Expiration dates of PGP keys are capped at 2038-01-19 on a 32bit system

[AlphaJack]

This happens to both downloaded (from keyserver) and uploaded keys.
Other programs like gpg on the same machine returns the right expiration date. Is this a PHP limitation?

[johndoh]

That sounds like the Y2K38 bug. Can you describe your environment?

[AlphaJack]

Exactly

Arch Linux ARM 5.4.51 php 7.4.8 roundcubemail 1.4.7

[trasherdk]

I'm confused.
Aren't dates stored as unsigned long, UTC ???

[johndoh]

@AlphaJack are you running PHP in 32 or 64 bit mode?

[AlphaJack]

I guess 32 as it's a Raspberry Pi 2 (armv7h)

[alecpl]

Crypt_GPG casts the timestamp to an integer (in Crypt_GPG_SubKey), so that's probably the issue.

[alecpl]

Would be nice to at least see how some gpg command output looks like on such a system:

/usr/bin/gpg --version
/usr/bin/gpg --trust-model always --ignore-time-conflict --ignore-valid-from --with-colons --with-fingerprint --with-fingerprint --fixed-list-mode --list-public-keys

You can add --homedir 'plugins/enigma/home/email@address' if needed.

[AlphaJack]

gpg --version --homedir .

gpg (GnuPG) 2.2.27
libgcrypt 1.9.2-unknown
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /path/to/enigma/user@example.org
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

gpg --trust-model always --ignore-time-conflict --ignore-valid-from --with-colons --with-fingerprint --with-fingerprint --fixed-list-mode --list-public-keys --homedir .

tru:t:0:0:0:0:0:0
pub:-:255:22:665896B3B67AE394:1598752414:3133677600::-:::scaESCA:::::ed25519:::0:
fpr:::::::::AF5DF34E1F8133C2DFF5568F665896B3B67AE394:
uid:-::::1598752414::0CED4ACA18F1F0445693F5EDD4C90F54514585D0::First Last <user@example.org>::::::::::0:
sub:-:255:18:E8595956A401A183:1598752414:3133677600:::::e:::::cv25519::
fpr:::::::::AC0F6A264F8FF557F417DDF2E8595956A401A183:

[alecpl]

Ok, now we have to find out how to convert 3133677600 to a date-time string/object. Will that work?

<?php
$dt = new DateTime('@3133677600');
echo $dt->format('c');
?>

[AlphaJack]

Output is 2069-04-20T10:00:00+00:00, which is correct

[alecpl]

We're getting closer. Last thing:

<?php
$dt = new DateTime('@3133677600');
echo $dt->format('U');
?>

[AlphaJack]

Output is 3133677600

[alecpl]

I consider it fixed with the following two commits:

• https://github.com/pear/Crypt_GPG/commit/9715067e3142275
• 8a0edf9c94bc9

Could you confirm?

[AlphaJack]

I tried packaging from the latest commit, but It doesn't seem to work: I also tried deleting the key and reuploading it, nothing changes

[alecpl]

You don't have to re-upload the key. Are you sure both patches are applied properly? Is there a chance you would give me ssh access to your server?

[AlphaJack]

Doing a simple text search 8a0edf9 is there, but I can't find the pear one. Do I need to change the version required in the composer file? My guess is that "pear/crypt_gpg": "~1.6.3" is missing commit 9715067

[alecpl]

"pear/crypt_gpg": "dev-master" should give you what you need.

[AlphaJack]

It's working, thanks!

[alecpl]

Crypt_GPG-1.6.5 released. Changelog updated.