mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-31 11:41:32 +01:00
* main.h, keygen.c (parse_expire_string, ask_expire_interval), sign.c
(sign_file, clearsign_file, sign_symencrypt_file), g10.c (main), keyedit.c (sign_uids): Use seconds rather than days internally to calculate expiration. We no longer need the day-based code as we don't generate v3 keys.
This commit is contained in:
parent
10f51e0714
commit
89c844bd3a
@ -1,5 +1,11 @@
|
||||
2005-05-06 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* main.h, keygen.c (parse_expire_string, ask_expire_interval),
|
||||
sign.c (sign_file, clearsign_file, sign_symencrypt_file), g10.c
|
||||
(main), keyedit.c (sign_uids): Use seconds rather than days
|
||||
internally to calculate expiration. We no longer need the
|
||||
day-based code as we don't generate v3 keys.
|
||||
|
||||
* sign.c (sign_file, clearsign_file, sign_symencrypt_file): Use
|
||||
the default sig expire value when signing in batchmode.
|
||||
|
||||
|
@ -2234,7 +2234,7 @@ main( int argc, char **argv )
|
||||
case oDefSigExpire:
|
||||
if(*pargs.r.ret_str!='\0')
|
||||
{
|
||||
if(parse_expire_string(pargs.r.ret_str)==-1)
|
||||
if(parse_expire_string(pargs.r.ret_str)==(u32)-1)
|
||||
log_error(_("`%s' is not a valid signature expiration\n"),
|
||||
pargs.r.ret_str);
|
||||
else
|
||||
@ -2246,7 +2246,7 @@ main( int argc, char **argv )
|
||||
case oDefCertExpire:
|
||||
if(*pargs.r.ret_str!='\0')
|
||||
{
|
||||
if(parse_expire_string(pargs.r.ret_str)==-1)
|
||||
if(parse_expire_string(pargs.r.ret_str)==(u32)-1)
|
||||
log_error(_("`%s' is not a valid signature expiration\n"),
|
||||
pargs.r.ret_str);
|
||||
else
|
||||
|
@ -865,7 +865,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
|
||||
if(opt.ask_cert_expire)
|
||||
duration=ask_expire_interval(1,opt.def_cert_expire);
|
||||
else
|
||||
duration=parse_expire_string(opt.def_cert_expire)*86400L;
|
||||
duration=parse_expire_string(opt.def_cert_expire);
|
||||
}
|
||||
|
||||
if(duration)
|
||||
|
107
g10/keygen.c
107
g10/keygen.c
@ -1503,46 +1503,39 @@ ask_keysize( int algo )
|
||||
|
||||
|
||||
/****************
|
||||
* Parse an expire string and return it's value in days.
|
||||
* Returns -1 on error.
|
||||
* Parse an expire string and return its value in seconds.
|
||||
* Returns (u32)-1 on error.
|
||||
* This isn't perfect since scan_isodatestr returns unix time, and
|
||||
* OpenPGP actually allows a 32-bit time *plus* a 32-bit offset.
|
||||
* Because of this, we only permit setting expirations up to 2106, but
|
||||
* OpenPGP could theoretically allow up to 2242. I think we'll all
|
||||
* just cope for the next few years until we get a 64-bit time_t or
|
||||
* similar.
|
||||
*/
|
||||
int
|
||||
u32
|
||||
parse_expire_string( const char *string )
|
||||
{
|
||||
int mult;
|
||||
u32 abs_date=0;
|
||||
u32 curtime = make_timestamp();
|
||||
int valid_days;
|
||||
u32 seconds,abs_date=0,curtime = make_timestamp();
|
||||
|
||||
if( !*string )
|
||||
valid_days = 0;
|
||||
else if( (abs_date = scan_isodatestr(string)) && abs_date > curtime ) {
|
||||
/* This calculation is not perfectly okay because we
|
||||
* are later going to simply multiply by 86400 and don't
|
||||
* correct for leapseconds. A solution would be to change
|
||||
* the whole implemenation to work with dates and not intervals
|
||||
* which are required for v3 keys.
|
||||
*/
|
||||
valid_days = abs_date/86400-curtime/86400+1;
|
||||
}
|
||||
else if( (mult=check_valid_days(string)) ) {
|
||||
valid_days = atoi(string) * mult;
|
||||
if( valid_days < 0 || valid_days > 39447 )
|
||||
valid_days = 0;
|
||||
}
|
||||
else {
|
||||
valid_days = -1;
|
||||
}
|
||||
return valid_days;
|
||||
seconds = 0;
|
||||
else if( (abs_date = scan_isodatestr(string)) && abs_date > curtime )
|
||||
seconds = abs_date - curtime;
|
||||
else if( (mult=check_valid_days(string)) )
|
||||
seconds = atoi(string) * 86400L * mult;
|
||||
else
|
||||
seconds=(u32)-1;
|
||||
|
||||
return seconds;
|
||||
}
|
||||
|
||||
/* object == 0 for a key, and 1 for a sig */
|
||||
u32
|
||||
ask_expire_interval(int object,const char *def_expire)
|
||||
{
|
||||
u32 interval;
|
||||
char *answer;
|
||||
int valid_days=0;
|
||||
u32 interval = 0;
|
||||
|
||||
switch(object)
|
||||
{
|
||||
@ -1603,38 +1596,38 @@ ask_expire_interval(int object,const char *def_expire)
|
||||
}
|
||||
cpr_kill_prompt();
|
||||
trim_spaces(answer);
|
||||
valid_days = parse_expire_string( answer );
|
||||
if( valid_days < 0 ) {
|
||||
tty_printf(_("invalid value\n"));
|
||||
continue;
|
||||
}
|
||||
interval = parse_expire_string( answer );
|
||||
if( interval == (u32)-1 )
|
||||
{
|
||||
tty_printf(_("invalid value\n"));
|
||||
continue;
|
||||
}
|
||||
|
||||
if( !valid_days )
|
||||
if( !interval )
|
||||
{
|
||||
tty_printf((object==0)
|
||||
? _("Key does not expire at all\n")
|
||||
: _("Signature does not expire at all\n"));
|
||||
interval = 0;
|
||||
}
|
||||
else {
|
||||
interval = valid_days * 86400L;
|
||||
|
||||
tty_printf(object==0
|
||||
? _("Key expires at %s\n")
|
||||
: _("Signature expires at %s\n"),
|
||||
asctimestamp((ulong)(curtime + interval) ) );
|
||||
/* FIXME: This check yields warning on alhas: Write a
|
||||
configure check and to this check here only for 32 bit
|
||||
machines */
|
||||
if( (time_t)((ulong)(curtime+interval)) < 0 )
|
||||
tty_printf(_("Your system can't display dates beyond 2038.\n"
|
||||
"However, it will be correctly handled up to 2106.\n"));
|
||||
}
|
||||
else
|
||||
{
|
||||
tty_printf(object==0
|
||||
? _("Key expires at %s\n")
|
||||
: _("Signature expires at %s\n"),
|
||||
asctimestamp((ulong)(curtime + interval) ) );
|
||||
/* FIXME: This check yields warning on alhas: Write a
|
||||
configure check and to this check here only for 32 bit
|
||||
machines */
|
||||
if( (time_t)((ulong)(curtime+interval)) < 0 )
|
||||
tty_printf(_("Your system can't display dates beyond 2038.\n"
|
||||
"However, it will be correctly handled up to 2106.\n"));
|
||||
}
|
||||
|
||||
if( cpr_enabled() || cpr_get_answer_is_yes("keygen.valid.okay",
|
||||
_("Is this correct? (y/N) ")) )
|
||||
break;
|
||||
}
|
||||
|
||||
m_free(answer);
|
||||
return interval;
|
||||
}
|
||||
@ -2206,21 +2199,25 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
|
||||
|
||||
/* make KEYEXPIRE from Expire-Date */
|
||||
r = get_parameter( para, pEXPIREDATE );
|
||||
if( r && *r->u.value ) {
|
||||
i = parse_expire_string( r->u.value );
|
||||
if( i < 0 ) {
|
||||
if( r && *r->u.value )
|
||||
{
|
||||
u32 seconds;
|
||||
|
||||
seconds = parse_expire_string( r->u.value );
|
||||
if( seconds == (u32)-1 )
|
||||
{
|
||||
log_error("%s:%d: invalid expire date\n", fname, r->lnr );
|
||||
return -1;
|
||||
}
|
||||
r->u.expire = i * 86400L;
|
||||
}
|
||||
r->u.expire = seconds;
|
||||
r->key = pKEYEXPIRE; /* change hat entry */
|
||||
/* also set it for the subkey */
|
||||
r = m_alloc_clear( sizeof *r + 20 );
|
||||
r->key = pSUBKEYEXPIRE;
|
||||
r->u.expire = i * 86400L;
|
||||
r->u.expire = seconds;
|
||||
r->next = para;
|
||||
para = r;
|
||||
}
|
||||
}
|
||||
|
||||
if( !!outctrl->pub.newfname ^ !!outctrl->sec.newfname ) {
|
||||
log_error("%s:%d: only one ring name is set\n", fname, outctrl->lnr );
|
||||
|
@ -165,7 +165,7 @@ void keyedit_menu( const char *username, STRLIST locusr,
|
||||
void show_basic_key_info (KBNODE keyblock);
|
||||
|
||||
/*-- keygen.c --*/
|
||||
int parse_expire_string(const char *string);
|
||||
u32 parse_expire_string(const char *string);
|
||||
u32 ask_expire_interval(int object,const char *def_expire);
|
||||
u32 ask_expiredate(void);
|
||||
void generate_keypair( const char *fname, const char *card_serialno,
|
||||
|
@ -749,7 +749,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
|
||||
if(opt.ask_sig_expire && !opt.batch)
|
||||
duration=ask_expire_interval(1,opt.def_sig_expire);
|
||||
else
|
||||
duration=parse_expire_string(opt.def_sig_expire)*86400L;
|
||||
duration=parse_expire_string(opt.def_sig_expire);
|
||||
}
|
||||
|
||||
if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
|
||||
@ -1019,7 +1019,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
|
||||
if(opt.ask_sig_expire && !opt.batch)
|
||||
duration=ask_expire_interval(1,opt.def_sig_expire);
|
||||
else
|
||||
duration=parse_expire_string(opt.def_sig_expire)*86400L;
|
||||
duration=parse_expire_string(opt.def_sig_expire);
|
||||
}
|
||||
|
||||
if( (rc=build_sk_list( locusr, &sk_list, 1, PUBKEY_USAGE_SIG )) )
|
||||
@ -1178,7 +1178,7 @@ sign_symencrypt_file (const char *fname, STRLIST locusr)
|
||||
if(opt.ask_sig_expire && !opt.batch)
|
||||
duration=ask_expire_interval(1,opt.def_sig_expire);
|
||||
else
|
||||
duration=parse_expire_string(opt.def_sig_expire)*86400L;
|
||||
duration=parse_expire_string(opt.def_sig_expire);
|
||||
}
|
||||
|
||||
rc = build_sk_list (locusr, &sk_list, 1, PUBKEY_USAGE_SIG);
|
||||
|
Loading…
x
Reference in New Issue
Block a user