Understanding of BCPG SetKeyExpirationTime

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Understanding of BCPG SetKeyExpirationTime

developr
This post has NOT been accepted by the mailing list yet.
Hi, I've used the BC OpenPGP crypto lib in c# to create a small PGP app (create keys, enc/decypt data etc.) but I cant seem to find much information around the SetKeyExpirationTime option?

I use: SubpacketGenerator.SetKeyExpirationTime(true, long Seconds)

Utilising this option my app successfully sets the expiry date.

But... In the BC OpenPGP lib do I as the dev control whether or not I choose to honour an expiry date set on a PGP key pair when I'm using the keys?

Or is there a mechanism built into the lib/standard which takes care of this for me and prevents me encrypting with an expired key?

I assume its the former as my test results indicate I can create a new key pair with an expiry date, but when I come to use the public key in my own app to encrypt data it encrypts fine and subsequently decrypts fine even when the key has 'expired'/past the expiry date.

I would be really interested to know if this is the correct behaviour or whether I am doing something wrong.

Thanks.