From 5af13849a9e2cff0e629318a7e4b35db3699971e Mon Sep 17 00:00:00 2001
From: orignal <i2porignal@yandex.ru>
Date: Tue, 9 Jul 2024 13:44:30 -0400
Subject: [PATCH] check if offline signature is expired when load keys

---
 libi2pd/Identity.cpp | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/libi2pd/Identity.cpp b/libi2pd/Identity.cpp
index 9590d9c7..4168abb7 100644
--- a/libi2pd/Identity.cpp
+++ b/libi2pd/Identity.cpp
@@ -479,7 +479,12 @@ namespace data
 		{
 			// offline information
 			const uint8_t * offlineInfo = buf + ret;
-			ret += 4; // expires timestamp
+			uint32_t expires = bufbe32toh (buf + ret); ret += 4; // expires timestamp
+			if (expires < i2p::util::GetSecondsSinceEpoch ())
+			{
+				LogPrint (eLogError, "Identity: Offline signature expired");
+				return 0;
+			}	
 			SigningKeyType keyType = bufbe16toh (buf + ret); ret += 2; // key type
 			std::unique_ptr<i2p::crypto::Verifier> transientVerifier (IdentityEx::CreateVerifier (keyType));
 			if (!transientVerifier) return 0;