[Pkg-gnupg-commit] [gnupg2] 77/166: tests: Test and document other ways to create keys.

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Mar 16 22:33:07 UTC 2017 

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch experimental
in repository gnupg2.

commit 90d383f1eb07fc823518dea10eb15ca390f5cf8e
Author: Justus Winter <justus at g10code.com>
Date:   Wed Feb 15 15:51:09 2017 +0100

    tests: Test and document other ways to create keys.
    
    * doc/gpg.texi: Clarify usage and expiration arguments for key
    generation.
    * tests/openpgp/quick-key-manipulation.scm: Test all variants.
    
    Signed-off-by: Justus Winter <justus at g10code.com>
---
 doc/gpg.texi                             | 30 ++++++++++++++++++-----------
 tests/openpgp/quick-key-manipulation.scm | 33 ++++++++++++++++++++++++++++++++
 2 files changed, 52 insertions(+), 11 deletions(-)

diff --git a/doc/gpg.texi b/doc/gpg.texi
index b79b783..16c9674 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -644,10 +644,13 @@ For a description of these optional arguments see the command
 the default is to a create certification and signing key.
 
 The @code{expire} argument can be used to specify an expiration date
-for the key.  Several formats are supported; commonly the ISO
-YYYY-MM-DD format is used.  The values ``never'', ``none'' can be used
-for no expiration date.  Not specifying a value, or using ``-''
-results in a key expiring in a reasonable default interval.
+for the key.  Several formats are supported; commonly the ISO formats
+``YYYY-MM-DD'' or ``YYYYMMDDThhmmss'' are used.  To make the key
+expire in N seconds, N days, N weeks, N months, or N years use
+``seconds=N'', ``Nd'', ``Nw'', ``Nm'', or ``Ny'' respectively.  Not
+specifying a value, or using ``-'' results in a key expiring in a
+reasonable default interval.  The values ``never'', ``none'' can be
+used for no expiration date.
 
 If this command is used with @option{--batch},
 @option{--pinentry-mode} has been set to @code{loopback}, and one of
@@ -684,15 +687,20 @@ Depending on the given @code{algo} the subkey may either be an
 encryption subkey or a signing subkey.  If an algorithm is capable of
 signing and encryption and such a subkey is desired, a @code{usage}
 string must be given.  This string is either ``default'' or ``-'' to
-keep the default or a comma delimited list of keywords: ``sign'' for a
-signing subkey, ``auth'' for an authentication subkey, and ``encr''
-for an encryption subkey (``encrypt'' can be used as alias for
-``encr'').  The valid combinations depend on the algorithm.
+keep the default or a comma delimited list (or space delimited list)
+of keywords: ``sign'' for a signing subkey, ``auth'' for an
+authentication subkey, and ``encr'' for an encryption subkey
+(``encrypt'' can be used as alias for ``encr'').  The valid
+combinations depend on the algorithm.
 
 The @code{expire} argument can be used to specify an expiration date
-for the subkey.  Several formats are supported; commonly the ISO
-YYYY-MM-DD format is used.  The values ``never'', ``none'', or ``-''
-can be used for no expiration date.
+for the key.  Several formats are supported; commonly the ISO formats
+``YYYY-MM-DD'' or ``YYYYMMDDThhmmss'' are used.  To make the key
+expire in N seconds, N days, N weeks, N months, or N years use
+``seconds=N'', ``Nd'', ``Nw'', ``Nm'', or ``Ny'' respectively.  Not
+specifying a value, or using ``-'' results in a key expiring in a
+reasonable default interval.  The values ``never'', ``none'' can be
+used for no expiration date.
 
 @item --generate-key
 @opindex generate-key
diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm
index c0007d4..7ede5e9 100755
--- a/tests/openpgp/quick-key-manipulation.scm
+++ b/tests/openpgp/quick-key-manipulation.scm
@@ -121,6 +121,10 @@
  '(()
    (- - -)
    (default default never)
+   (rsa "sign auth encr" "seconds=600") ;; GPGME uses this
+   (rsa "auth,encr" "2") ;; "without a letter, days is assumed"
+   (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105"
+   (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105"
    (rsa sign "2d")
    (rsa1024 sign "2w")
    (rsa2048 encr "2m")
@@ -136,6 +140,35 @@
   (lambda (subkey)
     (assert (= 1 (:alg subkey)))
     (assert (string-contains? (:cap subkey) "s"))
+    (assert (string-contains? (:cap subkey) "a"))
+    (assert (string-contains? (:cap subkey) "e"))
+    (assert (time-matches? (+ (get-time) 600)
+			   (string->number (:expire subkey))
+			   (minutes->seconds 5))))
+  (lambda (subkey)
+    (assert (= 1 (:alg subkey)))
+    (assert (string-contains? (:cap subkey) "a"))
+    (assert (string-contains? (:cap subkey) "e"))
+    (assert (time-matches? (+ (get-time) (days->seconds 2))
+			   (string->number (:expire subkey))
+			   (minutes->seconds 5))))
+  (lambda (subkey)
+    (assert (= 1 (:alg subkey)))
+    (assert (string-contains? (:cap subkey) "s"))
+    (assert (time-matches? 4260207600 ;; 2105-01-01
+			   (string->number (:expire subkey))
+			   ;; This is off by 12h, but I guess it just
+			   ;; choses the middle of the day.
+			   (days->seconds 1))))
+  (lambda (subkey)
+    (assert (= 1 (:alg subkey)))
+    (assert (string-contains? (:cap subkey) "s"))
+    (assert (time-matches? 4260254100 ;; UTC 2105-01-01 11:55:00
+			   (string->number (:expire subkey))
+			   (minutes->seconds 5))))
+  (lambda (subkey)
+    (assert (= 1 (:alg subkey)))
+    (assert (string-contains? (:cap subkey) "s"))
     (assert (time-matches? (+ (get-time) (days->seconds 2))
 			   (string->number (:expire subkey))
 			   (minutes->seconds 5))))

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

More information about the Pkg-gnupg-commit mailing list