[Pkg-gnupg-commit] [gnupg2] 96/180: g10: Create expiring keys in quick key generation mode.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sat Dec 24 22:29:13 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit dd3dde07a9a46130ac01d849f8edf0566e44f11f
Author: Justus Winter <justus at g10code.com>
Date: Tue Dec 13 16:30:47 2016 +0100
g10: Create expiring keys in quick key generation mode.
* doc/gpg.texi: Document that fact.
* g10/keygen.c (quick_generate_keypair): Use a default value.
* tests/openpgp/quick-key-manipulation.scm: Test that fact.
GnuPG-bug-id: 2701
Signed-off-by: Justus Winter <justus at g10code.com>
---
doc/gpg.texi | 6 ++++++
g10/keygen.c | 2 ++
tests/openpgp/quick-key-manipulation.scm | 31 ++++++++++++++-----------------
3 files changed, 22 insertions(+), 17 deletions(-)
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 3f54fe2..c7c7db6 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -630,6 +630,12 @@ For a description of these optional arguments see the command
``cert'' which can be used to create a certification only primary key;
the default is to a create certification and signing key.
+The @code{expire} argument can be used to specify an expiration date
+for the key. Several formats are supported; commonly the ISO
+YYYY-MM-DD format is used. The values ``never'', ``none'' can be used
+for no expiration date. Not specifying a value, or using ``-''
+results in a key expiring in a reasonable default interval.
+
If this command is used with @option{--batch},
@option{--pinentry-mode} has been set to @code{loopback}, and one of
the passphrase options (@option{--passphrase},
diff --git a/g10/keygen.c b/g10/keygen.c
index c937084..9fa4a07 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -3957,6 +3957,8 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
}
}
+ if (!*expirestr || strcmp (expirestr, "-") == 0)
+ expirestr = default_expiration_interval;
if ((!*algostr || !strcmp (algostr, "default")
|| !strcmp (algostr, "future-default"))
diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm
index 360c48e..639fd62 100755
--- a/tests/openpgp/quick-key-manipulation.scm
+++ b/tests/openpgp/quick-key-manipulation.scm
@@ -27,6 +27,13 @@
(define (exact id)
(string-append "=" id))
+;; Convenient accessors for the colon output.
+(define (:length x) (string->number (list-ref x 2)))
+(define (:alg x) (string->number (list-ref x 3)))
+(define (:expire x) (list-ref x 6))
+(define (:fpr x) (list-ref x 9))
+(define (:cap x) (list-ref x 11))
+
(define (count-uids-of-secret-key id)
(length (filter (lambda (x) (and (string=? "uid" (car x))
(not (string=? "r" (cadr x)))))
@@ -47,10 +54,11 @@
(info "Checking quick key generation...")
(call-check `(, at GPG --quick-gen-key ,alpha))
-(assert (= 1 (count-uids-of-secret-key alpha)))
+(define keyinfo (gpg-with-colons `(-k ,(exact alpha))))
+(define fpr (:fpr (assoc "fpr" keyinfo)))
-(define fpr (list-ref (assoc "fpr" (gpg-with-colons `(-k ,(exact alpha))))
- 9))
+(assert (= 1 (count-uids-of-secret-key alpha)))
+(assert (not (equal? "" (:expire (assoc "pub" keyinfo)))))
(info "Checking that we can add a user ID...")
@@ -82,11 +90,10 @@
(info "Checking that we can change the expiration time.")
(define (expiration-time id)
- (list-ref (assoc "pub" (gpg-with-colons `(-k ,id)))
- 6))
+ (:expire (assoc "pub" (gpg-with-colons `(-k ,id)))))
-;; XXX This assumes that by default keys are created without
-;; expiration date. See issue2701.
+;; Remove the expiration date.
+(call-check `(, at gpg --quick-set-expire ,fpr "0"))
(assert (equal? "" (expiration-time fpr)))
;; Make the key expire in one year.
@@ -94,10 +101,6 @@
;; XXX It'd be nice to check that the value is right.
(assert (not (equal? "" (expiration-time fpr))))
-;; And remove the expiration date.
-(call-check `(, at gpg --quick-set-expire ,fpr "0"))
-(assert (equal? "" (expiration-time fpr)))
-
;;
;; Check --quick-addkey
@@ -111,12 +114,6 @@
;; This keeps track of the number of subkeys.
(define count (length (get-subkeys)))
-;; Convenient accessors for the colon output.
-(define (:length x) (string->number (list-ref x 2)))
-(define (:alg x) (string->number (list-ref x 3)))
-(define (:expire x) (list-ref x 6))
-(define (:cap x) (list-ref x 11))
-
(for-each-p
"Checking that we can add subkeys..."
(lambda (args check)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list