hkp: return correct creation time

The creation time reported in the hkp "index" response should be the primary key's creation timestamp. We returned the creation time of the "primary key signature" (i.e. newest user id binding signature) before. see https://tools.ietf.org/html/draft-shaw-openpgp-hkp-00#section-5.2
2023-02-13 20:55:02 -05:00 · 2019-12-10 17:17:47 +01:00 · 2019-12-10 17:17:47 +01:00 · d15f0926ed
commit d15f0926ed
parent 230f69bc6f
2 changed files with 25 additions and 5 deletions
--- a/src/web/hkp.rs
+++ b/src/web/hkp.rs
@ -223,11 +223,7 @@ fn key_to_hkp_index(db: rocket::State<KeyDatabase>, query: Query)
    let mut out = String::default();
    let p = tpk.primary();

-    let ctime = tpk
-        .primary_key_signature()
-        .and_then(|x| x.signature_creation_time())
-        .map(|x| format!("{}", x.to_timespec().sec))
-        .unwrap_or_default();
+    let ctime = format!("{}", p.creation_time().to_timespec().sec);
    let extime = tpk
        .primary_key_signature()
        .and_then(|x| x.signature_expiration_time())
--- a/src/web/mod.rs
+++ b/src/web/mod.rs
@ -1059,6 +1059,25 @@ pub mod tests {
        assert_eq!(tpk_.userids().count(), nr_uids);
    }

+        // it's a rather "reverse implementation" style test.. can we do better?
+    /// Asserts that the given URI returns a correct hkp "index"
+    /// response for the given TPK.
+    pub fn check_index_response(client: &Client, uri: &str, tpk: &TPK) {
+        let mut response = client.get(uri).dispatch();
+        assert_eq!(response.status(), Status::Ok);
+        assert_eq!(response.content_type(),
+                   Some(ContentType::new("text", "plain")));
+        let body = response.body_string().unwrap();
+
+        assert!(body.contains("info:1:1"));
+        let primary_fpr = tpk.fingerprint().to_hex();
+        let algo: u8 = tpk.primary().pk_algo().into();
+        assert!(body.contains(&format!("pub:{}:{}:", primary_fpr, algo)));
+
+        let creation_time = tpk.primary().creation_time().to_timespec().sec;
+        assert!(body.contains(&format!(":{}:", creation_time)));
+    }
+
    /// Asserts that we can get the given TPK back using the various
    /// by-fingerprint or by-keyid lookup mechanisms.
    pub fn check_mr_responses_by_fingerprint(client: &Client, tpk: &TPK,
@ -1090,6 +1109,11 @@ pub mod tests {
            &client,
            &format!("/pks/lookup?op=get&search=0x{}", keyid),
            &tpk, nr_uids);
+
+        check_index_response(
+            &client,
+            &format!("/pks/lookup?op=index&search={}", fp),
+            &tpk);
    }

    /// Asserts that the given URI contains the search string.