);
 byte *fingerprint_from_sk( PKT_secret_key *sk, byte *buf, size_t *ret_len );
 byte *fingerprint_from_pk( PKT_public_key *pk, byte *buf, size_t *ret_len );
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -78,6 +78,7 @@ static int enable_disable_key( KBNODE keyblock, int disable );
 struct sign_attrib {
    int non_exportable;
    u32 duration;
    struct revocation_reason_info *reason;
 };
@ -243,6 +244,19 @@ sign_mk_attrib( PKT_signature *sig, void *opaque )
 	buf[0] = 0; /* not exportable */
 	build_sig_subpkt( sig, SIGSUBPKT_EXPORTABLE, buf, 1 );
    }
    if(attrib->duration>0) {
        buf[0]=(attrib->duration >> 24) & 0xff;
 	buf[1]=(attrib->duration >> 16) & 0xff;
 	buf[2]=(attrib->duration >>  8) & 0xff;
 	buf[3]=attrib->duration & 0xff;
 	/* Mark this CRITICAL, so if any implementation doesn't
           understand sigs that can expire, it'll just disregard this
           sig altogether. */
 	build_sig_subpkt( sig, SIGSUBPKT_SIG_EXPIRE | SIGSUBPKT_FLAG_CRITICAL,
 			  buf, 4 );
    }
    if( attrib->reason )
 	revocation_reason_build_cb( sig, attrib->reason );
@ -288,6 +302,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
 	u32 sk_keyid[2];
 	size_t n;
 	char *p;
 	u32 duration=0,timestamp=0;
 	/* we have to use a copy of the sk, because make_keysig_packet
 	 * may remove the protection from sk and if we did other
@ -307,7 +322,10 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
 	/* reset mark for uids which are already signed */
 	uidnode = NULL;
 	for( node=keyblock; node; node = node->next ) {
-	    if( node->pkt->pkttype == PKT_USER_ID ) {
+	    if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
  	        primary_pk=node->pkt->pkt.public_key;
 	    }
 	    else if( node->pkt->pkttype == PKT_USER_ID ) {
 		uidnode = (node->flag & NODFLG_MARK_A)? node : NULL;
 		if(uidnode && uidnode->pkt->pkt.user_id->is_revoked)
 		  {
@ -382,6 +400,54 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
 	show_key_with_all_names( keyblock, 1, 1, 0, 0 );
 	tty_printf("\n");
 	if(primary_pk->expiredate)
 	  {
 	    u32 now=make_timestamp();
 	    if(primary_pk->expiredate<=now)
 	      {
 		tty_printf(_("This key has expired!"));
 		if(opt.expert)
 		  {
 		    tty_printf(_("  Are you sure you still "
 				 "want to sign it?\n"));
 		    if(!cpr_get_answer_is_yes("sign_uid.okay",
 					      _("Really sign? ")))
 		      continue;
 		  }
 		else
 		  {
 		    tty_printf("\n");
 		    continue;
 		  }
 	      }
 	    else
 	      {
 		tty_printf(_("This key is due to expire on %s.\n"),
 			   expirestr_from_pk(primary_pk));
 		if(cpr_get_answer_is_yes("sign_uid.expire",_("Do you want your signature to expire at the same time? (y/n) ")))
 		  {
 		    /* This fixes the signature timestamp we're going
 		       to make as now.  This is so the expiration date
 		       is exactly correct, and not a few seconds off
 		       (due to the time it takes to answer the
 		       questions, enter the passphrase, etc). */
 		    timestamp=now;
 		    duration=primary_pk->expiredate-now;
 		    force_v4=1;
 		  }
 	      }
 	  }
 	/* Only ask for duration if we haven't already set it to match
           the expiration of the pk */
 	if(opt.expert && !duration)
 	  duration=ask_expire_interval(1);
 	if(duration)
 	  force_v4=1;
 	if(opt.batch)
 	  class=0x10+opt.def_check_level;
 	else
@ -471,6 +537,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
 		assert( primary_pk );
 		memset( &attrib, 0, sizeof attrib );
 		attrib.non_exportable = local;
 		attrib.duration = duration;
 		node->flag &= ~NODFLG_MARK_A;
                /* we force createion of a v4 signature for local
@ -482,7 +549,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
 					 NULL,
 					 sk,
                                         class, 0, force_v4?4:0,
-					 sign_mk_attrib,
+					 timestamp, sign_mk_attrib,
 					 &attrib );
 		if( rc ) {
 		    log_error(_("signing failed: %s\n"), g10_errstr(rc));
@ -1459,7 +1526,7 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	sec_where = NULL;
    assert(pk && sk );
-    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0,
+    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0,
 			     keygen_add_std_prefs, pk );
    free_secret_key( sk );
    if( rc ) {
@ -1754,11 +1821,11 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
 		/* create new self signature */
 		if( mainkey )
 		    rc = make_keysig_packet( &newsig, main_pk, uid, NULL,
-					     sk, 0x13, 0, 0,
+					     sk, 0x13, 0, 0, 0,
 					     keygen_add_std_prefs, main_pk );
 		else
 		    rc = make_keysig_packet( &newsig, main_pk, NULL, sub_pk,
-					     sk, 0x18, 0, 0,
+					     sk, 0x18, 0, 0, 0,
 					     keygen_add_key_expire, sub_pk );
 		if( rc ) {
 		    log_error("make_keysig_packet failed: %s\n",
@ -2275,7 +2342,7 @@ menu_revsig( KBNODE keyblock )
 				       unode->pkt->pkt.user_id,
 				       NULL,
 				       sk,
-                                       0x30, 0, 0,
+				       0x30, 0, 0, 0,
 				       sign_mk_attrib,
 				       &attrib );
 	free_secret_key(sk);
@ -2338,7 +2405,7 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	    node->flag &= ~NODFLG_SELKEY;
 	    sk = copy_secret_key( NULL, sec_keyblock->pkt->pkt.secret_key );
 	    rc = make_keysig_packet( &sig, mainpk, NULL, subpk, sk,
-                                     0x28, 0, 0, 
+                                     0x28, 0, 0, 0,
 				     sign_mk_attrib, &attrib );
 	    free_secret_key(sk);
 	    if( rc ) {
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -387,7 +387,7 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
    cache_public_key (pk);
    /* and make the signature */
-    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0,
+    rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0, 0, 0,
        		     keygen_add_std_prefs, pk );
    if( rc ) {
 	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
@ -436,7 +436,7 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk,
    /* and make the signature */
    oduap.usage = use;
    oduap.pk = subpk;
-    rc = make_keysig_packet( &sig, pk, NULL, subpk, sk, 0x18, 0, 0,
+    rc = make_keysig_packet( &sig, pk, NULL, subpk, sk, 0x18, 0, 0, 0,
        		     keygen_add_key_flags_and_expire, &oduap );
    if( rc ) {
 	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
@ -905,20 +905,38 @@ parse_expire_string( const char *string )
    return valid_days;
 }
-
+/* object == 0 for a key, and 1 for a sig */
-static u32
+u32
-ask_expire_interval(void)
+ask_expire_interval(int object)
 {
    char *answer;
    int valid_days=0;
    u32 interval = 0;
    switch(object)
      {
      case 0:
 	tty_printf(_("Please specify how long the key should be valid.\n"
 		     "         0 = key does not expire\n"
 		     "      <n>  = key expires in n days\n"
 		     "      <n>w = key expires in n weeks\n"
 		     "      <n>m = key expires in n months\n"
 		     "      <n>y = key expires in n years\n"));
 	break;
      case 1:
 	tty_printf(_("Please specify how long the signature should be valid.\n"
 		     "         0 = signature does not expire\n"
 		     "      <n>  = signature expires in n days\n"
 		     "      <n>w = signature expires in n weeks\n"
 		     "      <n>m = signature expires in n months\n"
 		     "      <n>y = signature expires in n years\n"));
 	break;
      default:
 	BUG();
      }
    /* Note: The elgamal subkey for DSA has no expiration date because
     * it must be signed with the DSA key and this one has the expiration
     * date */
@ -928,7 +946,10 @@ ask_expire_interval(void)
 	u32 curtime=make_timestamp();
 	m_free(answer);
 	if(object==0)
 	  answer = cpr_get("keygen.valid",_("Key is valid for? (0) "));
 	else
 	  answer = cpr_get("siggen.valid",_("Signature is valid for? (0) "));
 	cpr_kill_prompt();
 	trim_spaces(answer);
 	valid_days = parse_expire_string( answer );
@ -938,13 +959,15 @@ ask_expire_interval(void)
 	}
 	if( !valid_days ) {
-	    tty_printf(_("Key does not expire at all\n"));
+	    tty_printf(_("%s does not expire at all\n"),
 		       object==0?"Key":"Signature");
 	    interval = 0;
 	}
 	else {
 	    interval = valid_days * 86400L;
 	    /* print the date when the key expires */
-	    tty_printf(_("Key expires at %s\n"),
+	    tty_printf(_("%s expires at %s\n"),
 		        object==0?"Key":"Signature",
 			asctimestamp((ulong)(curtime + interval) ) );
            /* FIXME: This check yields warning on alhas:
               write a configure check and to this check here only for 32 bit machines */
@ -964,7 +987,7 @@ ask_expire_interval(void)
 u32
 ask_expiredate()
 {
-    u32 x = ask_expire_interval();
+    u32 x = ask_expire_interval(0);
    return x? make_timestamp() + x : 0;
 }
@ -1725,7 +1748,7 @@ generate_keypair( const char *fname )
    r->next = para;
    para = r;
-    expire = ask_expire_interval();
+    expire = ask_expire_interval(0);
    r = m_alloc_clear( sizeof *r + 20 );
    r->key = pKEYEXPIRE;
    r->u.expire = expire;
@ -2045,7 +2068,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
    algo = ask_algo( 1, &use );
    assert(algo);
    nbits = ask_keysize( algo );
-    expire = ask_expire_interval();
+    expire = ask_expire_interval(0);
    if( !cpr_enabled() && !cpr_get_answer_is_yes("keygen.sub.okay",
 						  _("Really create? ") ) )
 	goto leave;
--- a/g10/keyid.c
+++ b/g10/keyid.c
@ -318,7 +318,6 @@ datestr_from_sig( PKT_signature *sig )
    return mk_datestr (buffer, atime);
 }
 const char *
 expirestr_from_pk( PKT_public_key *pk )
 {
@ -343,6 +342,18 @@ expirestr_from_sk( PKT_secret_key *sk )
    return mk_datestr (buffer, atime);
 }
 const char *
 expirestr_from_sig( PKT_signature *sig )
 {
    static char buffer[11+5];
    time_t atime;
    if(!sig->expiredate)
      return "never     ";
    atime=sig->expiredate;
    return mk_datestr (buffer, atime);
 }
 const char *
 colon_strtime (u32 t)
 {
@ -389,6 +400,18 @@ colon_datestr_from_sig (PKT_signature *sig)
    return datestr_from_sig (sig);
 }
 const char *
 colon_expirestr_from_sig (PKT_signature *sig)
 {
    if(!sig->expiredate)
        return "";
    if (opt.fixed_list_mode) {
        static char buf[15];
        sprintf (buf, "%lu", (ulong)sig->expiredate);
        return buf;
    }
    return expirestr_from_sig (sig);
 }
 /**************** .
--- a/g10/keylist.c
+++ b/g10/keylist.c
@ -425,6 +425,7 @@ list_keyblock_print ( KBNODE keyblock, int secret )
 		rc = 0;
 		sigrc = ' ';
 	    }
            fputs( sigstr, stdout );
 	    printf("%c%c %c%c%c%c%c %08lX %s   ",
                   sigrc,(sig->sig_class-0x10>0 &&
@ -716,9 +717,10 @@ list_keyblock_colon( KBNODE keyblock, int secret )
            putchar(':');
            if( sigrc != ' ' )
                putchar(sigrc);
-            printf("::%d:%08lX%08lX:%s::::", sig->pubkey_algo,
+            printf("::%d:%08lX%08lX:%s:%s:::", sig->pubkey_algo,
 						 (ulong)sig->keyid[0],
-			   (ulong)sig->keyid[1], colon_datestr_from_sig(sig));
+			   (ulong)sig->keyid[1], colon_datestr_from_sig(sig),
 		           colon_expirestr_from_sig(sig));
 	    if( sigrc == '%' )
 		printf("[%s] ", g10_errstr(rc) );
 	    else if( sigrc == '?' )
--- a/g10/main.h
+++ b/g10/main.h
@ -98,6 +98,7 @@ void keyedit_menu( const char *username, STRLIST locusr, STRLIST cmds,
 							    int sign_mode );
 /*-- keygen.c --*/
 u32 ask_expire_interval(int object);
 u32 ask_expiredate(void);
 void generate_keypair( const char *fname );
 int keygen_set_std_prefs (const char *string);
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -1336,6 +1336,7 @@ check_sig_and_print( CTX c, KBNODE node )
            }
 	}
 	release_kbnode( keyblock );
 	if( !rc )
 	    print_notation_data( sig );
@ -1362,6 +1363,15 @@ check_sig_and_print( CTX c, KBNODE node )
 	if( !rc )
 	    rc = check_signatures_trust( sig );
 	if(sig->flags.expired)
 	  {
 	    log_info("Signature expired %s\n",asctimestamp(sig->expiredate));
 	    rc=G10ERR_GENERAL; /* need a better error here? */
 	  }
 	else if(sig->expiredate)
 	  log_info("Signature expires %s\n",asctimestamp(sig->expiredate));
 	if( rc )
 	    g10_errors_seen = 1;
 	if( opt.batch && rc )
--- a/g10/packet.h
+++ b/g10/packet.h
@ -436,8 +436,8 @@ int write_comment( IOBUF out, const char *s );
 /*-- sign.c --*/
 int make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
 			PKT_user_id *uid, PKT_public_key *subpk,
-			PKT_secret_key *sk,
+			PKT_secret_key *sk, int sigclass, int digest_algo,
-			int sigclass, int digest_algo, int sigversion,
+			int sigversion, u32 timestamp,
 			int (*mksubpkt)(PKT_signature *, void *),
 			void *opaque  );
 int update_keysig_packet( PKT_signature **ret_sig,
--- a/g10/revoke.c
+++ b/g10/revoke.c
@ -193,7 +193,7 @@ gen_revoke( const char *uname )
    iobuf_push_filter( out, armor_filter, &afx );
    /* create it */
-    rc = make_keysig_packet( &sig, pk, NULL, NULL, sk, 0x20, 0, 0,
+    rc = make_keysig_packet( &sig, pk, NULL, NULL, sk, 0x20, 0, 0, 0,
 						  revocation_reason_build_cb,
 						  reason );
    if( rc ) {
--- a/g10/sign.c
+++ b/g10/sign.c
@ -433,7 +433,8 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
 */
 static int
 write_signature_packets (SK_LIST sk_list, IOBUF out, MD_HANDLE hash,
-                         int sigclass, int old_style, int status_letter)
+                         int sigclass, u32 timestamp, u32 duration,
 			 int old_style, int status_letter)
 {
    SK_LIST sk_rover;
@ -448,11 +449,21 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, MD_HANDLE hash,
 	/* build the signature packet */
 	sig = m_alloc_clear (sizeof *sig);
-	sig->version = (old_style || opt.force_v3_sigs)? 3 : sk->version;
+	if(old_style || opt.force_v3_sigs)
 	  sig->version=3;
 	else if(duration)
 	  sig->version=4;
 	else
 	  sig->version=sk->version;
 	keyid_from_sk (sk, sig->keyid);
 	sig->digest_algo = hash_for (sk->pubkey_algo, sk->version);
 	sig->pubkey_algo = sk->pubkey_algo;
 	if(timestamp)
 	  sig->timestamp = timestamp;
 	else
 	  sig->timestamp = make_timestamp();
 	if(duration)
 	  sig->expiredate = sig->timestamp+duration;
 	sig->sig_class = sigclass;
 	md = md_copy (hash);
@ -520,7 +531,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
    int multifile = 0;
    int old_style = opt.rfc1991;
    int compr_algo = -1; /* unknown */
-
+    u32 timestamp=0,duration=0;
    memset( &afx, 0, sizeof afx);
    memset( &zfx, 0, sizeof zfx);
@ -539,9 +550,12 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
    if( fname && filenames->next && (!detached || encryptflag) )
 	log_bug("multiple files can only be detached signed");
    if(opt.expert && !opt.batch && !opt.force_v3_sigs && !old_style)
      duration=ask_expire_interval(1);
    if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
 	goto leave;
-    if( !old_style )
+    if( !old_style && !duration )
 	old_style = only_old_style( sk_list );
    if( encryptflag ) {
@ -662,6 +676,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
    /* write the signatures */
    rc = write_signature_packets (sk_list, out, mfx.md,
                                  opt.textmode && !outfile? 0x01 : 0x00,
 				  timestamp, duration,
                                  old_style, detached ? 'D':'S');
    if( rc )
        goto leave;
@ -699,13 +714,17 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
    SK_LIST sk_rover = NULL;
    int old_style = opt.rfc1991;
    int only_md5 = 0;
    u32 timestamp=0,duration=0;
    memset( &afx, 0, sizeof afx);
    init_packet( &pkt );
    if(opt.expert && !opt.batch && !opt.force_v3_sigs && !old_style)
      duration=ask_expire_interval(1);
    if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
 	goto leave;
-    if( !old_style )
+    if( !old_style && !duration )
 	old_style = only_old_style( sk_list );
    /* prepare iobufs */
@ -789,8 +808,8 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
    iobuf_push_filter( out, armor_filter, &afx );
    /* write the signatures */
-    rc = write_signature_packets (sk_list, out, textmd,
+    rc = write_signature_packets (sk_list, out, textmd, 0x01,
-                                  0x01, old_style, 'C');
+				  timestamp, duration, old_style, 'C');
    if( rc )
        goto leave;
@ -826,6 +845,7 @@ sign_symencrypt_file (const char *fname, STRLIST locusr)
    int old_style = opt.rfc1991;
    int compr_algo = -1; /* unknown */
    int algo;
    u32 timestamp=0,duration=0;
    memset( &afx, 0, sizeof afx);
    memset( &zfx, 0, sizeof zfx);
@ -834,10 +854,13 @@ sign_symencrypt_file (const char *fname, STRLIST locusr)
    memset( &cfx, 0, sizeof cfx);
    init_packet( &pkt );
    if(opt.expert && !opt.batch && !opt.force_v3_sigs && !old_style)
      duration=ask_expire_interval(1);
    rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG);
    if (rc) 
 	goto leave;
-    if( !old_style )
+    if( !old_style && !duration )
 	old_style = only_old_style( sk_list );
    /* prepare iobufs */
@ -935,6 +958,7 @@ sign_symencrypt_file (const char *fname, STRLIST locusr)
    /*(current filters: zip - encrypt - armor)*/
    rc = write_signature_packets (sk_list, out, mfx.md,
 				  opt.textmode? 0x01 : 0x00,
 				  timestamp, duration,
                                  old_style, 'S');
    if( rc )
        goto leave;
@ -963,14 +987,14 @@ sign_symencrypt_file (const char *fname, STRLIST locusr)
 * DIGEST_ALGO is 0 the function selects an appropriate one.
 * SIGVERSION gives the minimal required signature packet version;
 * this is needed so that special properties like local sign are not
- * applied (actually: dropped) when a v3 key is used.
+ * applied (actually: dropped) when a v3 key is used.  TIMESTAMP is
- */
+ * the timestamp to use for the signature. 0 means "now" */
 int
 make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
 		    PKT_user_id *uid, PKT_public_key *subpk,
 		    PKT_secret_key *sk,
 		    int sigclass, int digest_algo,
-                    int sigversion,
+                    int sigversion, u32 timestamp,
 		    int (*mksubpkt)(PKT_signature *, void *), void *opaque
 		   )
 {
@ -1030,6 +1054,9 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
    keyid_from_sk( sk, sig->keyid );
    sig->pubkey_algo = sk->pubkey_algo;
    sig->digest_algo = digest_algo;
    if(timestamp)
      sig->timestamp=timestamp;
    else
      sig->timestamp = make_timestamp();
    sig->sig_class = sigclass;
    if( sig->version >= 4 )