[Pkg-gnupg-commit] [gnupg2] 46/102: gpg: Extend the --quick-gen-key command.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Jun 17 00:14:53 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch experimental
in repository gnupg2.
commit 01285f909e43e8d6a48fbcc77bb5af53d567d8a2
Author: Werner Koch <wk at gnupg.org>
Date: Thu Jun 2 18:38:10 2016 +0200
gpg: Extend the --quick-gen-key command.
* g10/keygen.c (quickgen_set_para): Add arg 'use'.
(quick_generate_keypair): Add args 'algostr', 'usagestr', and
'expirestr'. Implement primary only key mode.
(parse_algo_usage_expire): Set NBITS for the default algo.
* g10/gpg.c (main): Extend --quick-gen-key command.
Signed-off-by: Werner Koch <wk at gnupg.org>
---
doc/gpg.texi | 9 +++++++-
g10/gpg.c | 28 +++++++++++++++++++----
g10/keygen.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++------------
g10/main.h | 3 ++-
4 files changed, 92 insertions(+), 22 deletions(-)
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 9b0f1ba..4559958 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -599,7 +599,7 @@ This section explains the main commands for key management
@table @gnupgtabopt
- at item --quick-gen-key @code{user-id}
+ at item --quick-gen-key @code{user-id} [@code{algo} [@code{usage} [@code{expire}]]]
@opindex quick-gen-key
This is a simple command to generate a standard key with one user id.
In contrast to @option{--gen-key} the key is generated directly
@@ -612,6 +612,13 @@ answer to a ``Continue?'' style confirmation prompt is required. In
case the user id already exists in the key ring a second prompt to
force the creation of the key will show up.
+If any of the optional arguments are given, only the primary key is
+created and no prompts are shown. For a description of these optional
+arguments see the command @code{--quick-addkey}. The @code{usage}
+accepts also the value ``cert'' which can be used to create a
+certification only primary key; the default is to a create
+certification and signing key.
+
If this command is used with @option{--batch},
@option{--pinentry-mode} has been set to @code{loopback}, and one of
the passphrase options (@option{--passphrase},
diff --git a/g10/gpg.c b/g10/gpg.c
index 2795330..b193fcd 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -4096,11 +4096,29 @@ main (int argc, char **argv)
break;
case aQuickKeygen:
- if (argc != 1 )
- wrong_args("--gen-key user-id");
- username = make_username (fname);
- quick_generate_keypair (ctrl, username);
- xfree (username);
+ {
+ const char *x_algo, *x_usage, *x_expire;
+
+ if (argc < 1 || argc > 4)
+ wrong_args("--quick-gen-key USER-ID [ALGO [USAGE [EXPIRE]]]");
+ username = make_username (fname);
+ argv++, argc--;
+ x_algo = "";
+ x_usage = "";
+ x_expire = "";
+ if (argc)
+ {
+ x_algo = *argv++; argc--;
+ if (argc)
+ {
+ x_usage = *argv++; argc--;
+ if (argc)
+ x_expire = *argv++; argc--;
+ }
+ }
+ quick_generate_keypair (ctrl, username, x_algo, x_usage, x_expire);
+ xfree (username);
+ }
break;
case aKeygen: /* generate a key */
diff --git a/g10/keygen.c b/g10/keygen.c
index 69b6a0d..940cb16 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -136,6 +136,12 @@ static byte zip_prefs[MAX_PREFS];
static int nzip_prefs;
static int mdc_available,ks_modify;
+static gpg_error_t parse_algo_usage_expire (ctrl_t ctrl, int for_subkey,
+ const char *algostr, const char *usagestr,
+ const char *expirestr,
+ int *r_algo, unsigned int *r_usage,
+ u32 *r_expire,
+ unsigned int *r_nbits, char **r_curve);
static void do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
struct output_control_s *outctrl, int card );
static int write_keyblock (iobuf_t out, kbnode_t node);
@@ -3467,13 +3473,20 @@ read_parameter_file (ctrl_t ctrl, const char *fname )
/* Helper for quick_generate_keypair. */
static struct para_data_s *
quickgen_set_para (struct para_data_s *para, int for_subkey,
- int algo, int nbits, const char *curve)
+ int algo, int nbits, const char *curve, unsigned int use)
{
struct para_data_s *r;
- r = xmalloc_clear (sizeof *r + 20);
+ r = xmalloc_clear (sizeof *r + 30);
r->key = for_subkey? pSUBKEYUSAGE : pKEYUSAGE;
- strcpy (r->u.value, for_subkey ? "encrypt" : "sign");
+ if (use)
+ snprintf (r->u.value, 30, "%s%s%s%s",
+ (use & PUBKEY_USAGE_ENC)? "encr " : "",
+ (use & PUBKEY_USAGE_SIG)? "sign " : "",
+ (use & PUBKEY_USAGE_AUTH)? "auth " : "",
+ (use & PUBKEY_USAGE_CERT)? "cert " : "");
+ else
+ strcpy (r->u.value, for_subkey ? "encr" : "sign");
r->next = para;
para = r;
r = xmalloc_clear (sizeof *r + 20);
@@ -3507,7 +3520,8 @@ quickgen_set_para (struct para_data_s *para, int for_subkey,
* Unattended generation of a standard key.
*/
void
-quick_generate_keypair (ctrl_t ctrl, const char *uid)
+quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
+ const char *usagestr, const char *expirestr)
{
gpg_error_t err;
struct para_data_s *para = NULL;
@@ -3518,6 +3532,7 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid)
memset (&outctrl, 0, sizeof outctrl);
use_tty = (!opt.batch && !opt.answer_yes
+ && !*algostr && !*usagestr && !*expirestr
&& !cpr_enabled ()
&& gnupg_isatty (fileno (stdin))
&& gnupg_isatty (fileno (stdout))
@@ -3578,12 +3593,39 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid)
}
}
- para = quickgen_set_para (para, 0,
- DEFAULT_STD_ALGO, DEFAULT_STD_KEYSIZE,
- DEFAULT_STD_CURVE);
- para = quickgen_set_para (para, 1,
- DEFAULT_STD_SUBALGO, DEFAULT_STD_SUBKEYSIZE,
- DEFAULT_STD_SUBCURVE);
+ if (*algostr || *usagestr || *expirestr)
+ {
+ /* Extended unattended mode. Creates only the primary key. */
+ int algo;
+ unsigned int use;
+ u32 expire;
+ unsigned int nbits;
+ char *curve;
+
+ err = parse_algo_usage_expire (ctrl, 0, algostr, usagestr, expirestr,
+ &algo, &use, &expire, &nbits, &curve);
+ if (err)
+ {
+ log_error (_("Key generation failed: %s\n"), gpg_strerror (err) );
+ goto leave;
+ }
+
+ para = quickgen_set_para (para, 0, algo, nbits, curve, use);
+ r = xmalloc_clear (sizeof *r + 20);
+ r->key = pKEYEXPIRE;
+ r->u.expire = expire;
+ r->next = para;
+ para = r;
+ }
+ else
+ {
+ para = quickgen_set_para (para, 0,
+ DEFAULT_STD_ALGO, DEFAULT_STD_KEYSIZE,
+ DEFAULT_STD_CURVE, 0);
+ para = quickgen_set_para (para, 1,
+ DEFAULT_STD_SUBALGO, DEFAULT_STD_SUBKEYSIZE,
+ DEFAULT_STD_SUBCURVE, 0);
+ }
/* If the pinentry loopback mode is not and we have a static
passphrase (i.e. set with --passphrase{,-fd,-file} while in batch
@@ -3601,6 +3643,7 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid)
}
proc_parameter_file (ctrl, para, "[internal]", &outctrl, 0);
+
leave:
release_parameter_list (para);
}
@@ -3844,10 +3887,10 @@ generate_keypair (ctrl_t ctrl, int full, const char *fname,
, "--full-gen-key" );
para = quickgen_set_para (para, 0,
DEFAULT_STD_ALGO, DEFAULT_STD_KEYSIZE,
- DEFAULT_STD_CURVE);
+ DEFAULT_STD_CURVE, 0);
para = quickgen_set_para (para, 1,
DEFAULT_STD_SUBALGO, DEFAULT_STD_SUBKEYSIZE,
- DEFAULT_STD_SUBCURVE);
+ DEFAULT_STD_SUBCURVE, 0);
}
@@ -4318,7 +4361,7 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
}
-gpg_error_t
+static gpg_error_t
parse_algo_usage_expire (ctrl_t ctrl, int for_subkey,
const char *algostr, const char *usagestr,
const char *expirestr,
@@ -4340,8 +4383,9 @@ parse_algo_usage_expire (ctrl_t ctrl, int for_subkey,
if (!algostr || !*algostr
|| !strcmp (algostr, "default") || !strcmp (algostr, "-"))
{
- algo = DEFAULT_STD_SUBALGO;
- use = DEFAULT_STD_SUBKEYUSE;
+ algo = for_subkey? DEFAULT_STD_SUBALGO : DEFAULT_STD_ALGO;
+ use = for_subkey? DEFAULT_STD_SUBKEYUSE : DEFAULT_STD_KEYUSE;
+ nbits = for_subkey?DEFAULT_STD_SUBKEYSIZE : DEFAULT_STD_KEYSIZE;
}
else if (*algostr == '&' && strlen (algostr) == 41)
{
diff --git a/g10/main.h b/g10/main.h
index 0ca4d39..46b4ead 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -298,7 +298,8 @@ u32 parse_expire_string(const char *string);
u32 ask_expire_interval(int object,const char *def_expire);
u32 ask_expiredate(void);
unsigned int ask_key_flags (int algo, int subkey, unsigned int current);
-void quick_generate_keypair (ctrl_t ctrl, const char *uid);
+void quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
+ const char *usagestr, const char *expirestr);
void generate_keypair (ctrl_t ctrl, int full, const char *fname,
const char *card_serialno, int card_backup_key);
int keygen_set_std_prefs (const char *string,int personal);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list