[Pkg-gnupg-commit] [gnupg2] 96/180: g10: Create expiring keys in quick key generation mode.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sat Dec 24 22:29:13 UTC 2016 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit dd3dde07a9a46130ac01d849f8edf0566e44f11f
Author: Justus Winter <justus at g10code.com>
Date:   Tue Dec 13 16:30:47 2016 +0100

    g10: Create expiring keys in quick key generation mode.
    
    * doc/gpg.texi: Document that fact.
    * g10/keygen.c (quick_generate_keypair): Use a default value.
    * tests/openpgp/quick-key-manipulation.scm: Test that fact.
    
    GnuPG-bug-id: 2701
    Signed-off-by: Justus Winter <justus at g10code.com>
---
 doc/gpg.texi                             |  6 ++++++
 g10/keygen.c                             |  2 ++
 tests/openpgp/quick-key-manipulation.scm | 31 ++++++++++++++-----------------
 3 files changed, 22 insertions(+), 17 deletions(-)

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 3f54fe2..c7c7db6 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -630,6 +630,12 @@ For a description of these optional arguments see the command
 ``cert'' which can be used to create a certification only primary key;
 the default is to a create certification and signing key.
 
+The @code{expire} argument can be used to specify an expiration date
+for the key.  Several formats are supported; commonly the ISO
+YYYY-MM-DD format is used.  The values ``never'', ``none'' can be used
+for no expiration date.  Not specifying a value, or using ``-''
+results in a key expiring in a reasonable default interval.
+
 If this command is used with @option{--batch},
 @option{--pinentry-mode} has been set to @code{loopback}, and one of
 the passphrase options (@option{--passphrase},
diff --git a/g10/keygen.c b/g10/keygen.c
index c937084..9fa4a07 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -3957,6 +3957,8 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
       }
   }
 
+  if (!*expirestr || strcmp (expirestr, "-") == 0)
+    expirestr = default_expiration_interval;
 
   if ((!*algostr || !strcmp (algostr, "default")
        || !strcmp (algostr, "future-default"))
diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm
index 360c48e..639fd62 100755
--- a/tests/openpgp/quick-key-manipulation.scm
+++ b/tests/openpgp/quick-key-manipulation.scm
@@ -27,6 +27,13 @@
 (define (exact id)
   (string-append "=" id))
 
+;; Convenient accessors for the colon output.
+(define (:length x) (string->number (list-ref x 2)))
+(define (:alg x) (string->number (list-ref x 3)))
+(define (:expire x) (list-ref x 6))
+(define (:fpr x) (list-ref x 9))
+(define (:cap x) (list-ref x 11))
+
 (define (count-uids-of-secret-key id)
   (length (filter (lambda (x) (and (string=? "uid" (car x))
 				   (not (string=? "r" (cadr x)))))
@@ -47,10 +54,11 @@
 (info "Checking quick key generation...")
 (call-check `(, at GPG --quick-gen-key ,alpha))
 
-(assert (= 1 (count-uids-of-secret-key alpha)))
+(define keyinfo (gpg-with-colons `(-k ,(exact alpha))))
+(define fpr (:fpr (assoc "fpr" keyinfo)))
 
-(define fpr (list-ref (assoc "fpr" (gpg-with-colons `(-k ,(exact alpha))))
-		      9))
+(assert (= 1 (count-uids-of-secret-key alpha)))
+(assert (not (equal? "" (:expire (assoc "pub" keyinfo)))))
 
 (info "Checking that we can add a user ID...")
 
@@ -82,11 +90,10 @@
 (info "Checking that we can change the expiration time.")
 
 (define (expiration-time id)
-  (list-ref (assoc "pub" (gpg-with-colons `(-k ,id)))
-	    6))
+  (:expire (assoc "pub" (gpg-with-colons `(-k ,id)))))
 
-;; XXX This assumes that by default keys are created without
-;; expiration date.  See issue2701.
+;; Remove the expiration date.
+(call-check `(, at gpg --quick-set-expire ,fpr "0"))
 (assert (equal? "" (expiration-time fpr)))
 
 ;; Make the key expire in one year.
@@ -94,10 +101,6 @@
 ;; XXX It'd be nice to check that the value is right.
 (assert (not (equal? "" (expiration-time fpr))))
 
-;; And remove the expiration date.
-(call-check `(, at gpg --quick-set-expire ,fpr "0"))
-(assert (equal? "" (expiration-time fpr)))
-
 
 ;;
 ;; Check --quick-addkey
@@ -111,12 +114,6 @@
 ;; This keeps track of the number of subkeys.
 (define count (length (get-subkeys)))
 
-;; Convenient accessors for the colon output.
-(define (:length x) (string->number (list-ref x 2)))
-(define (:alg x) (string->number (list-ref x 3)))
-(define (:expire x) (list-ref x 6))
-(define (:cap x) (list-ref x 11))
-
 (for-each-p
  "Checking that we can add subkeys..."
  (lambda (args check)

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list