Do not offer expired user ID for certification

gpg doesn't create expiring self signatures, but some other OpenPGP software may do this. GnuPG-bug-id: 6155

Do not offer expired user ID for certification
gpg doesn't create expiring self signatures, but some other OpenPGP software may do this. GnuPG-bug-id: 6155
7ceef3e1 · Ingo Klöcker · Ingo Klöcker · 39d9c325 · 7ceef3e1
Verified Commit 7ceef3e1 authored Sep 14, 2022 by Ingo Klöcker Committed by Ingo Klöcker Sep 14, 2022
--- a/src/dialogs/certifywidget.cpp
+++ b/src/dialogs/certifywidget.cpp
@@ -12,6 +12,7 @@
 #include "certifywidget.h"

 #include <utils/accessibility.h>
+#include <utils/keys.h>
 #include "view/infofield.h"

 #include "kleopatra_debug.h"
@@ -199,7 +200,7 @@ public:
        const std::vector<GpgME::UserID> ids = key.userIDs();
        int i = 0;
        for (const auto &uid: key.userIDs()) {
-            if (uid.isRevoked() || uid.isInvalid()) {
+            if (uid.isRevoked() || uid.isInvalid() || Kleo::isRevokedOrExpired(uid)) {
                // Skip user IDs that cannot really be certified.
                i++;
                continue;