[Pkg-gnupg-commit] [gpgme] 75/132: core: Fix expiration time handling when creating keys.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Apr 26 01:01:27 UTC 2017 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gpgme.

commit de708e5934cda380dbc3ae51f587c09041de7562
Author: Justus Winter <justus at g10code.com>
Date:   Wed Feb 15 16:17:13 2017 +0100

    core: Fix expiration time handling when creating keys.
    
    * NEWS: Update.
    * doc/gpgme.texi (gpgme_op_createkey): Clarify the meaning of the
    'expire' parameter.
    (GPGME_CREATE_NOEXPIRE): Document new flag.
    (gpgme_op_createsubkey): Clarify the meaning of the 'expire'
    parameter.
    * src/engine-gpg.c (gpg_add_algo_usage_expire): Fix handling of the
    expiration time.
    * src/gpgme.h.in (GPGME_CREATE_NOEXPIRE): New macro.
    --
    
    Previously, the documentation stated that the expiration time was an
    absolute timestamp.  However, this value was passed using the
    'seconds=N' syntax to GnuPG which specifies the expiration time in
    seconds relative to the creation time.  Fix the documentation.
    
    Furthermore, the documentation stated that using 0 results in keys
    that do not expire.  This was communicated to GnuPG by using the
    implicit default.  However, as of GnuPG 2.1.17, the default was
    changed to create keys that expire within a reasonable timespan.
    
    Fix this discrepancy by aligning the behavior with recent GnuPG
    versions: 0 means use a reasonable default, and introduce a flag that
    can be used to create keys that do not expire.  Communicate this
    explicitly to GnuPG.
    
    Signed-off-by: Justus Winter <justus at g10code.com>
---
 NEWS             |  3 +++
 doc/gpgme.texi   | 33 +++++++++++++++++++--------------
 src/engine-gpg.c | 18 +++++++++++++-----
 src/gpgme.h.in   |  1 +
 4 files changed, 36 insertions(+), 19 deletions(-)

diff --git a/NEWS b/NEWS
index 0735882..82f403c 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,9 @@ Noteworthy changes in version 1.8.1 (unreleased)
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  gpgme_strerror_r            CHANGED: Use gpgme_error_t (compatible type).
  gpgme_data_set_flag         CHANGED: Return gpgme_error_t (compatible type).
+ gpgme_op_createkey          CHANGED: Meaning of 'expire' parameter.
+ gpgme_op_createsubkey       CHANGED: Meaning of 'expire' parameter.
+ GPGME_CREATE_NOEXPIRE       NEW.
  cpp: Context::revUid(const Key&, const char*)      NEW.
  cpp: Context::startRevUid(const Key&, const char*) NEW.
  cpp: Context::addUid(const Key&, const char*)      NEW.
diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index e058fba..c088cfe 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -3612,13 +3612,14 @@ primary key plus a secondary key (subkey).
 
 @var{reserved} must be set to zero.
 
- at var{expires} can be set to the number of seconds since Epoch of the
-desired expiration date in UTC for the new key.   Using 0 does not
-set an expiration date.  Note that this parameter takes an unsigned long
-value and not a @code{time_t} to avoid problems on systems which use a
-signed 32 bit @code{time_t}.  Note further that the OpenPGP protocol
-uses 32 bit values for timestamps and thus can only encode dates up to
-the year 2106.
+ at var{expires} specifies the expiration time in seconds.  If you supply
+0, a reasonable expiration time is chosen.  Use the flag
+ at code{GPGME_CREATE_NOEXPIRE} to create keys that do not expire.  Note
+that this parameter takes an unsigned long value and not a
+ at code{time_t} to avoid problems on systems which use a signed 32 bit
+ at code{time_t}.  Note further that the OpenPGP protocol uses 32 bit
+values for timestamps and thus can only encode dates up to the year
+2106.
 
 @var{extrakey} is currently not used and must be set to @code{NULL}.
 A future version of GPGME may use this parameter to create X.509 keys.
@@ -3660,6 +3661,9 @@ The engine does not allow the creation of a key with a user ID
 already existing in the local key database.  This flag can be used to
 override this check.
 
+ at item GPGME_CREATE_NOEXPIRE
+Request generation of keys that do not expire.
+
 @end table
 
 After the operation completed successfully, information about the
@@ -3719,13 +3723,14 @@ able to already handle such future algorithms.
 
 @var{reserved} must be set to zero.
 
- at var{expires} can be set to the number of seconds since Epoch of the
-desired expiration date in UTC for the new subkey.   Using 0 does not
-set an expiration date.  Note that this parameter takes an unsigned long
-value and not a @code{time_t} to avoid problems on systems which use a
-signed 32 bit @code{time_t}.  Note further that the OpenPGP protocol
-uses 32 bit values for timestamps and thus can only encode dates up to
-the year 2106.
+ at var{expires} specifies the expiration time in seconds.  If you supply
+0, a reasonable expiration time is chosen.  Use the flag
+ at code{GPGME_CREATE_NOEXPIRE} to create keys that do not expire.  Note
+that this parameter takes an unsigned long value and not a
+ at code{time_t} to avoid problems on systems which use a signed 32 bit
+ at code{time_t}.  Note further that the OpenPGP protocol uses 32 bit
+values for timestamps and thus can only encode dates up to the year
+2106.
 
 @var{flags} takes the same values as described above for
 @code{gpgme_op_createkey}.
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 21ca02a..3443600 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -2076,7 +2076,8 @@ gpg_add_algo_usage_expire (engine_gpg_t gpg,
   /* This condition is only required to allow the use of gpg < 2.1.16 */
   if (algo
       || (flags & (GPGME_CREATE_SIGN | GPGME_CREATE_ENCR
-                   | GPGME_CREATE_CERT | GPGME_CREATE_AUTH))
+                   | GPGME_CREATE_CERT | GPGME_CREATE_AUTH
+                   | GPGME_CREATE_NOEXPIRE))
       || expires)
     {
       err = add_arg (gpg, algo? algo : "default");
@@ -2090,11 +2091,18 @@ gpg_add_algo_usage_expire (engine_gpg_t gpg,
                     (flags & GPGME_CREATE_AUTH)? " auth":"");
           err = add_arg (gpg, *tmpbuf? tmpbuf : "default");
         }
-      if (!err && expires)
+      if (!err)
         {
-          char tmpbuf[8+20];
-          snprintf (tmpbuf, sizeof tmpbuf, "seconds=%lu", expires);
-          err = add_arg (gpg, tmpbuf);
+          if (flags & GPGME_CREATE_NOEXPIRE)
+            err = add_arg (gpg, "never");
+          else if (expires == 0)
+            err = add_arg (gpg, "-");
+          else
+            {
+              char tmpbuf[8+20];
+              snprintf (tmpbuf, sizeof tmpbuf, "seconds=%lu", expires);
+              err = add_arg (gpg, tmpbuf);
+            }
         }
     }
   else
diff --git a/src/gpgme.h.in b/src/gpgme.h.in
index 7f2d34f..f76689e 100644
--- a/src/gpgme.h.in
+++ b/src/gpgme.h.in
@@ -1637,6 +1637,7 @@ gpgme_error_t gpgme_op_export_keys (gpgme_ctx_t ctx,
 #define GPGME_CREATE_WANTPUB    (1 << 10) /* Return the public key.    */
 #define GPGME_CREATE_WANTSEC    (1 << 11) /* Return the secret key.    */
 #define GPGME_CREATE_FORCE      (1 << 12) /* Force creation.           */
+#define GPGME_CREATE_NOEXPIRE   (1 << 13) /* Create w/o expiration.    */
 
 /* An object to return result from a key generation.
  * This structure shall be considered read-only and an application

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gpgme.git

More information about the Pkg-gnupg-commit mailing list