PgpCore icon indicating copy to clipboard operation
PgpCore copied to clipboard

Published 20 hours ago verified publisher icon mattosaurus

Encrypting file with an expired public key

Open aiscrim opened this issue 4 years ago • 1 comments

I am using this library to encrypt a zip file. The code is very simple:

using (PGP pgp = new PGP())
{
    pgp.EncryptFile(zipFileFullname, encryptedFileFullname, publicKeysFileFullname);
}

It generally works well, but today I noticed that if I use an expired public key, it successfully encrypts the file regardless of the key being expired, without any warning. I have been looking for some parameters to be passed or some methods to call to verify if the keys are valid, but I didn't find anything. Isn't the encryption supposed to fail if the encryption keys expired?

aiscrim avatar Jun 02 '20 16:06 aiscrim

As far as I can tell encryption/decryption of a file encrypted with an expired public key should still work as normal though there should potentially be a warning that the key has expired.

I'm not sure of the best way to handle this but I might add another parameter to the methods to determine the behaviour of expired keys.

mattosaurus avatar Jun 03 '20 08:06 mattosaurus